CCS API – Detailed Design

Version: 0.2
11th Dec 2018
Document Control Information

Document Information
Document Identification CCS-API-v1

Document Name CCS API Detail Design

Project Name Credit Card Service

Client RACV

Document Author
Document Version V0.2

Document Status
Date Released 11-Dec-2018

Document Edit History

Version Date Additions/Modifications Prepared/Revised by
v0.1 11-Dec-2018 Initial version A. Sharma
v0.2 09-Jan-2018 Added onlinetransaction-api M. Singh

Document Review/Approval History

Date Name Organization/Title Comments
< dd-mmm-yyyy > <Name> <Organization/Title> <Comments>

Distribution of Final Document

The following people are designated recipients of the final version of this document:

Name Organization/Title
Table of Contents

1 PURPOSE OF DOCUMENT ........................................................................................................ 6

2 SCOPE ......................................................................................................................................... 6
2.1 IN-SCOPE ................................................................................................................................... 6
2.2 OUT-OF-SCOPE .......................................................................................................................... 6
3 REFERENCES ............................................................................................................................. 6
4 SYSTEM PARTICIPANTS ............................................................................................................ 6
5 ASSUMPTIONS ............................................................................................................................ 7
6 DEPENDENCIES.......................................................................................................................... 7
7 SOLUTION CONTEXT ................................................................................................................. 7
8 CCS API SPECIFICATIONS ........................................................................................................ 7
8.1 API ARCHITECTURE .................................................................................................................... 9
9 PAPI – ADD CHARGE CARD .................................................................................................... 10
9.1 INTERACTION ............................................................................................................................ 10
9.1.1 Scenario 1: ReferenceTpCd = 1000 ............................................................................... 10
9.1.2 Scenario 2: ReferenceTpCd = 1002/1001...................................................................... 10
9.2 FUNCTIONAL OVERVIEW ............................................................................................................ 11
9.3 API SPECIFICATION................................................................................................................... 12
9.4 API TO HUB MAPPING – MODIFY PARTY REQUEST .................................................................... 12
9.5 API TO CCS DATABASE MAPPINGS ............................................................................................ 13
9.6 ADD CHARGE CARD RESPONSE MAPPINGS ................................................................................. 13
10 PAPI – DELETE BY REFERENCE ID ........................................................................................ 14
10.1 INTERACTION ............................................................................................................................ 14
10.1.1 Token retrieved against reference id is associated with just one transaction: ................ 14
10.1.2 Token retrieved against reference id is associated with multiple transactions: .............. 15
10.2 FUNCTIONAL OVERVIEW ............................................................................................................ 16
10.3 API SPECIFICATION................................................................................................................... 16
10.4 API TO SECURE PAY MAPPINGS ................................................................................................ 16
10.5 DELETE BY REFERENCE ID RESPONSE MAPPING ........................................................................ 17
11 PAPI – ONLINE TRANSACTION API......................................................................................... 17
11.1 MAKEPAYMENT: ........................................................................................................................ 18

11.1.1 Interaction ........................................................................................................................ 18

11.1.2 Functional Overview ........................................................................................................ 18
11.1.3 API Specification ............................................................................................................. 18
11.1.4 Mappings ......................................................................................................................... 19
11.2 MAKEREFUND: .......................................................................................................................... 19

11.2.1 Interaction ........................................................................................................................ 19

11.2.2 Functional Overview ........................................................................................................ 19
 11.2.3 API Specification ............................................................................................................. 20
11.2.4 Mappings ......................................................................................................................... 20
12 PAPI – SAP CONNECT API ....................................................................................................... 20
12.1 INTERACTION ............................................................................................................................ 20
12.2 FUNCTIONAL OVERVIEW ............................................................................................................ 20
12.3 API SPECIFICATION................................................................................................................... 20
12.4 MAPPINGS ................................................................................................................................ 21
13 PAPI – SAP PROCESS API ....................................................................................................... 21
13.1 INTERACTION ............................................................................................................................ 21
13.2 FUNCTIONAL OVERVIEW ............................................................................................................ 21
13.3 API SPECIFICATION................................................................................................................... 21
13.4 MAPPINGS ................................................................................................................................ 22
14 PAPI – GET POST FORM API ....................................... ERROR! BOOKMARK NOT DEFINED.
14.1 INTERACTION ............................................................................ ERROR! BOOKMARK NOT DEFINED.
14.2 FUNCTIONAL OVERVIEW ............................................................ ERROR! BOOKMARK NOT DEFINED.
14.3 API SPECIFICATION................................................................... ERROR! BOOKMARK NOT DEFINED.
14.4 MAPPINGS ................................................................................ ERROR! BOOKMARK NOT DEFINED.
15 PAPI – GET MMO FORM API ........................................ ERROR! BOOKMARK NOT DEFINED.
15.1 INTERACTION ............................................................................ ERROR! BOOKMARK NOT DEFINED.
15.2 FUNCTIONAL OVERVIEW ............................................................ ERROR! BOOKMARK NOT DEFINED.
15.3 API SPECIFICATION................................................................... ERROR! BOOKMARK NOT DEFINED.
15.4 MAPPINGS ................................................................................ ERROR! BOOKMARK NOT DEFINED.
16 PAPI – PBTM API ....................................................................................................................... 24
16.1 INTERACTION ............................................................................................................................ 25
16.2 FUNCTIONAL OVERVIEW ............................................................................................................ 25
16.3 API SPECIFICATION................................................................................................................... 25
16.4 MAPPINGS ................................................................................................................................ 25
17 SAPI – RPD AND DB2 CONNECTION: ..................................................................................... 25
18 SAPI- NAB CONNECT: .............................................................................................................. 25
19 STATUS CODES ........................................................................................................................ 25
20 APPENDIX A - CLOUD HUB POLICIES .................................................................................... 26
20.1 CLIENT ID ENFORCEMENT ......................................................................................................... 26
20.2 CORS ..................................................................................................................................... 26
20.3 JSON THREAT PROTECTION ..................................................................................................... 26
20.4 RATE LIMITING .......................................................................................................................... 26
20.5 THROTTLING ............................................................................................................................. 26
21 PAPI – SURCHARGE DETAILS API .......................................................................................... 27
21.1 INTERACTION ............................................................................................................................ 27
21.2 FUNCTIONAL OVERVIEW ............................................................................................................ 27
21.3 API SPECIFICATION................................................................................................................... 27
21.4 Mappings 28
1 Purpose of Document
The purpose of this document is to specify the Credit Card service (CCS) with its operations.

2 Scope

2.1 In-Scope
 Functions: CC entry, CC payments, batch payment conversions, CC deletions.
 Systems: SCV, RPD, SAP, MMO, Hub, CC service.
 RACV Lines of Business: ERA, EHA, Insurance, Club, Resorts, Membership.
 External Parties: SecurePay, NAB.

2.2 Out-of-Scope
 ReferenceTpCd codes 1986,1122,1003,1004 and 1005 for add charge card.
 Key Rotation Service
 Online Pre-Authorization Service
 DeleteByTemporary-service
 SAP Connect API.
 Make SAP Payment
 Get Payment Form
 Online Refunds

3 References
This document must be read in conjunction with the following high-level documents.
Document Name Version Author Description
CCS functions v0.1.pptx 0.1 <description>

4 System Participants
System Type Description
CCS API Description
Database Consumer
HUB Wrapper Data Provider Description
NAB
MMO
SCV
SAP
5 Assumptions
Id Description
A1
A2
A3
A4
A5

6 Dependencies
Id Description
CCS DB The DB2 database for CCS
CUST DB
HUB Wrapper The MQ wrapper to interact with RPD
Secure Pay Gateway to connect to NAB system

7 Solution Context
The diagram depicts the dependencies required by CCS API.
External consumers (MMO, SCV and SALESFORCE) would be calling ccs-exp-api(experience)
running in CloudHub, whereas internal consumers can connect directly to experience APIs.
The IAG will connect directly to the pbtm-prc-api running on cloudhub.

8 CCS API Specifications

At high level, CCS API structure is outlined below
 Resources Layer Verb URI

exp- ccs-api xAPI POST /{version}/api/*

prc-addchargecard-api pAPI POST /api/addChargeCard

prc-deletebyreferenceid-api pAPI DELETE /api/deleteByRefrenceID

prc-deletetemporary-api pAPI DELETE /api/deleteTemporary
prc-onlinetrasaction-api
pAPI POST /api/makePayment

POST /api/ccsDBInsert
PUT /api/ccsDBUpdate
DELETE /api/ccsDBDelete
sys-rpd-db2- api sAPI POST /api/ccsDBSelect
POST /api/modifyParty
DELETE /api/deleteParty

DELETE /api/nabDelete
sys-nabconnect-api sAPI POST /api/nabTransaction

prc-getpostform-api pAPI POST /api/getpostform

prc-getmmoform-api pAPI POST /api/getmmoform

prc-surchargedetails-api pAPI POST /api/surcharge

prc-surchargedetails-api pAPI GET /api/retrieval

8.1 API Architecture
We follow a three tier API architecture
 System API: System APIs provides a means of accessing the underlying systems of
record and exposing the data, while providing downstream insulation from any interface
changes or rationalization of those systems. System API should serve the purpose of
abstracting the logic of storing or fetching any business entity information from the
backend systems. System API should be as lean as possible and hence, highly
reusable.
 Process API: The responsibility of the process api is to combine multiple system API
and provide result to the next channel which is experience api. When we are
creating process API it should be unique and understandable to other and it should
be channel agnostic not channel specific.
 Experience API: Experience APIs are the means by which the data can be reconfigured
so that it can be easily consumed by the intended audience from a common source
rather than setting up a point to point integrations for each process/channel.

High level component diagram of three tier architecture is as given below:

9 pAPI – Add Charge Card
Add Charge Card API will facilitate the users of the API to add/Update Card details. This API will be
available to RACV applications for adding/updating the Charge Card details.
The API consumes Hub API for updating the RPD DB.

The Sequence Diagram and high-level component interaction diagram is as given below:

9.1 Interaction
9.1.1 Scenario 1: ReferenceTpCd = 1000

9.1.2 Scenario 2: ReferenceTpCd = 1002/1001

9.2 Functional Overview

This operation is to add/update a charge card in local CCS DB (WPS_REF) and also to
associate the charge card with a party in RPD if requested. This operation will be invoked
after getting direct response from token provider (TP) and a token value.
We will check the CCS db to check if record already exists per the value of parameters in
the request. In case it does we have to perform db Update otherwise a new record needs
to be inserted
Add Request contains request for three types of ReferenceTpCd :
 1000 (RPD Payment Source ID): In this scenario the charge card details will be stored
in CCS DB, and in RPD. For this request, CCS will send modify party request to HUB via
MQ binding. It will invoke its CCSHubWrapper Service to transform modify party
request in cornerstone format. CCSHubWrapper will put the message in request
queue RACV.CS.HUB.REQ and will expect the response. The response will contain the
paymentSourceId. Post the response from hub we shall make a db
insert/update(refer to the DB mappings).
 1002 (No reference): In this scenario CCS, the charge card details will be stored in CCS
DB only(refer to the DB mappings)..
 1001 (SAP Receipt Number): In this scenario CCS, the charge card details will be
stored in CCS DB only(refer to the DB mappings)..
9.3 API Specification
POST /api/addChargeCard
Description Add or update the charge card

HTTP client_id – required

Headers client_secret – required
content-type – application/xml
Experience
API URI
https:// exp-ccs-api-{env}-s1.au.cloudhub.io/api/ccsServices

Direct URI
https:// prc-addchargecard-api-{env}-s1.au.cloudhub.io/api/addChargeCard

Status
Please refer to Status Codes below in the document
Codes

Requests for referenceTpCd values 1000,1001 and 1002

Sample
Request
Req_1000.txt Req_1001.txt Req_1002.txt

Add Charge Card Sample Response referenceTpCd values 1000,1001 and 1002

Sample Response_1000.txt Response_1001.txt Response_1002.txt

Response

9.4 API to HUB Mapping – Modify Party Request

Details of mapping from AddChargeCardRequest to HUB Request (ModifyPartyRequest)

API param HUB Request Parameter Mapping Rules

ModifyPartyRequest Root tag
ownerType partyType
modifyAction To be set to “0”
modifyEntity To be set to “5”
ownerID partyPerson.partyID When ownerType == "P"
cardType partyPerson.chargeCardTypeCode When ownerType == "P"
maskedCardNumber partyPerson.chargeCardNo When ownerType == "P"
Format yyyyMMdd.
cardExpiryDate partyPerson.expiryDate
When ownerType == "P"
nameOnCard partyPerson.onCardName When ownerType == "O"
ownerID partyOrganisation.partyID When ownerType == "O"
 cardType partyOrganisation.chargeCardTypeCode When ownerType == "O"
maskedCardNumber partyOrganisation.chargeCardNo When ownerType == "O"
Format yyyyMMdd ,
cardExpiryDate partyOrganisation.expiryDate
When ownerType == "O"
nameOnCard partyOrganisation.onCardName When ownerType == "O"
serviceHeader.version serviceHeader.version
serviceHeader.requestID serviceHeader.requestID
serviceHeader.createdDT serviceHeader.createdDT
serviceHeader.sourceSystemID serviceHeader.sourceSystemID
serviceHeader.userID serviceHeader.userID
serviceHeader.departmentID serviceHeader.departmentID
serviceHeader.teamID serviceHeader.teamID
serviceHeader.languageCode

9.5 API to CCS Database mappings

modifyPartyRes CCS DB Mapping Rules
ADD ChargeCard
table:CCSCHARGECARD
Request
Columns
CCS_CHARGE_CARD_ID Unique number
sourceSystemCd SOURCE_SYS_TP_CD
refrenceTpCd REFERENCE_TP_CD
modifyPartyResponse. REFERENCE * referenceID.idValue when refrenceTpCd =
psChargeCardID “1001”
when refrenceTpCd *psChargeCardID from modifyPartyResponse
idValue in add when
chargeCardRequest is refrenceTpCd = “1000”
“1000” * “0” when refrenceTpCd = “1002”

TOKEN (referenceID.idValue for idType “1003”) when

idValue refrenceTpCd = “1000” and “1002”
“0” when refrenceTpCd = “1001”
maskedCardNumber MASKED_CARD
isTemporaryFlag TEMP_CARD_CODE “Y” if isTemporaryFlag = true otherwise “N”
START_DT Current date as format “yyyy-MM-dd
HH:mm:ss” . START_DT to be populated only
in case of Insert scenario. This DB column is
not to be updated in case of Update scenario
LAST_UPDATE_DT Current date as format “yyyy-MM-dd
HH:mm:ss”
LAST_UPDATE_USER serviceHeader.userID
LAST_UPDATE_TX_ID Unique sequence number

9.6 Add charge card Response Mappings

Details of Add charge card response
AddChargeCardResponse

ADD ChargeCard modifyPartyRes Add ChargeCard Response Mapping Rules

Request
AddChargeCardResponse Root tag
serviceHeader serviceHeader
ownerType chargeCardDetails.ownerType
ownerID chargeCardDetails.ownerID
refrenceTpCd chargeCardDetails.refrenceTpCd
referenceID.idType referenceID.idType {
modifyPartyResponse. referenceID.idValue idType=”1003”,
psChargeCardID idValue= idValue from request
referenceID. when refrenceTpCd where idType = 1003
idValue in add } when referenceTpCd =”1002”
chargeCardRequest is -------------------------------------------
“1000” -------
{idType=”1001”,
idValue= idValue from request
where idType = 1001
} when referenceTpCd =”1001”
-------------------------------------------
------
{idType=”1000”,
idValue=ModifyPartyResponse.
.paymentSourceChardeCard.
psChargeCardID
},
{idType=”1003”,
idValue= idValue from request
where idType = 1003
}
when referenceTpCd =”1000”
isTemporaryFlag isTemporaryFlag
cardType cardType
maskedCardNumber maskedCardNumber
cardExpiryDate cardExpiryDate
nameOnCard nameOnCard
ReturnType
ReturnCode
ReturnText

10 pAPI – Delete by Reference Id

10.1 Interaction

10.1.1 Token retrieved against reference id is associated with just one transaction:
10.1.2 Token retrieved against reference id is associated with multiple transactions:
10.2 Functional Overview
This API is used for deleting charge card from CC database. It will delete the CC details by
passing reference number. This CC service will further invoke SecurePay to delete CC from
its vault if applicable.
When a charge card is deleted from RPD, this API is to delete that record from CCS DB and TP vault.
It will be invooked passing referenceTpCd and reference value in the request.
Prc-deletebyreference-api will fetch record based on these two parameters from CCS DB. It checks
whether token value of this fetched record is associated to any other record also
 If not associated send delete request to SecurePay for deletion of CC. On successful response
from SecurePay it deletes the record physically from CCS DB also. To delete the charge card
from SecurePay, API will send a NAB XML request to secure pay URL.
 If token value is associated to any other record also, then delete this record from CCS DB
Only.
This operation returns the final response with successfully deletion of reference.

10.3 API Specification

POST /api/deleteByRefrenceID
Description Delete the record from CCS DB and secure pay on the basis of reference Id

client_id – required if connecting via CloudHub (Proxy)

HTTP Headers
client_secret – required if via CloudHub (Proxy)

Base URI
https:// exp-ccs-api-{env}-s1.au.cloudhub.io/api/ccsServices
(exp api uri)
Base URI
https://prc-deletebyreferenceid-api-{env}.au/api/deleteByRefrenceID
(direct uri)

Status Codes Please refer to Status Codes below in the document

SampleRequest
Request.txt

Sample
Response Response.txt

10.4 API to Secure Pay Mappings

Details of mapping for secure pay (NABTransactMessage)
 Secure pay xml Mapping Rules
NABTransactMessage Root tag
messageID Unique uuid
messageTimestamp Unique uuid same as messageID
timeoutValue hardcode to ‘60’
apiVersion e.g. 71
merchantID Static value “RAV0210”
Fetch the password from
password CONNECTION table on the basis of
merchantID
RequestType Hardcode to “deleteToken”
Token.TokenList.TokenItem.tokenValue Token obtained from querying ccs db

10.5 Delete by Reference Id Response Mapping

Details of mapping for

deleteBy Example
Referenc
deleteByReferenceID
eID
Response (XML)
Request(
XML)

serviceH
serviceHeader
eader
refrenceT
refrenceTpCd
pCd
reference reference
returnType Hardcode to "S",
returnCode Hardcode to "Success"
returnText Hardcode to "Record Deleted Successfully"
sourceSystemReturnType Hardcode to "S"
sourceSystemReturnCode Hardcode to "Success"
sourceSystemReturnText Hardcode to "Record Deleted Successfully"
sourceSystemIdentifier Hardcode to "CCS"

11 pAPI – Online transaction API

11.1 makePayment:

11.1.1 Interaction

11.1.2 Functional Overview

To make payment against a charge card this service is invoked. The request contains either token
value or a particular reference value. If token value is not present in the request CCS fetches token
value associated with that Reference value from CCS DB.
CCS creates a NAB XML API request and sends it to TP (secure pay) for doing payment. CCS upon
receiving response will remove all the unwanted/unexpected fields from the response (if any). The TP
response will be passed to calling application.
CCS logs all the incoming and outgoing transaction of this operation including NAB request/response
messages in HUB_RT database tables.
In case of any code exception, it will stop doing further transaction and will send an email via email
adapter to configured email addresses.

11.1.3 API Specification

POST /api/makePayment
Description To make payment against a charge card

client_id – required if connecting via CloudHub (Proxy)

HTTP Headers
client_secret – required if via CloudHub (Proxy)

Base URI
https://exp-ccs-api-{env}-s1.au.cloudhub.io/api/makePayment
(exp api uri)
Base URI
https://prc-onlinetransaction-api-{env}.au/api/makePayment
(direct uri)

Status Codes Please refer to Status Codes below in the document

 SampleRequest
request.xml

Sample
Response response.xml

11.1.4 Mappings

makePayment_map
pings.xlsx

11.2 makeRefund:

11.2.1 Interaction

11.2.2 Functional Overview

To refund any payment against a charge card this service is invoked.

CCS creates a NAB XML API request and sends it to TP (secure pay) for doing payment. CCS upon
receiving response will remove all the unwanted/unexpected fields from the response (if any). The TP
response will be passed to calling application.
CCS logs all the incoming and outgoing transaction of this operation including NAB request/response
messages in HUB_RT database tables.
In case of any code exception, it will stop doing further transaction and will send an email via email
adapter to configured email addresses.
11.2.3 API Specification

POST /api/
Description

client_id – required if connecting via CloudHub (Proxy)

HTTP Headers
client_secret – required if via CloudHub (Proxy)

Base URI
https://exp-ccs-api-{env}-s1.au.cloudhub.io/api/makeRefund
(exp api uri)
Base URI
https://prc-onlinetransaction-api-{env}.au/api/makeRefund
(direct uri)

Status Codes Please refer to Status Codes below in the document

SampleRequest
request.xml

Sample
Response response.xml

11.2.4 Mappings

makeRefund_mappi
ngs.xlsx

12 pAPI – SAP Connect API

12.1 Interaction
12.2 Functional Overview

12.3 API Specification

POST /api/
Description

HTTP Headers client_id – required if connecting via CloudHub (Proxy)

client_secret – required if via CloudHub (Proxy)
 Base URI
(exp api uri)
Base URI
(direct uri)

Status Codes Please refer to Status Codes below in the document

SampleRequest

Sample
Response

12.4 Mappings

13 pAPI – SAP Process API

13.1 Interaction
13.2 Functional Overview

13.3 API Specification

POST /api/
Description

client_id – required if connecting via CloudHub (Proxy)

HTTP Headers
client_secret – required if via CloudHub (Proxy)

Base URI
(exp api uri)
Base URI
(direct uri)

Status Codes Please refer to Status Codes below in the document

SampleRequest

Sample
Response
13.4 Mappings

14 pAPI – Get Post Form API

14.1 Interaction

14.2 Functional Overview

This API is used to generate a Post form based on the request parameters passed by the user and
based on the request this api generates an encrypted form and fingerprint details in response.

14.3 API Specification

POST /api/getpostform
Description Generate a PostForm

HTTP client_id – required

Headers client_secret – required
content-type – application/xml
Experience
API URI
https://prc-getpostform-api.{env}-s1.cloudhub.io/getpostform

Direct URI
https://prc-getpostform-api.{env}-s1.cloudhub.io/getpostform

Status
Please refer to Status Codes below in the document
Codes
 Sample
Request getPostFormReque getPostFormReque
st-club.xml st.xml

GetPostFormRespo
Sample nse.xml
Response

14.4 Mappings

GetPostForm
Mappings.xlsx

15 pAPI – Get MMO Form API

15.1 Interaction
15.2 Functional Overview
This API is used to generate a MMO form based on the request parameters passed by the user and
based on the request this api generates an encrypted form and fingerprint details in response.

15.3 API Specification

POST /api/getmmoform
Description Generate a MMO Form

client_id – required
HTTP Headers
client_secret – required
content-type – application/xml
Base URI
https://prc-getmmoform-api.{env}-s1.cloudhub.io/getmmoform
(exp api uri)
Base URI
https://prc-getmmoform-api.{env}-s1.cloudhub.io/getmmoform
(direct uri)

Status Codes Please refer to Status Codes below in the document

SampleRequest
GetMMORequest.x
ml

Sample
Response GetMMOResponse.
xml

15.4 Mappings

Get MMOForm
Mappings.xlsx

16 pAPI – PBTM API

16.1 Interaction
16.2 Functional Overview

16.3 API Specification

POST /api/
Description

client_id – required if connecting via CloudHub (Proxy)

HTTP Headers
client_secret – required if via CloudHub (Proxy)

Base URI
(exp api uri)
Base URI
(direct uri)

Status Codes Please refer to Status Codes below in the document

SampleRequest

Sample
Response

16.4 Mappings

17 sAPI – rpd and DB2 connection:

This is a system API and its sole purpose is to interact with DB2 and HUB wrapper(wrapper for RPD
interaction).
System APIs act as an interface between process apis and the backend systems.

18 sAPI- NAB Connect:

The sys-nabconnect-api is used to interact with NAB system. The processes that involves payment
and the deletion of credit cards interact with NAB through this API

19 Status Codes

Error Codes
200 Status Code API responds successfully with a positive response.
 400 Status Code Bad request

404 Status Code Resource not found

405 Status Code Method not allowed

406 Status Code Not acceptable

415 Status Code Unsupported Media type

500 Status Code Any other business or technical error

20 Appendix A - Cloud Hub Policies

20.1 Client ID Enforcement

All calls to the API must include a client ID and client secret for an application/consumer that is
registered to use the API. They are to be supplied as HTTP Headers otherwise 403 Forbidden status
code will be returned.

Env HTTP Header Key Password Notes

QA client_id be9ffcdfa77d40039d912391de9e9b80
QA client_secret Not included for security reasons speak to CloudHub administrator

Env HTTP Header Key Password Notes

QA client_id 6e693647930e4c96a2d15f253c2007fe
QA client_secret Not included for security reasons speak to CloudHub administrator

20.2 CORS
CORS (Cross-origin resource sharing) is a standard mechanism that allows JavaScript
XMLHttpRequest (XHR) calls executed in a web page to interact with resources from non-origin
domains.
CORS is a commonly implemented solution to the "same-origin policy" that is enforced by all
browsers.

20.3 JSON Threat Protection

Protects against malicious JSON in API requests.

20.4 Rate Limiting

Specifies the maximum value for the number of messages processed per time period, and rejects any
messages beyond the maximum.

20.5 Throttling
Throttles the number of messages per time period processed by an API. Queues any messages
beyond the maximum for later processing.
21 pAPI – Surcharge Details API

21.1 Interaction

21.2 Functional Overview

This API is used to retrieve all the Surcharge details for cards present in CCS db and also to perform
CRUD operation i.e. Insert, update, delete the Surcharge details in DB.
1. In retrieval, it will give a json response for the cards present in CCS
2. In crud operations, it will give a successfully message i.e. surcharge details updated or
Inserted or deleted successfully.

21.3 API Specification

POST /api/getsurchargedetails & GET /api/retrieval
Description Insert, Update, Delete & Retrieve Surcharge Details in CCS DB

client_id – required
HTTP Headers
client_secret – required
content-type – application/xml for CRUD Operations only
Base URI https://prc-surchargedetails-api-sit.au-s1.cloudhub.io/api/retrieval -Retrieve
(exp api uri) https://prc-surchargedetails-api-sit.au-s1.cloudhub.io/api/surcharge - Crud Operations
Base URI https://prc-surchargedetails-api-sit.au-s1.cloudhub.io/api/retrieval -Retrieve
(direct uri) https://prc-surchargedetails-api-sit.au-s1.cloudhub.io/api/surcharge - Crud Operations
 Status Codes

SampleRequest
SurchargeDetailsRe
quest.xml

Sample
Response
Successful.

21.4 Mappings

Surcharge
Mappings.xlsx