CartDNA is a Shopify Payment App Development Partner

CartDNA Logo

CartDNA API

Use the CartDNA API to authenticate securely, create payment requests, control payment method selection, and keep your systems updated through callback workflows. Built for teams that need flexible payment infrastructure and reliable backend control.

Open full API referenceRead integration guide

What the API helps you do

The CartDNA API gives you the core actions needed for payment orchestration. You can request an access token, submit payment requests, define customer and order data, choose supported payment methods, and receive status updates through callback URLs.

Key API capabilities

Authentication

Use client credentials to request an access token, then include that token in authorised requests.

Payment creation

Create payment requests with order details, amount, currency, customer data, and payment method selection.

Security controls

Protect every request with timestamp validation, idempotency keys, and request signatures.

Customer redirect flow

Use the returned payment URL to send customers into the payment experience.

Callback-driven updates

Receive payment updates in your backend so your order system stays accurate.

Built for real transaction flows

CartDNA API requests support common transaction actions such as payment creation and preauthorisation-style flows, depending on your merchant setup. This gives developers flexibility when handling direct captures, staged payments, or method-specific checkout logic.

Local and global payment support

The public API reference shows support for several payment methods and currencies, including cards and selected local methods. This gives merchants more flexibility when selling across markets and helps developers build payment experiences that match customer expectations.

Examples:

  • Cards for broad global coverage
  • Bancontact for Belgium
  • Boleto and Pix for Brazil
  • Klarna for selected international markets
  • Przelewy24 for Poland

Security comes first

CartDNA uses layered request protection. Tokens control API access. Timestamps help reduce replay issues. Idempotency keys reduce accidental duplicates. Signatures protect critical payment fields from tampering. This structure is practical for production systems where payment reliability matters.

Plan for predictable failure states

Your integration should handle common API failure cases such as invalid tokens, expired requests, duplicate requests, and invalid signatures. Build clear retries where safe, log request context, and show helpful internal error messages to support teams.

How to build cleanly

Keep all secrets server-side

Use UUID idempotency keys

Standardise order ID formats

Log callback deliveries

Reconcile redirect outcomes with final backend status

Separate sandbox and live credentials

Test signature generation with fixed payload samples

Need endpoint-level detail?

For exact headers, request examples, payload fields, and response formats, use the full CartDNA API reference.

Go to API reference