WAPIs Overview
WiPay APIs (WAPIs) — RESTful API for user management, accounts, transactions, trusted cards, and withdrawals
WiPay APIs (WAPIs)
The WiPay APIs provide a RESTful interface for user management, managing accounts, processing transactions, handling trusted card payments, and creating withdrawal requests.
Base URL
Append /wapi/{resource-path} to the country-specific live or sandbox base URL documented in Platforms and Environments.
Prerequisites
See Getting Started for account and credential requirements. The Accounts API (/accounts/*) additionally requires a provisioned WAPI Configuration for Main Merchant Account workflows.
Authentication
Authenticate each protected request with exactly one of:
Authorization: Bearer <access_token>— available to all verified accountsX-WAPI-Key: wapi_live_<kid>_<secret>orwapi_test_<kid>_<secret>— available to BUSINESS accounts only
Do not send both headers. Requests that send both, send neither, or use an invalid/expired/revoked credential are rejected with 401 Unauthorized.
Bearer tokens are issued by Grant and Refresh. Access tokens expire after 12 hours; refresh tokens remain valid for 6 hours after the access token expires.
WAPI Keys are created and managed on the Developer page. See WAPI Keys for format, creation, and lifecycle details.
Request and Response Conventions
POSTbodies use form-data or x-www-form-urlencoded.GETparameters are query strings.- Always include
Accept: application/json. - All responses return JSON with at least a
messagefield.
Standard Error Responses
All WAPI endpoints may return these standard HTTP error responses in addition to the endpoint-specific responses documented on each page:
| Status | Description | Response Body |
|---|---|---|
405 Method Not Allowed | The HTTP method is not supported for this endpoint | {"message": "Method Not Allowed"} |
500 Internal Server Error | An unexpected server error occurred | {"message": "Internal Server Error"} |
Rate Limiting
Rate limit headers are included in every response:
| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum requests allowed in the window |
X-RateLimit-Remaining | Remaining requests in the current window |
Account Type Support
| Feature | PERSONAL | BUSINESS |
|---|---|---|
| Bearer-token authentication | Yes | Yes |
| WAPI Key authentication | No | Yes |
| Transactions, Trusted Cards, Withdrawals, User profile | Yes | Yes |
| Accounts API (MMA workflows) | No | Yes (requires WAPI Configuration) |
API Sections
Accounts
Create and manage WiPay user accounts programmatically.
- Create — Create a new user account
- Delete — Delete an account
- Retrieve — Get account details
- Update — Update account information
Authentication
Authenticate protected WAPI routes with OAuth bearer tokens, or with WAPI Keys created and managed on your WiPay BUSINESS account.
- Grant — Obtain an access token with your credentials
- Refresh — Refresh an expired access token
- Revoke — Invalidate an active token
Transactions
Retrieve transaction metadata, calculate fees, review history, retrieve a single transaction, and request refunds.
- Fees — Calculate transaction fees for a given currency, total, and fee structure
- History — Paginated transaction history
- Meta — Retrieve supported environments, currencies, fee structures, and total limits
- Refund Request — Submit a refund request
- Retrieve — Retrieve the full details of a specific transaction
Trusted Cards
Store, verify, and charge cards on file for recurring payments.
- Charge Request — Charge a verified card
- Create — Store a new card on file
- Delete — Remove a card from file
- Retrieve — View all stored cards or a single stored card
- Verify — Verify a card with a micro-charge
Trusted Card create and charge flows reuse WiPay's hosted checkout model. See Hosted Checkout Flows.
User
Retrieve the authenticated user's profile, update credentials, manage profile pictures, and configure Bank accounts.
- Bank Accounts — Create, retrieve, update, or delete local and foreign Bank accounts
- Profile Picture — Upload, replace, or delete a profile picture
- Retrieve Profile — Get basic profile details, balances, and Bank configuration status
- Update Password — Change account password
- Update Phone — Change phone number
Withdrawals
Create and manage withdrawal requests for the authenticated account.
- Create — Create a new withdrawal request
- Delete — Delete an eligible withdrawal
- History — Retrieve paginated withdrawal history
- Meta — Retrieve the reference values accepted by the withdrawal endpoints
- Retrieve — Retrieve a single withdrawal by transaction ID
API Collection
Download the WAPIs collection for API testing. The Bruno collection is the canonical source; the Postman export is auto-generated from it.
See Also
- Hosted Checkout Flows — Shared behavior between Payments API and WAPI Trusted Card flows
- WAPI FAQ — Main Merchant Account and WAPI Configuration guidance
- WAPI Scopes Reference