Authorize and Capture Transaction Flow
The authorize and capture transaction flow begins when a user submits credit card information through the Integrator user interface (UI), which posts directly to the Genius Payment Interface (GPI) to obtain a single-use token for PCI compliance. After the token is obtained, the capture phase is triggered through a Genius Payment Router (GPR). During the capture phase:
GPR sends a merchant capture request to GPI using the authorization token.
GPI receives confirmation and propagates the success response back through the system to complete the payment.
Authorize and Capture Transaction Flow Diagram
 |
The following token interactions and operations are used for the authorize and capture transaction flow:
Step | Token Interaction | Path |
|---|---|---|
1 | ||
2 | ||
3 |
POST /v1/api/tokens
Summary
Use this endpoint to request a one-time token.
Request Parameters
In | Field Name | Type | Required | Description |
|---|---|---|---|---|
body |
| Yes | The request body information |
Response
Code | Description | Schema |
|---|---|---|
200 | Success Message: Ok |
PostOneTimeTokenRequestBody
Field Name | Type | Required | Description |
|---|---|---|---|
| string | Yes | The Merchant API key required to generate a one-time token |
| string | Yes | The credit card number |
| string | Yes | The credit card expiration month |
| string | Yes | The credit card expiration year |
| string | Yes | The Card Verification Value (CVV) number for the credit card |
| string | Yes | The credit card holder name |
| string | Yes | The credit card holder street address |
| string | Yes | The credit card holder zip or postal code |
Sample Request Body
{
"merchantApiKey": "V1S0CCKS16LSPJL3",
"cardNumber":"6011850288258637",
"expirationmonth": "12",
"expirationyear": "26",
"cvv" : "123",
"cardHolder": "John Doe",
"streetaddress" : "1 Federal St",
"zipcode": "02110"
}PostOneTimeTokenResponseBody
Field Name | Type | Description |
|---|---|---|
| string | The token information |
| string | The currency type |
| string (date/time) | The date and time the token was created |
| string (date/time) | The date and time the token expires |
| string | An error description, if applicable |
Sample Response Body
{
"token": "OTT_DDLQPMJSL6R7TUTXC43RT3OWLM84",
"currency": "usd",
"created": "2026-01-19T07:49:42.7800000Z",
"expires": "2026-01-19T07:59:42.7800000Z",
"errors": null
}POST /authorize-payments
Summary
Use this endpoint for payment authorization.
Request Parameters
In | Field Name | Type | Required | Description |
|---|---|---|---|---|
header |
| string | Yes | The unique identifier (UID) for the company in which the menu will be created |
header |
| string | Yes | The UID for the site in which the menu will be created |
header |
| string | Yes | The token required to perform API calls for the company. For information on tokens, see Authentication. |
body |
| Yes | The request body information |
Responses
Code | Description | Schema |
|---|---|---|
200 | Success | |
400 | Failure |
PostAuthorizePaymentsRequestBody
Field Name | Type | Required | Description |
|---|---|---|---|
| number | Yes | The authorization amount |
| string | Yes | The authorization data. Depends on the |
| string | Yes | The authorization type. Possible values:
|
| string | No* | The unique order number. *This field is required for FreedomPay when the amount is more than 0. |
| string | No | The business date in ISO-8601 format |
| string | No | The entry method. For example, |
| number | No | Timeout in milliseconds |
| string | No | The nickname for the card |
| string | No | The name on the card |
| string | No | The customer email |
| string | No | The Hosted Payment Controls (HPC) bearer token received during in the request |
| boolean | No | If the value is |
Sample Request Body
[
{
"reference_id": "981c8b22-dd4d-4f4d-8860-b18ffcf1e507",
"amount": 22,
"business_date": "2021-03-04T00:00:00.000Z",
"account_data": "OTT_DDLQPMJSL6R7TUTXC43RT3OWLM84",
"account_data_type": "OneTimeToken",
"board_card": false,
"timeout": 30,
"terminal_id": 2523918973
}
]PostAuthorizePaymentsResponseBody
Field Name | Type | Description |
|---|---|---|
| The object containing the merchant information | |
| string | The server date and time the record was created |
| The transaction information |
Sample Response Body: Success
{
"merchant_data": {
"name": "Genius",
"xenial_id": "genius",
"id": "L7AYDTR5"
},
"server_date_time": "2026-01-19T07:55:09.769Z",
"payment_methods": [
{
"transaction_data": {
"id": "6618523328",
"reference_id": "e528dbe4-b893-454a-8958-e5f452dcd98b",
"amount": 6,
"business_date": "2021-03-04T00:00:00.000Z",
"terminal_id": 2523918973,
"transaction_id": "6618523328",
"account_data": "OTT_DDLQPMJSL6R7TUTXC43RT3OWLM84",
"account_data_type": "OneTimeToken",
"board_card": false,
"status": "authorized",
"error_description": "",
"code": "00",
"card_brand_name": "DISCOVER",
"name_on_card": "John Doe",
"masked_card_number": "************8637",
"vendor": "Genius",
"processor": "Genius",
"avs_code": "",
"cvv_code": "",
"fraud_scoring": {
"external_reference": "JJC80469827S",
"recommendation": "Approve",
"score": "34",
"status": "Success"
}
}
}
]
}Sample Response Body: Failure
{
"merchant_data": {
"name": "Genius",
"xenial_id": "genius",
"id": "L7AYDTR5"
},
"server_date_time": "2026-01-19T07:58:04.603Z",
"payment_methods": [
{
"transaction_data": {
"id": "",
"reference_id": "ca659069-586c-4b4f-ba84-eeffb2cf2612",
"amount": 0,
"business_date": "2021-03-04T00:00:00.000Z",
"terminal_id": 2523918973,
"transaction_id": "",
"account_data": "OTT_TDYRJ6XEO7ZPC746WETEG3QU52HU",
"account_data_type": "OneTimeToken",
"board_card": false,
"status": "authorize-failed",
"error_description":
"FAILED;99999;payment information not available",
"code": "E0",
"card_brand_name": "UNKNOWN",
"name_on_card": "",
"masked_card_number": "",
"vendor": "Genius",
"processor": "Genius",
"avs_code": "",
"cvv_code": ""
}
}
]
}merchant_data Object
Field Name | Type | Description |
|---|---|---|
| string | The merchant name |
| string | The merchant identifier (ID) assigned by Genius |
| string | The merchant ID |
payment_methods Array
Field Name | Type | Description |
|---|---|---|
| The object containing the transaction information |
transaction_data Object
Field Name | Type | Description |
|---|---|---|
| string | The transaction identifier (ID) |
| string | The transaction reference ID |
| number | The transaction amount |
| string (date/time) | The transaction business date and time |
| string | The transaction terminal ID |
| string | The transaction ID |
| string | The authorization data |
| string | The authorization type |
| boolean | A flag that indicates whether to save credit card information for future transactions |
| string | The transaction status |
| string | The error description, if applicable |
| string | The transaction code |
| string | The transaction credit card brand name |
| string | The name on the card |
| string | The partial credit card number |
| string | The vendor name for the transaction |
| string | The processor name for the transaction |
| string | The Address Verification System (AVS) code |
| string | The Credit Verification Value (CVV) code |
| The object containing the fraud scoring information |
fraud_scoring Object
Field Name | Type | Description |
|---|---|---|
| string | The external reference identifier (ID) |
| string | The fraud scoring recommendation. For example, |
| number | The fraud score number |
| string | The fraud scoring status. For example, |
POST /process-payment
Summary
Use this endpoint for payment processing.
Request Parameters
In | Field Name | Type | Required | Description |
|---|---|---|---|---|
header |
| string | Yes | The unique identifier (UID) for the company in which the menu will be created |
header |
| string | Yes | The UID for the site in which the menu will be created |
header |
| string | Yes | The token required to perform API calls for the company. For information on tokens, see Authentication. |
body |
| Yes | The request body information |
Response
Code | Description | Schema |
|---|---|---|
200 | Success |
PostProcessPaymentRequestBody
Field Name | Type | Required | Description |
|---|---|---|---|
| number | Yes | The payment amount |
| string | Yes | The reference identifier (ID) from the payment |
| string | Yes | The data from the account where the payment is being performed. The value depends on the |
| string | Yes | The authorization type. Possible values:
|
| string | No | The reference ID for the authorized transaction related to current capture transaction |
| number | No* | The authorized amount to be processed for the payment. *This field is required if |
| number | No | The total order amount |
| number | No | The tip amount |
| string | No | The order ID related to the payment being processed |
| string | No | The business date of the payment |
| string | No | The order number related to the payment being processed |
| string | No | The entry method used for payment |
| string | No | The card nickname used for payment |
| string (time) | No | The local time from the point of sale (POS) device when the request was performed |
| string (date) | No | The local date from the POS device when the request was performed |
| string | No | The customer email |
| number | No | Timeout in milliseconds |
| string | No | The terminal ID from where the request was performed |
| boolean | No | A flag that indicates whether the transaction will be synchronized |
Sample Request Body
{
"reference_id": "cd938b05-b2fc-4d05-abc8-13b80b5eadb5",
"amount": 22,
"order_id": "4444",
"tip_amount": 1,
"order_number": "4443",
"auth_reference_id": ""
"account_data": "6618523328",
"account_data_type": "AuthTransactionId",
"board_card": false,
"entry_method": "App",
"pos_local_time": "08:01:02",
"pos_local_date": "2026-01-19",
"terminal_id": "123",
"timeout": 60,
"sync_request": true
}PostProcessPaymentResponseBody
Field Name | Type | Description |
|---|---|---|
| string | The server date and time the record was created |
| The object containing the merchant information | |
| The object containing the transaction information |
Sample Response Body
{
"server_date_time": "2026-01-19T08:25:36.769Z",
"merchant_data": {
"name": "Genius",
"xenial_id": "genius"
},
"transaction_data": {
"id": "6618523741",
"reference_id": "41e00489-04d3-4652-8a47-2df32df78423",
"amount": 22,
"order_amount": 22,
"tip_amount": null,
"order_number": "4443",
"business_date": null,
"store_number": null,
"account_data": "6618523328",
"account_data_type": "AuthTransactionId",
"entry_method": "App",
"pos_local_time": "08:21:53",
"pos_local_date": "2026-01-19",
"terminal_id": "123",
"status": "paid",
"error_description": "",
"code": "00",
"site_id": "686d239eb861285896b26ede",
"company_id": "6127996c79b2660008ff150b",
"server_time_stamp": "2026-01-19T08:21:53.456Z",
"processor": "Genius",
"vendor": "Genius",
"auth": "OK9999"
}
}merchant_data Object
Field Name | Type | Description |
|---|---|---|
| string | The merchant name |
| string | The merchant identifier (ID) assigned by Genius |
transaction_data Object
Field Name | Type | Description |
|---|---|---|
| string | The transaction identifier (ID) |
| string | The transaction reference ID |
| number | The transaction amount |
| number | The total order amount |
| number | The tip amount |
| string | The order number related to the payment being processed |
| string (date/time) | The transaction business date and time |
| string | The store number |
| string | The authorization data |
| string | The authorization type |
| string | The entry method used for payment |
| string (time) | The local time from the point of sale (POS) device when the request was performed |
| string (date) | The local date from the POS device when the request was performed |
| string | The transaction terminal ID |
| string | The transaction status |
| string | The error description, if applicable |
| string | The transaction code |
| string | The site ID for the transaction |
| string | The company ID for the transaction |
| string (date/time) | The server date and time the record was created |
| string | The processor name for the transaction |
| string | The vendor name for the transaction |
| string | The transaction authorization code |