Skip to main content
The Zennopay API has two environments:
https://api.zennopay.com/v1
Sandbox credentials are issued during onboarding. See Environments for the full URL reference, key scoping rules, and the path from sandbox to production.

Conventions

  • Transport: HTTPS only. TLS 1.2+.
  • Request bodies: JSON, UTF-8.
  • Responses: JSON. Errors follow a consistent envelope (error.code, error.message, error.request_id).
  • Auth: every request must be HMAC-signed. See Authentication.
  • Money: all amounts are integer USD cents (amount_usd_cents). We never return floating-point dollars.
  • Idempotency: the HMAC nonce + timestamp combination is rejected on replay (within a 10-minute window). For application-level idempotency, use your own request ID and check intent state before retrying.

Endpoints

Create payment intent

POST /v1/payment_intents

Get payment intent

GET /v1/payment_intents/{intent_id}

Webhooks

Event types + signature verification