PayNow

Gateway

PayNow's API is reachable by an HTTPS/REST gateway for serving requests using JSON.

Base URL

https://api.paynow.gg/v1

Ping the API

Sends back a basic text response from the API.

Returns

Returns text/html that says PayNow API

Request

GET
/

Response

PayNow API

Authentication

Types of Authentication

The PayNow API can be used both from a store management perspective, as well as a customer's perspective.

In order to support the different types of actors in our system, we have developed the following types of authentication:

API Key

API keys are used to automate the management of a store. Whether it's pulling metrics, editing products, or generating customer tokens, API key are the correct way to modify a store and its entities in a headless manner.

API keys can be created in the API Keys section on the dashboard.

API keys can only be managed by a user.

Customer

Customers are the users of a store. Customer tokens can generated with an API request by a User or API Key. These tokens allow a customer to access the resources of store they belong to, and manage their own customer account.

Customer tokens can be used from anywhere on the internet. Whether it's your own website, your backend server, or from a game plugin, the customer token is the correct way to perform actions on behalf of a customer.

Customer tokens can be created in the customer section on the dashboard. Select a customer and then click "Create token".

Read more about customer tokens

Game Server

Game Servers represent the individual servers that you host. Game Server tokens can be generated with an API request by a User or API Key.

These are more restricted than API Keys because they can only access certain routes responsible for processing commands in-game.

Game Server tokens can be found in the game server section on the dashboard. Select a game server to see the token.

User

Users are human users who are allowed to create and manage stores on the dashboard.

Providing Authentication

Authentication is provided with the Authorization HTTP header in the format Authorization: AUTH_PREFIX TOKEN.

Auth TypeAuth Prefix
API Keyapikey
Customercustomer
Game Servergameserver

Auth prefixes are case insensitive.

Example headers for the different types of authentication:

Authorization: apikey 2HQQDow1G93rLVbRDe83tRP5vGDe442D2tT1XYNYYvbA

Authorization: customer yArTi2CZekPCHyxjetxUfRnUMANF5hXBxHyDrf3Nia38gGtfJCqa1EJYReqDPUaaV1UNN1U

Authorization: gameserver J7273cAJT7s3cP5WdSjJPtVCsLXK3bVfVPJimTX2YDT4

Flake IDs

PayNow uses Snowflake IDs (shorted to "flake" in our system) for everything that requires a unique identifier. These IDs are unique across the entire system.

Because our implementation uses signed 64-bit integers (int64), they are always returned as a strings in our API to prevent overflows in inferior languages. In our documentation we label ID fields with the flake type. When calling routes that expect a flake, you should always send it in string form.

Flake ID in Binary

sign  timestamp                                  node       increment
0     11111111111111111111111111111111111111111  1111111111 111111111111
64    63                                         22         12          0

PayNow Epoch

The timestamp component is offset by an epoch.

Unix ms: 1645568542000
ISO8601: 2022-02-22T22:22:22.000Z

Convert ID to time:

TimeFromUnixMillis((id >> 22) + epoch)

Errors

The PayNow API uses a simple structure for errors.

Error Response

  • Fields

  • Name
    status
    Type
    integer
    Tags
    Description

    the HTTP status code for this error

  • Name
    code
    Type
    string
    Tags
    Description

    the type of error

  • Name
    message
    Type
    string
    Tags
    Description

    the error's message

  • Name
    errors
    Type
    validation error
    Tags
    NULLABLE
    Description

    list of validation errors, only used for certain APIs

Validation Error Structure

  • Fields

  • Name
    code
    Type
    string
    Tags
    Description

    the type of error

  • Name
    message
    Type
    string
    Tags
    Description

    the error's message

  • Name
    path
    Type
    string array
    Tags
    Description

    path to property that caused the error

  • Name
    validation
    Type
    string
    Tags
    Description

    type of validation error

Note

In catastrophic cases, you might not get any of these values in response. This is however unlikely.

Example Error Response

{
	"status": 400,
	"code": "InvalidInput",
	"message": "cannot parse Steam ID from string: clearlynotasteamid"
}

Management vs Storefront APIs

The PayNow API can be divided into two groups of routes: Management and Storefront. The Management API is used for store management and can be accessed by users, API keys, and game servers. This API allows you to perform actions like updating product prices, creating coupons, and managing customer items.

On the other hand, Storefront API is intended for customer use, and provides a different representation of the same resources available in the Management API. For example, the Storefront API lets you display products to customers and keep track of items in their cart. You can use the Storefront API from any location on the internet, such as your custom domain or a plugin on your game server or other application.