Donor-Advised Funds (DAF)

Sola’s payment gateway supports Donor-Advised Fund (DAF) cards, enabling secure and compliant charitable transactions through various DAF programs, including DonorsFund, OJC, Pledger, and others. Donors can use their DAF-linked cards to initiate charitable contributions, while organizations integrating with Sola can benefit from automated routing and handling based on card type. This streamlines the donation process while ensuring alignment with each DAF provider’s policies.

Recommendation

xCommand = grant:Recommendation

The Grant:Recommendation API call is used to initiate a grant request from a donor’s DAF account to a specific charitable organization. Once submitted, Sola automatically determines the appropriate DAF provider based on the card used and forwards the grant recommendation accordingly.

Void

xCommand = grant:Void

The Grant:Void API call is used to cancel a previously submitted grant recommendation. This function is essential for handling donor corrections, duplicate submissions, or other administrative scenarios. Upon invocation, the request is routed to the appropriate DAF program to halt the grant in accordance with that provider's cancellation policies.

Transactions

3DS Verify

Paths/Formats:

• /verify for form data

• /verifyjson for JSON data

The Verify path is used after a 3DS Step-Up Authentication. See how to implement 3ds on the client side.

Request Body

Response Example

Overview

The Sola API enables developers to process payments using the Sola gateway. Systems integrating with the Sola API can submit API calls using various commands. The API supports many payment methods, including credit cards, ACH, EBT, and gift cards.

To begin building your API integration, create an account for a Sola sandbox — our secure testing environment that mimics the production environment. After signing up, you’ll be able to create user credentials for the Sola Merchant Portal. Once you log in to the Portal, you’ll be able to generate an API key from the Settings menu. Watch our Key Management video or follow the instructions below to obtain a key.

How to Generate Sola Keys

1. Sign in to the Sola Merchant Portal.

2. Select "Account Settings" from the navigation bar.

3. Select "Keys" from the sub-menu.

4. Click "Create a Key" in the top-right corner.

iFields and Transaction API

We recommend using iFields in conjunction with the Transaction API for added security. Sola iFields is an iFrames solution that keeps sensitive card data away from merchant servers while granting you complete control over form layout and design. to learn more about iFields.

The Sola iFields solution utilizes iFrames in which the user enters their credit card and/or ACH information and then uses JavaScript to generate SUTs (single-use tokens) for processing. These features allow the website to remain secure and out-of-scope for PCI compliance while allowing the developer to customize the page layout and design fully.

Cross-Origin Resource Sharing (CORS) Restrictions

This API has Cross-Origin Resource Sharing (CORS) restrictions in place to enhance security. Requests made directly from a web browser client (e.g., JavaScript running in the browser) will be blocked.

Allowed Origins This API only accepts requests from server-side origins. Ensure that your requests originate from a server to successfully interact with the API.

Endpoints

The endpoint section defines the details for accessing and interacting with the Sola transaction API.

Health Check

Method: Always use GET for health checks. Protocol: Secure communication is enforced using https:// Environment: Specifies the targeted environment for the check, such as x1, x2, or b1. The primary environment is x1, with x2 and b1 available as backups.

Domain: The base URL is always cardknox.com Paths: The endpoint path for health checks is /status

Transactions

Method: Always use POST for transaction requests. Protocol: Secure communication is enforced using https:// Environment: The primary environment is x1, with x2 and b1 available as backups. Domain: The base URL is always cardknox.com Paths/Formats: Various paths are supported based on data format requirements:

• /gatewayform for form data

• /gatewayjson for JSON data

• /gatewayxml for XML data

Transaction Types

The endpoints can be found in the following child pages by navigating to the appropriate page:

Transactions

Questions

Can't find what you're looking for? Please contact .

Sola Payments is a complete payment platform that you can tailor to your ambition. Delivered with step-by-step support to power you forward from day one.

How to Integrate with Sola Payments

iFields &

This integration allows developers to build fully custom payment pages while keeping card data secure. iFields generates single-use tokens (SUT) for each transaction, which is then submitted via the Transaction API for processing.

Key Benefits:

• Full control over the user interface and payment experience.

• Secure handling of card data, as sensitive information never touches your servers.

• Flexible API integration that aligns with your system workflows.

Card-on-File & Recurring Payments

Store in Your System

Sola generates tokenized card representations (xToken) that can be safely stored in your database and used for card-on-file or recurring transactions. Ideal for: Platforms with existing customer records that trigger payments programmatically via API.

Create customers, payment methods, and recurring schedules directly within Sola. Sola returns identifiers for customers, payment methods, and schedules, which can be used for card on file transactions or to set up automated schedules that will run independently in the Sola gateway. Ideal for: Systems without a customer database or when you prefer Sola to run recurring billing logic.

Card Present Payments

CloudIM enables seamless integration with Sola devices via a cloud-based API, eliminating the need for physical connections, drivers, or local SDKs. Once the device is connected to the merchant’s network, you can process transactions using simple REST API calls.

Key Benefits:

• No local SDKs, drivers, or complicated setup required.

• Works over the cloud, allowing remote device management.

• Simplifies card-present transaction handling while maintaining PCI compliance.

Sola

Sola’s PayFac API lets marketplaces and multi-merchant platforms onboard and manage sub-merchants under a single master account. Create sub-merchants programmatically, set account- or transaction-level fees, and automate revenue sharing.

Key Benefits:

• API-driven sub-merchant creation and management.

• Route fees to your master account per transaction or account.

• Full visibility and reporting across all sub-merchants.

Credentials

Across all Sola's products we use a key (xKey) to identify on what account to process a specific transaction. Each Sola product doc will guide you where to set the xKey (for example: in the body of the request along with all other parameters, in the request header as “Authorization”, in the app settings etc.). You will have a unique xKey for and production accounts.

Best practices

• Transaction response Transaction responses contain valuable information that you can utilize. The most important one is xResult; this will inform your system if the transaction was approved or declined. xAuthAmount will indicate how much was actually authorized by the bank, so it is a good idea to make sure that it matches the requested amount. By default, transactions will only approve for the full amount. If the full amount is not available, the transaction will be declined. Every transaction will receive a unique xRefnum that is used to identify this unique transaction. It is helpful during troubleshooting and is also used in case of a follow-up transaction (void refund, etc.). It is a good idea to display this xRefNum to the user and add it to receipts. You can find a full list of available response parameters .

• Logs

Vendor Settings (optional)

A Vendor ID is a unique identifier associated with your vendor account. This feature is useful when you will be processing payments across multiple Sola accounts. It allows for specific settings to be configured on your vendor account, and these settings will be applied on transactions that include your Vendor ID in the transaction request. When using this feature, It is optimal to include your vendor ID across all transactions that you process on the Sola gateway.

Setup

Our support team can enable your vendor account and provide you with the ID.

Usage

To use Vendor settings, include the xVendorID = {yourvendorid} in the transactions request.

Features/Benefits

iFields key: Use a single iFields key across all your accounts.

Tokenization: Tokens can be used across accounts.

Licenses: Unlimited device licenses

Tokenization

Tokenization is the process of replacing sensitive payment data with a non-sensitive algorithm-generated string called a token (xToken). Each time you send a card or bank account number with a transaction, the response will include a token represented by xToken.

As a merchant’s significantly increases when storing sensitive data, the best practice is to store the token in your database rather than sensitive data. You use the token for follow-up transactions.

With this approach, sensitive data will not be at risk if a data breach occurs on your local system.

Sola references the payment information on our servers associated with the token sent and processes the transaction. A new token will be returned on every new transaction processed.

You can reuse the original token multiple times. However, you should use the new returned token in the following scenarios:

• If the card has a new expiration date.

• If a response flag indicates, the card was updated/modified.

A token only stores the data sent with a transaction that is necessary to process future transactions. It does not store general customer information such as billing and contact information.

As an example, for a credit card transaction, only the credit card number, expiration date, street address, and zip code (which can be required for Address Verification System (AVS) validation) are stored with the token.

To generate a token for a payment method without processing a transaction, use the save command.

• For credit card transactions: cc:save.

• For check transactions: check:save.

Duplicate Handling

The Sola Gateway automatically blocks a transaction considered a “duplicate” of another transaction based on certain identifying features and if the transactions are within 10 minutes (default timeframe) of each other. The transaction will error with a message of: Duplicate Transaction

Identifying Features:

• Key

• Credit Card Number

• Transaction Amount

• Invoice Number

You can allow the transaction to go through by changing any of the above. Alternatively, you can pass through "xAllowDuplicate = True" in the transaction request.

You can set xDuplicateWindow with the number of minutes on a transaction request to override the default 10-minute timeframe of the duplicate checker.

Batches

Each day, all captured transactions are added to a batch file. Once the batch cutoff time is reached (determined by the processing bank), Sola automatically “batches out”, which sends the related transactions to the bank for settlement. A batch report is available in the Sola portal.

Response Parameters

Transactions that are submitted to the Sola API will return a response with one or more of the fields below. Below are the standard parameters and their values. The field names in parentheses are the fields for the reporting API.

Sandbox Account Testing Info and Triggers

A sandbox account is used to simulate transactions as if it is in production. It is designed to act exactly like a production account. However, there can sometimes be unique account setups where the production account won't match the sandbox account exactly to a T. Therefore, we recommend that you do all your testing in the sandbox account and then doing one final test when going live and swapping out your sandbox key with your production key.

Test Credit Card and Account Numbers

Test credit card and account numbers are available for testing and development. You can use any valid card number to submit transactions while using a sandbox account. The card will not actually be charged as long as you are using your sandbox key. To avoid your system unintentionally going live while still configured with your sandbox credentials, transactions in the sandbox account are limited to $10. You can bypass that limit by using the below numbers.

Triggers

The Sola gateway does not require developers to go through a certification process. We do provide a process to self-certify if developers choose to do so. You can download the Sola.

Overview

This page contains the API documentation for Fraud Submit transactions, in conjunction with FraudWatch. For more information regarding account access, navigate to the Transaction API parent page.

Transactions

Fraud Submit

POST fraud:submit

xCommand = fraud:submit

The Submit command is used in conjunction with a valid FraudWatch account to submit e-commerce transactions for a fraud verification check.

Request Body

For general information about using Swagger UI, refer to .

Swagger URL

Setting up Apple Pay Merchant ID

1. Login to https://portal.solapayments.com/login

2. Navigate to Gateway Settings > Payment Methods

3. Click on “Configure Apple Pay“

Overview

Apple Pay Hosted Checkout is our simple integration that enables online Apple Pay processing through the Sola gateway. This landing page contains all of the links and references needed for setting up and maintaining Apple Pay Hosted Checkout. Please reference the Initial Setup and Apple Pay Hosted Checkout Resources sections below.

Overview

Sola gateway emulators translate third-party payment gateway APIs into the Cardknox/Sola gateway API. This allows transactions to be routed through the existing gateway to Sola without having to build a full integration using the Sola API.

Sola offers gateway emulators for Authorize.Net and USAePay.

To use gateway emulators, you will need to enter in your Sola key and change the gateway URL to Sola's gateway emulator URL.

Overview

This page contains all API documentation for Check (ACH), and ACH-Q transactions. For more information regarding account access, navigate to the Transaction API parent page.

Transactions

Sola provides ACH and ACHQ processing for the transactions listed below (with exception of VoidRefund, which there is only ACHQ processing for). For more information regarding ACHQ, refer to the ACHQ or contact Sola support.

Sale

POST check:sale

xCommand = check:Sale The Check Sale command debits funds from a customer’s checking or savings account using one of the following options:

The merchant must have a supported Check/ACH processing account to use either of these options.

Request Body

Save

POST check:save

xCommand = check:Save The Save command is used to send account information and request a token from Sola but does not submit the transaction for processing. The response returns a token that references the account information. A token at minimum references the account and routing number, but if other data is sent—such as billing address—that will be associated with the token as well.

Request Body

Adjust

POST check:adjust

You can use the Adjust command to update certain fields on a transaction, such as xOrderID. This action will not reprocess the transaction; it will only update the information. Any non-required field can be adjusted.

Request Body

Void

POST check:void

xCommand = check:Void The Void command voids a check transaction that is pending being sent to the bank, typically at the end of each day.

Request Body

Refund

POST check:refund

xCommand = check:Refund The Refund command is used to refund the full amount of a previously settled check transaction, using xRefNum. Partial check refund isn’t supported.

Request Body

VoidRefund

POST check:VoidRefund

xCommand = check:VoidRefund The VoidRefund within the ACHQ tooling is used void a check transaction that is pending being sent to the bank, typically at the end of each day. It also issues a refund. Partial refunds are also supported.

Request Body

Check (ACH) FAQ

Q: How many days does it take to get the ACH status?

A: It typically takes 2-3 days.

Q: How can I get the ACH status?

A: There are a few ways to get the status. Via email, webhook, the Sola Portal, or by pulling a report using our reporting API.

Q: What verbiage comes back from the ACH Status?

A: You should get back the following status codes (xStatus) from Sola:

• 0 (Pending)

• 20 (Rejected)

• 5 (Cancelled)

• 6 (Awaiting Response)

The daily emails may contain more information.

Q: Can we get back a token when using the check MICR?

A: Sola only returns tokens on check transactions that contain the routing and account number. In the event only check images and MICR were submitted, the token is not returned since it can’t be reused on subsequent transactions.

Overview

3-D (Three-Domain) Secure is an e-commerce security protocol that adds a layer of protection to the checkout process by authenticating the cardholder's identity in real-time — resulting in a reduced rate of fraud and fraud-related chargebacks. Authenticated transactions are very unlikely to be fraudulent, and they cannot be disputed by the cardholder as fraudulent.

While the original 3DS technology effectively reduced rates of fraud, it also introduced friction to the checkout experience because customers were often redirected to their issuing bank’s website to verify their identity. Additionally, the original 3DS is not compatible with mobile payments since it was developed before mobile payment usage became mainstream.

To address the drawbacks of 3DS, EMVco developed 3-D Secure 2.0 in 2016. The updated technology improves upon the original 3DS in several key ways:

• Utilizes a Greater Number of Data Points to Authenticate Transactions 3DS2 relies upon a much greater number of transaction-specific data points than the original 3DS, which improves the reliability of authentication and limits customer involvement.

• Embedded, Frictionless Authentication In the event that the customer does have to verify their identity, they will no longer be redirected to a third-party page — instead, they can verify their identity with a passcode or biometric scan right from the checkout page.

• Compatible With Mobile Commerce The new 3-D Secure offers support for iOS and Android SDKs so that merchants can provide a seamless and secure mobile checkout experience.

Contents

Overview

Click-To-Pay Hosted Checkout is our simple integration that enables online Click-To-Pay processing through the Sola gateway. This landing page contains all of the links and references needed for setting up and maintaining Click-To-Pay Checkout Experience.

Please reference the Initial Setup and Click-To-Pay Resources sections below.

Flow

There are three possible scenario:

1. New User In this case Click-To-Pay Experience will be presented as a button

2. Recognized User Consumer’s cards will be displayed

3. Recognized Device An email screen to identify the consumer and load his cards

Click-To-Pay Resources

The following pages can be found by viewing the navigation bar on the left side of the screen.

Overview

In this section we will describe the new Apple Pay features supported by Sola. Please note that every feature is supported starting with certain iOS version. This means that if you requesting a feature (Recurring for example) and it requires iOS 15.4 - Apple Pay button will be shown on consumer devices with iOS 15.4+

Available Features

• Address Validation

• Support Recurring

• Support Subscription - For subscriptions you have to follow

In order to take advantage of any new feature Sola supports, you need to request it through endpoint. The requiredFeatures object contains features from the list.

Apple Pay Request example

The following files need to be publicly accessible on the third-party’s website:

Android

• Host a publicly accessible file named assetlinks.json on the /well-known/assetlinks.json route with the following content:

iOS

• Host a file named apple-app-site-association on the /well-known/apple-app-site-association route with the following content:

  • note: file should not have an extension

The Sola API gives you the ability to generate Quick Response (QR) codes that link to a custom PaymentSITE with pre-filled fields. Running a Sola API call for Sola PaymentSITE will return a QR code that can be used within point-of-sale applications or displayed on signage or reciepts that customers can scan.

Question: Is there a way to specify that only numbers can be entered into a credit card number field or a CVV iFields field? Or can the system generate an error message if the format is not valid?

Answer: As of the v2.6.1912.1301-beta, you can specify an event to trigger a callback-based on events in the iField using the function addIfieldCallback (event, callback). This callback will receive some data about events in the iField, such as whether the card number and/or CVV are valid. The card number validation is based on minimum and maximum lengths and whether it passes the Luhn check. The CVV validation is based on the length, depending on the card issuer.

You can use a callback to prevent the call to get tokens. We recommend you perform the least client-side validation necessary because a mistake in the validation logic could prevent a transaction from being processed when it would otherwise have been approved. See the iField Key Pressed Callback section in the iFields documentation for an example of a callback being used to change the iField style based on whether the data in it is valid.

Payment Engine .NET SDK

Supported Devices: All Sola-supported devices

Benefits:

• Seamless integration with all Sola-supported devices.

Q: Can I run Test transactions with Google Pay?

A: Yes, just follow these steps:

1. Setup your Google Pay Wallet with your real card

Overview

Sola Account Updater identifies customer cards that have expired or are inactive, and then obtains the new card information from the bank. This information is returned to Sola within 10 days of the initial request, at which point it is stored and applied towards any subsequent transactions that are attempted using the previous card (using either the actual data or a Cardknox token).

When a subsequent transaction is processed using updated card information, Sola will indicate this by including xIsUpdatedCard = True in the transaction responses. The data returned in xMaskedCardNumber and xExp will also reflect the updated information, when applicable.

Recurring Billing

Because Account Updater does not provide updated card information instantaneously, we recommend that Merchants wait 5-10 days before retrying a declined transaction in order to ensure that the updated card information is available. In the case of a recurring payment, note that declined recurring payments are retried once a day for 5 consecutive days, and it's very likely that updated card information will be received and successfully retried within this timeframe.

Reporting

When a transaction utilizes Account updater, this is indicated in the reporting in the xCardSource field (as xIsUpdatedCard = True).

xCardSource = incoming represents transactions processed with original card data.

xCardSource = account represents transactions that were processed using updated card info from Account Updater.

window.ckGooglePay object - controls initialization of Google Pay button.

You can provide either All, One or None of the parameters for enableGooglePay call.

• amountField specified - in this case Google Pay total amount will be automatically updated whenever amount has changed

• amountField is not specified - in this case it’s up to you to provide the correct amount for Google Pay. One of the ways to do it is to call window.ckGooglePay.updateAmount manually.

• iframeField

EnableGooglePayParams Object

Enable Google Pay example

Overview

Our WooCommerce plugin is an easy integration that allows users to accept payments online through their WooCommerce online site.

Customer Usage

New transaction:

1. Go to the checkout page.

2. Select Credit Card (or the title that was specified for Sola in the settings page).

New card:

1. Select "use a new payment method."

2. Enter the card data.

3. Select "save to account" if you would like to save the card for future use.

Card on file:

1. Select the card you would like to use.

2. Select "place order."

Add payment method (card on file):

1. Select my account > payment methods.

2. Click "add payment method."

3. Enter card data.

4. Click "add payment method."

Add payment method image:

Delete payment method:

1. Select my account > payment methods.

2. Click "delete" on the right of the payment method.

Delete payment method:

New subscription:

1. Select subscription item.

2. Pay the same as with a regular transaction.

Change subscription:

1. Go to my account > select subscriptions.

2. Click "view" on the subscription.

3. Apply modifications.

Edit subscription image:

Merchant

Refund a transaction:

This will refund the transaction. You can specify the amount to refund. Refund images:

Change order status from on hold to processing:

If the plugin is set to not capture the transaction, this will capture the transaction.

Change order status from on hold to completed:

If the plugin is set to not capture the transaction, this will capture the transaction.

Change order status from on hold to canceled:

If the order is not yet captured, this will void the auth only transaction.

Change order status from on hold to refunded:

If the order is not yet captured, this will void the auth only transaction.

Change order status image:

Recurring / Subscriptions:

Process Renewal: Charge the subscription instead of waiting.

Add / Update Token Manually: Click on the pencil near "payment details."

Update the token masked card number and card type.

The Magento Sola plugin will allow you to charge credit cards via the Sola gateway. Sola enables credit card payments for both customers on the storefront and for merchants in the Admin portal. The plugin supports Authorize Only, Capture, Void, Cancel, and Refund transactions. As a merchant, your web servers remain out of scope of the transaction, keeping card data secure and simplifying PCI compliance.

Installation

Overview

Our plugin is a NetSuite bundle that lets you use the Sola gateway to accept integrated payments with NetSuite. It also allows you to securely store payment methods for future transactions.

Sola currently does not support the following NetSuite integrations:

• SCA (NS eComm shopping cart)

Overview

This document helps developers to integrate the Cardknox Payments SDK with an Android app project using the gradle build system.

Technical Overview

1. Let's define a helper object with all necessary components:

2. Let’s enable Click-To-Pay for the website:

   Copy

   document.addEventListener("DOMContentLoaded", function(event) { 
       .....
       ckClick2Pay.enableClickToPay({
         environment: c2pEnvironment.sandbox, 
         externalClientId: "<Your externalClientId>",
         click2payContainer: "click2payContainer", 
         onPaymentPrefill: click2payRequest.paymentPrefill,
         onPaymentSuccess: click2payRequest.paymentSuccess,
         onPaymentError: click2payRequest.paymentCallback,
         onPaymentCancel: click2payRequest.paymentCallback,
         onButtonLoaded: click2payRequest.cpButtonLoaded
     });
   .....
   }

3. To see the full solution please click here.