Skip to content

Payments API (1.0.69)

The Payments API provides a single, secure interface for accepting and managing payments across credit cards, ACH transfers, and Apple Pay. It is designed to simplify integration, reduce risk, and give your team consistent tools for handling every stage of the payment lifecycle.

The Payments API follows modern REST conventions and uses JSON for requests and responses, making it straightforward to integrate from any language or platform. A single endpoint and a shared field model mean you can start with one payment type and expand to others with minimal additional development.

Built-In Security and Compliance

Security and compliance are built in. Tokenization protects sensitive data and aligns with the latest PCI DSS and Nacha security standards. Because payment details never touch your servers, a merchant’s compliance scope is reduced, and cardholder or account data is safeguarded.

Key Features

  • Data masking to protect sensitive information during processing and storage.
  • Rate limiting to ensure reliability, control usage, and mitigate fraud.
  • Field-level validation to catch errors in real time, reduce declines, and improve the user experience.
Download OpenAPI description
osi-payments-api.json
osi-payments-api.yaml
Languages
Servers
Mock server
https://docs.nelnetpay.com/_mock/apis/osi-payments-api
UAT
https://api.uat.nelnetpay.com/payments

Process a Payment Request

Request

Perform a request to process a payment.

This endpoint uses a valid Bearer Authentication API Key ID and HMAC Key for authentication.

Security
bearerAuth
Headers
nps-trace-uuidstringrequired
Bodyapplication/jsonrequired
entityIdinteger(int64)required

A unique ID assigned by NPS that represents the client.

Example: 1325691045
paymentTypeobjectrequired

Indicates the type of payment. Only one type of payment is allowed.

paymentType.​achobject

Used to identify the ACH payment type.

paymentType.​creditCardobject

Used to identify the credit card payment type.

paymentType.​applePayobject

Used to identify the Apple Pay payment type. Either encryptedData or tokenization needs to be provided.

transactionTypestringrequired

Indicates the type of transaction.

Enum"AUTH_ONLY""CAPTURE""SALE""REFUND""VERIFY""VOID""CANCEL""ACH_DEBIT""ACH_CREDIT""ACH_CANCEL"
Example: "AUTH_ONLY"
amountnumber

Amount of the transaction in BigDecimal.

Example: 123.65
accountHolderobject

Account holder details.

transactionInformationobject

Additional information about the transaction.

payfacobject

Information about the payment facilitator. Contact NPS Client Services before sending information in this field.

credentialsOnFileobject

Information for stored card transactions. Required to be sent only for recurring transactions.

additionalAmountArray of objects

Additional amount that is added to the amount of the cardholder's original transaction.

riskIdstring

A unique ID returned by the Risk Service.

Example: "12e3cdac-d347-4564-ba1f-305e5e1e8ded"
processingModestring

Mandatory for ACH transactions.

For transactions where the merchant sets the processingMode field value to SYNCHRONOUS, we will process these transactions in real-time using existing flows.

For transactions where the merchant sets the processingMode field value to ASYNCHRONOUS, we will process these transactions asynchronously.

We will queue the transaction for processing later.

Format: String

Enum"SYNCHRONOUS""ASYNCHRONOUS"
Example: "SYNCHRONOUS"
curl -i -X POST \
  https://docs.nelnetpay.com/_mock/apis/osi-payments-api/ \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'nps-trace-uuid: string' \
  -d '{
    "entityId": 1325691045,
    "paymentType": {
      "ach": {
        "bankAccount": {
          "accountNumber": "459887746321Z",
          "routingNumber": "021000021",
          "accountType": "CHECKING"
        }
      }
    },
    "transactionType": "ACH_DEBIT",
    "amount": 123.65,
    "accountHolder": {
      "accountHolderName": "John Smith",
      "accountHolderId": "134267"
    },
    "transactionInformation": {
      "customId": "330d4c38-7904-47cf-be8e-0972a93f7386",
      "description": "tuition",
      "additionalPaymentInformation": "U00102",
      "companyName": "College Prep",
      "companyDiscretionaryData": "Test1234",
      "standardEntryCode": "WEB",
      "terminalCity": "MPLS",
      "terminalState": "MN",
      "discretionaryData": "R",
      "effectiveEntryDate": "250110",
      "originalTransactionType": "",
      "originalPaymentTransactionId": "80503dc9-15f8-430a-8622-3cff38124bbd"
    },
    "riskId": "12e3cdac-d347-4564-ba1f-305e5e1e8ded"
  }'

Responses

OK

Bodyapplication/json
responseCodestring[ 4 .. 5 ] characters

Response code defined by NPS indicating status of request.

Format: Alphanumeric

Length: 4 to 5

Example: "A100"
responseMessagestring

The text description of the response code.

Example: "Approved"
avsResultCodestring

The Address Verification Service (AVS) result code.

Format: String

Example: "A"
cvvResultCodestring

The card security code verification (CVV2) result code.

Format: Alphanumeric

Example: "M"
paymentTransactionIdstring= 36 characters

Unique NPS transaction identifier. This value identifies the original transaction in NPS and is used by clients when submitting subsequent requests (e.g., CAPTURE, REFUND, VOID, or CANCEL). The Payments Service maintains an internal mapping to the processor’s transaction identifier and sends the processor’s ID to the processor as part of those requests.

Note: Clients should always reference transactions using NPS identifiers. The processor-generated identifier is returned in processorResponse.processorTransactionId and is used internally when communicating with processors.

Format: UUID

Length: 36

Example: "80503dc9-15f8-430a-8622-3cff38124bbd"
paymentTypeobject

Indicates the type of payment.

accountValidationResultobject

The ACH account validation return code, which indicates if ACH validation was performed.

processorResponseobject

Response returned by processor.

riskResponseobject

Response returned by the Risk Service if the service was invoked during processing the payment.

Response
application/json
{
  "responseCode": "A100",
  "responseMessage": "Approved",
  "paymentTransactionId": "80503dc9-15f8-430a-8622-3cff38124bbd",
  "paymentType": {
    "ach": {}
  },
  "accountValidationResult": {
    "responseCode": "1",
    "thirdPartyResponseCode": "2",
    "bankName": "UB Bank"
  },
  "riskResponse": {
    "responseCode": "0",
    "riskId": "12e3cdac-d347-4564-ba1f-305e5e1e8ded",
    "data": {}
  }
}