Paytia Proxy Gateway
Technical Overview, Configuration, and Test Guide 1. Overview The Paytia Proxy Gateway is a flexible payment gateway that enables organisations to securely pass captured payment data from their environment to third-party systems using a fully ...
Technical Overview, Configuration, and Test Guide
1. Overview
The Paytia Proxy Gateway is a flexible payment gateway that enables organisations to securely pass captured payment data from their environment to third-party systems using a fully customisable JSON payload.
Instead of hard-coding payment fields or adapting your application to a fixed gateway schema, the Proxy Gateway allows you to define exactly what data Paytia posts, where it is posted, and how it is structured.
Sensitive card data is injected at runtime using secure variable replacement, ensuring cardholder data is never exposed to your systems or users.
2. Key Capabilities
Secure capture and handling of card data
Runtime variable substitution for sensitive fields
Fully customisable JSON metadata structure
Support for authenticated outbound API calls
Optional encryption of outbound payloads
Reduced PCI-DSS scope by removing card data handling from your environment
Compatible with CRMs, ERPs, donation platforms, and bespoke APIs
3. Supported Sensitive Data Variables
The following variables are supported and must be used exactly as shown. Paytia replaces these values at runtime after secure card capture.
| Field Name | Variable | Description |
|---|---|---|
cardNumber | {{PAN}} | Primary Account Number |
expiryDate | {{EXPDATE}} | Card expiry date |
cardsecuritycode | {{CVV}} | Card Security Code (CVV / CVC) |
financialInstitution | {{CARDBRAND}} | Card brand (VISA, MASTERCARD, etc.) |
These variables can be placed anywhere within the metadata JSON structure.
4. Gateway Availability
The Proxy Gateway is:
Included in supported Paytia packages by default
Or available as an additional gateway on request
Once enabled, configuration is performed through the Paytia Administration Portal.
5. Authentication Configuration
To allow Paytia to authenticate with your receiving system, authentication settings must be configured.
Navigation Path
Login as an Administration user
→ Settings
→ Auth Configuration
Configuration Page URL
https://{subdomain}.paytia.com/portal/merchant/authconfiguration
Authentication Parameters Example
API URL
Body Type Options
form-data
x-www-form-urlencoded
json
Request Headers
| Key | Value |
|---|---|
| Accept | application/json |
Parameters
| Key | Value |
|---|---|
| username | a365@soa-lionheart.prod.elmsfull |
| password | ******** |
| grant_type | password |
| client_id | ******** |
| client_secret | ******** |
Credentials should be securely stored and rotated in line with your security policy.
6. Encryption Configuration
Outbound payloads can be encrypted before being posted to the target system.
Supported Encryption Types
AES-256
RSA
BCRYPT
JWT
Example Encryption Settings
Encryption Type: AES-256
Encryption Key:
XrdRcv0bfY95mMAAAAAAAAAAAAAAvOHcZvF4zoXzE7d
The receiving system must be able to decrypt the payload using the same method and key.
7. PSP Post URL Configuration
This defines the endpoint that will receive the completed payload after variable substitution and encryption.
Field Name: psp_posturl
Example
https://qxAAAAAAA98AAAA.execute-api.us-east-1.amazonaws.com/AAAA5
8. Metadata Payload Structure
The metadata field contains the entire JSON payload that Paytia will post to your endpoint. This structure is fully controlled by you.
Example Metadata (JSON)
{
"programId": "a0AOJ00000Av9s12AB",
"sourceCC": "Phone Order",
"sourceDetail": "Call Centre",
"sourceName": "A365",
"contactInfo": {
"firstName": "Bonita",
"lastName": "Cooke",
"email": "ian.cooke@answwer365.ca",
"primaryPhone": "403-771-1252",
"secondaryPhone": "",
"mobilePhone": "",
"birthdate": "2001-01-01",
"address": {
"streetAddress": "386 Point McKay Gardens Northwest",
"postalCode": "T3B 4V8",
"city": "Calgary",
"country": "GB",
"state": "CA-AB"
}
},
"paymentInfo": {
"encryption": "aes256",
"cardNumber": "{{PAN}}",
"expiryDate": "{{EXPDATE}}",
"cardsecuritycode": "{{CVV}}",
"financialInstitution": "{{CARDBRAND}}",
"type": "Credit Card",
"address": {
"streetAddress": "386 Point McKay Gardens Northwest",
"postalCode": "T3B 4V8",
"city": "Calgary",
"country": "Canada",
"state": "CA-AB"
}
},
"orderInfo": {
"orderType": "Regular Order",
"totalOrderAmount": 25,
"currency": "CAD",
"waitlist": false,
"membership": false,
"mailTickets": false,
"gift": false,
"group": false,
"additionalTicketHolder1": "",
"additionalTicketHolder2": "",
"additionalTicketHolder3": "",
"orderLineItems": [
{
"quantity": 1,
"packId": "a0GOJ00000AD2Cq2AL",
"amount": 25,
"isBundle": false
}
]
},
"marketingInfo": {
"textOptIn": false
}
}
9. cURL Request for Testing
The following cURL example demonstrates how to submit a test transaction to the Paytia Proxy Gateway API.
curl --location 'https://accounts.paytia.com/portal/api/payment_service' \
--header 'X-API-KEY: 5aAAAA287f5712adAAAAAAAAAAAAAAA41522c05cbf5dc9aeede05ddfec1d3' \
--form 'reference_id="BT202968"' \
--form 'amount="10.00"' \
--form 'agent_id="10000"' \
--form 'firstname="Thirdpartytwo"' \
--form 'lastname="User"' \
--form 'billingcountry="GB"' \
--form 'billinghouseno="12"' \
--form 'billingcity="Southampton"' \
--form 'billingpostcode="302020"' \
--form 'shippingcountry="GB"' \
--form 'shippingfirstname="fsdffd"' \
--form 'shippingcity="Southampton"' \
--form 'shippinghouseno="44"' \
--form 'shippingpostcode="302020"' \
--form 'transaction_flag="0"' \
--form 'web_agent_form="1"' \
--form 'start_date="2025-10-15"' \
--form 'intervalcount="3"' \
--form 'end_date="2025-11-06"' \
--form 'subscription_amount="12"' \
--form 'interval="daily"' \
--form 'billingstate="fgfdgfdgfdgfggd"' \
--form 'country_phonecode="IN"' \
--form 'phone_number="9149026516"' \
--form 'email_address="testAAAAAA@gmail.com"' \
--form 'merchantcode="Proxy payment gateway"' \
--form 'shippingdescription="ewewqewqed"' \
--form 'customer_landlinecode="GB"' \
--form 'customer_landline_number="8787687691"' \
--form 'account_number="998877665544332211"' \
--form 'billingdescription="Description"' \
--form 'psp_posturl="https://qxAAAAAAA98AAAA.execute-api.us-east-1.amazonaws.com/AAAA5"' \
--form 'metadata="{\"programId\":\"a0AOJ00000Av9s12AB\",\"sourceCC\":\"Phone Order\",\"sourceDetail\":\"Call Centre\",\"sourceName\":\"A365\",\"contactInfo\":{\"firstName\":\"Bonita\",\"lastName\":\"Cooke\",\"email\":\"ian.cooke@answwer365.ca\",\"primaryPhone\":\"403-771-1252\",\"birthdate\":\"2001-01-01\",\"address\":{\"streetAddress\":\"386 Point McKay Gardens Northwest\",\"postalCode\":\"T3B 4V8\",\"city\":\"Calgary\",\"country\":\"GB\",\"state\":\"CA-AB\"}},\"paymentInfo\":{\"encryption\":\"aes256\",\"cardNumber\":\"{{PAN}}\",\"expiryDate\":\"{{EXPDATE}}\",\"cardsecuritycode\":\"{{CVV}}\",\"financialInstitution\":\"{{CARDBRAND}}\",\"type\":\"Credit Card\"}}"'
10. Card capture in real-time.
11. Security and Compliance Notes
Card data is never exposed to your application or staff
Sensitive values are injected only at the point of secure transmission
Encryption is applied before data leaves Paytia
Reduces PCI-DSS scope and compliance burden
Fully aligned with Paytia’s PCI-DSS Level 1 service provider controls
12. Summary
The Paytia Proxy Gateway is designed for organisations that need maximum control with minimum risk. By separating card capture from payload design, it enables secure, compliant, and highly adaptable payment integrations across complex system environments.
If you need a gateway that fits your systems — rather than forcing your systems to fit a gateway — the Proxy Gateway delivers that flexibility securely and at scale.
More in API
API details
What Can I See in the API Details View? The API Details View provides an in-depth look at the internal API exchanges between Paytia's telephony and API services. This feature is designed for troubleshooting and offers transparency into the data ...
CDR Details Webhooks: Push Data for Telephony Events
CDR Details Webhooks: Push Data for Telephony Events Paytia supports webhook push messages, enabling you to transmit real-time call information to a predefined URL. This functionality allows seamless programmatic decision-making within third-party ...
How do I add an enhanced API key security on Paytia?
How to Add Enhanced API Key Security on Paytia Adding enhanced security to your API integration ensures a more secure and streamlined experience when connecting to the Paytia platform. Follow these instructions to generate an API key, activate ...
How do I use Paytia Webhooks?
Configuring Webhooks in the Paytia Merchant Administrative Portal Webhooks enable the Paytia platform to send notifications and data to third-party service providers. These notifications are essential for integrating the Paytia Agent Capture Assist ...
How to Add an API Key on Paytia
How to Add an API Key on Paytia Adding an API key to your Paytia account is essential for integrating external applications or services with your merchant account on the Paytia platform. Follow the steps below to generate and manage an API key. Steps ...
Integrating Paytia: A Comprehensive Guide to the Connection Points you must consider
Paytia provides secure payment solutions that integrate seamlessly with host systems, telephony, and payment gateways. This guide outlines the primary connection points and how businesses can utilise Paytia for a streamlined payment processing ...
Still need help?
Our support team is here to help. Submit a ticket and we'll get back to you within one business day.