Pay for a Booking

POST /bookings/{bookingId}/payment
OAuth2

A payment is an attempt to pay for the booking, which will confirm the booking for the user and enable them to get their tickets.

Path parameters

  • bookingId string(uuid) Required

    The ID of the booking to pay for.

application/json

Body Required

  • amount number

    Amount intended to be collected by this payment. A positive decimal figure describing the amount to be collected.

  • currency string

    Three-letter ISO currency code, in lowercase.

    Values are bam, bgn, chf, eur, gbp, nok, sek, or try.

  • source object

    The payment source to take the payment from. This can be a card or a bank account. Some of these properties will be hidden on read to protect PII leaking.

    One of:
    Card object Bank Account object

Responses

  • 200 application/json

    Payment successful

    Hide headers attributes Show headers attributes
    • Cache-Control string

      A comma-separated list of directives as defined in RFC 9111.

    • RateLimit string

      The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.

    Hide response attributes Show response attributes object
    • id string(uuid)

      Unique identifier for the payment. This will be a unique identifier for the payment, and is used to reference the payment in other objects.

    • amount number

      Amount intended to be collected by this payment. A positive decimal figure describing the amount to be collected.

    • currency string

      Three-letter ISO currency code, in lowercase.

      Values are bam, bgn, chf, eur, gbp, nok, sek, or try.

    • source object

      The payment source to take the payment from. This can be a card or a bank account. Some of these properties will be hidden on read to protect PII leaking.

      One of:
      Card object Bank Account object
    • status string

      The status of the payment, one of pending, succeeded, or failed.

      Values are pending, succeeded, or failed.

    • links object

      Additional properties are allowed.

      Hide links attribute Show links attribute object
  • 400

    Bad Request

    Hide headers attribute Show headers attribute
    • RateLimit string

      The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code
  • 401

    Unauthorized

    Hide headers attribute Show headers attribute
    • RateLimit string

      The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code
  • 403

    Forbidden

    Hide headers attribute Show headers attribute
    • RateLimit string

      The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code
  • 429

    Too Many Requests

    Hide headers attributes Show headers attributes
    • RateLimit string

      The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.

    • Retry-After string

      The Retry-After header indicates how long the user agent should wait before making a follow-up request. The value is in seconds and can be an integer or a date in the future. If the value is an integer, it indicates the number of seconds to wait. If the value is a date, it indicates the time at which the user agent should make a follow-up request.

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code
  • 500

    Internal Server Error

    Hide headers attribute Show headers attribute
    • RateLimit string

      The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code

    Hide response attributes Show response attributes object
    • type string

      A URI reference that identifies the problem type

    • title string

      A short, human-readable summary of the problem type

    • detail string

      A human-readable explanation specific to this occurrence of the problem

    • instance string

      A URI reference that identifies the specific occurrence of the problem

    • status integer

      The HTTP status code
POST /bookings/{bookingId}/payment 
curl \
 -X POST https://api.example.com/bookings/1725ff48-ab45-4bb5-9d02-88745177dedb/payment \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/json" \
 -d '{"amount":49.99,"source":{"cvc":123,"name":"J. Doe","number":"4242424242424242","object":"card","exp_year":2025,"exp_month":12,"address_city":"London","address_line1":"123 Fake Street","address_line2":"4th Floor","address_country":"gb","address_post_code":"N12 9XX"},"currency":"gbp"}'
Request examples 
{
  "amount": 49.99,
  "source": {
    "cvc": 123,
    "name": "J. Doe",
    "number": "4242424242424242",
    "object": "card",
    "exp_year": 2025,
    "exp_month": 12,
    "address_city": "London",
    "address_line1": "123 Fake Street",
    "address_line2": "4th Floor",
    "address_country": "gb",
    "address_post_code": "N12 9XX"
  },
  "currency": "gbp"
}
{
  "amount": 100.5,
  "source": {
    "name": "J. Doe",
    "number": "00012345",
    "object": "bank_account",
    "country": "gb",
    "bank_name": "Starling Bank",
    "sort_code": "000123",
    "account_type": "individual"
  },
  "currency": "gbp"
}
Response examples (200) 
{
  "id": "2e3b4f5a-6b7c-8d9e-0f1a-2b3c4d5e6f7a",
  "links": {
    "booking": "https://api.example.com/bookings/1725ff48-ab45-4bb5-9d02-88745177dedb/payment"
  },
  "amount": 49.99,
  "source": {
    "cvc": 123,
    "name": "J. Doe",
    "number": "************4242",
    "object": "card",
    "exp_year": 2025,
    "exp_month": 12,
    "address_country": "gb",
    "address_post_code": "N12 9XX"
  },
  "status": "succeeded",
  "currency": "gbp"
}
{
  "id": "2e3b4f5a-6b7c-8d9e-0f1a-2b3c4d5e6f7a",
  "links": {
    "booking": "https://api.example.com/bookings/1725ff48-ab45-4bb5-9d02-88745177dedb"
  },
  "amount": 100.5,
  "source": {
    "name": "J. Doe",
    "number": "*********2345",
    "object": "bank_account",
    "country": "gb",
    "bank_name": "Starling Bank",
    "sort_code": "000123",
    "account_type": "individual"
  },
  "status": "succeeded",
  "currency": "gbp"
}
Response examples (400) 
{
  "type": "https://example.com/errors/bad-request",
  "title": "Bad Request",
  "detail": "The request is invalid or missing required parameters.",
  "status": 400
}
Response examples (400) 
<?xml version="1.0" encoding="UTF-8"?>
<root>
  <type>https://example.com/errors/bad-request</type>
  <title>Bad Request</title>
  <detail>The request is invalid or missing required parameters.</detail>
  <status type="integer">400</status>
</root>
Response examples (401) 
{
  "type": "https://example.com/errors/unauthorized",
  "title": "Unauthorized",
  "detail": "You do not have the necessary permissions.",
  "status": 401
}
Response examples (401) 
<?xml version="1.0" encoding="UTF-8"?>
<root>
  <type>https://example.com/errors/unauthorized</type>
  <title>Unauthorized</title>
  <detail>You do not have the necessary permissions.</detail>
  <status type="integer">401</status>
</root>
Response examples (403) 
{
  "type": "https://example.com/errors/forbidden",
  "title": "Forbidden",
  "detail": "Access is forbidden with the provided credentials.",
  "status": 403
}
Response examples (403) 
<?xml version="1.0" encoding="UTF-8"?>
<root>
  <type>https://example.com/errors/forbidden</type>
  <title>Forbidden</title>
  <detail>Access is forbidden with the provided credentials.</detail>
  <status type="integer">403</status>
</root>
Response examples (429) 
{
  "type": "https://example.com/errors/too-many-requests",
  "title": "Too Many Requests",
  "detail": "You have exceeded the rate limit.",
  "status": 429
}
Response examples (429) 
<?xml version="1.0" encoding="UTF-8"?>
<root>
  <type>https://example.com/errors/too-many-requests</type>
  <title>Too Many Requests</title>
  <detail>You have exceeded the rate limit.</detail>
  <status type="integer">429</status>
</root>
Response examples (500) 
{
  "type": "https://example.com/errors/internal-server-error",
  "title": "Internal Server Error",
  "detail": "An unexpected error occurred.",
  "status": 500
}
Response examples (500) 
<?xml version="1.0" encoding="UTF-8"?>
<root>
  <type>https://example.com/errors/internal-server-error</type>
  <title>Internal Server Error</title>
  <detail>An unexpected error occurred.</detail>
  <status type="integer">500</status>
</root>