Train Travel API

Pay for a Booking

POST /bookings/{bookingId}/payment

A payment is an attempt to pay for the booking, which will confirm the booking for the user and enable them to get their tickets.

Path parameters

bookingId string(uuid) Required

The ID of the booking to pay for.

application/json

Body

amount number

Amount intended to be collected by this payment. A positive decimal figure describing the amount to be collected.
currency string

Three-letter ISO currency code, in lowercase.

Values are bam, bgn, chf, eur, gbp, nok, sek, or try.
source object
Any of:
Card object Bank Account object
A card (debit or credit) to take payment from.
Hide attributes Show attributes

object string

Value is card.

name string Required

Cardholder's full name as it appears on the card.

number string Required

The card number, as a string without any separators. On read all but the last four digits will be masked for security.

cvc integer Required

Card security code, 3 or 4 digits usually found on the back of the card.

Minimum length is 3, maximum length is 4.

exp_month integer(int64) Required

Two-digit number representing the card's expiration month.

exp_year integer(int64) Required

Four-digit number representing the card's expiration year.

address_line1 string

address_line2 string

address_city string

address_country string Required

address_post_code string
A bank account to take payment from. Must be able to make payments in the currency specified in the payment.
Hide attributes Show attributes

object string

Value is bank_account.

name string Required

number string Required

The account number for the bank account, in string form. Must be a current account.

sort_code string

The sort code for the bank account, in string form. Must be a six-digit number.

account_type string Required

The type of entity that holds the account. This can be either individual or company.

Values are individual or company.

bank_name string Required

The name of the bank associated with the routing number.

country string Required

Two-letter country code (ISO 3166-1 alpha-2).

Responses

• 200 application/json

Payment successful
Hide headers attribute Show headers attribute
- RateLimit string
  
  The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.
Hide response attributes Show response attributes object
- id string(uuid)
  
  Unique identifier for the payment. This will be a unique identifier for the payment, and is used to reference the payment in other objects.
- amount number
  
  Amount intended to be collected by this payment. A positive decimal figure describing the amount to be collected.
- currency string
  
  Three-letter ISO currency code, in lowercase.
  
  Values are bam, bgn, chf, eur, gbp, nok, sek, or try.
- source object
  
  Any of:
  Card object Bank Account object
  
  A card (debit or credit) to take payment from.
  
  Hide attributes Show attributes
  
  object string
  
  Value is card.
  
  name string Required
  
  Cardholder's full name as it appears on the card.
  
  number string Required
  
  The card number, as a string without any separators. On read all but the last four digits will be masked for security.
  
  exp_month integer(int64) Required
  
  Two-digit number representing the card's expiration month.
  
  exp_year integer(int64) Required
  
  Four-digit number representing the card's expiration year.
  
  address_city string
  
  address_country string Required
  
  address_post_code string
  
  A bank account to take payment from. Must be able to make payments in the currency specified in the payment.
  
  Hide attributes Show attributes
  
  object string
  
  Value is bank_account.
  
  name string Required
  
  number string Required
  
  The account number for the bank account, in string form. Must be a current account.
  
  sort_code string
  
  The sort code for the bank account, in string form. Must be a six-digit number.
  
  account_type string Required
  
  The type of entity that holds the account. This can be either individual or company.
  
  Values are individual or company.
  
  bank_name string Required
  
  The name of the bank associated with the routing number.
  
  country string Required
  
  Two-letter country code (ISO 3166-1 alpha-2).
- status string
  
  The status of the payment, one of pending, succeeded, or failed.
  
  Values are pending, succeeded, or failed.
- links object
  
  Hide links attribute Show links attribute
  
  booking string(uri)
• 400

application/problem+json

application/problem+json application/problem+xml

Bad Request
Hide headers attribute Show headers attribute
- RateLimit string
  
  The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
• 401

application/problem+json

application/problem+json application/problem+xml

Unauthorized
Hide headers attribute Show headers attribute
- RateLimit string
  
  The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
• 403

application/problem+json

application/problem+json application/problem+xml

Forbidden
Hide headers attribute Show headers attribute
- RateLimit string
  
  The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
• 429

application/problem+json

application/problem+json application/problem+xml

Too Many Requests
Hide headers attributes Show headers attributes
- RateLimit string
  
  The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.
- Retry-After string
  
  The Retry-After header indicates how long the user agent should wait before making a follow-up request. The value is in seconds and can be an integer or a date in the future. If the value is an integer, it indicates the number of seconds to wait. If the value is a date, it indicates the time at which the user agent should make a follow-up request.
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
• 500

application/problem+json

application/problem+json application/problem+xml

Internal Server Error
Hide headers attribute Show headers attribute
- RateLimit string
  
  The RateLimit header communicates quota policies. It contains a limit to convey the expiring limit, remaining to convey the remaining quota units, and reset to convey the time window reset time.
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code
Hide response attributes Show response attributes object
- type string
  
  A URI reference that identifies the problem type
- title string
  
  A short, human-readable summary of the problem type
- detail string
  
  A human-readable explanation specific to this occurrence of the problem
- instance string
  
  A URI reference that identifies the specific occurrence of the problem
- status integer
  
  The HTTP status code

POST /bookings/{bookingId}/payment

curl \
 -X POST https://api.example.com/bookings/1725ff48-ab45-4bb5-9d02-88745177dedb/payment \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/json" \
 -d '{"amount":49.99,"currency":"gbp","source":{"object":"card","name":"J. Doe","number":"4242424242424242","cvc":123,"exp_month":12,"exp_year":2025,"address_line1":"123 Fake Street","address_line2":"4th Floor","address_city":"London","address_country":"gb","address_post_code":"N12 9XX"}}'

Request examples

{
  "amount": 49.99,
  "currency": "gbp",
  "source": {
    "object": "card",
    "name": "J. Doe",
    "number": "4242424242424242",
    "cvc": 123,
    "exp_month": 12,
    "exp_year": 2025,
    "address_line1": "123 Fake Street",
    "address_line2": "4th Floor",
    "address_city": "London",
    "address_country": "gb",
    "address_post_code": "N12 9XX"
  }
}

{
  "amount": 100.5,
  "currency": "gbp",
  "source": {
    "object": "bank_account",
    "name": "J. Doe",
    "number": "00012345",
    "sort_code": "000123",
    "account_type": "individual",
    "bank_name": "Starling Bank",
    "country": "gb"
  }
}

Response examples (200)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "id": "2e3b4f5a-6b7c-8d9e-0f1a-2b3c4d5e6f7a",
  "amount": 49.99,
  "currency": "gbp",
  "source": {
    "object": "card",
    "name": "J. Doe",
    "number": "************4242",
    "cvc": 123,
    "exp_month": 12,
    "exp_year": 2025,
    "address_country": "gb",
    "address_post_code": "N12 9XX"
  },
  "status": "succeeded",
  "links": {
    "booking": "https://api.example.com/bookings/1725ff48-ab45-4bb5-9d02-88745177dedb/payment"
  }
}

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "id": "2e3b4f5a-6b7c-8d9e-0f1a-2b3c4d5e6f7a",
  "amount": 100.5,
  "currency": "gbp",
  "source": {
    "object": "bank_account",
    "name": "J. Doe",
    "account_type": "individual",
    "number": "*********2345",
    "sort_code": "000123",
    "bank_name": "Starling Bank",
    "country": "gb"
  },
  "status": "succeeded",
  "links": {
    "booking": "https://api.example.com/bookings/1725ff48-ab45-4bb5-9d02-88745177dedb"
  }
}

Response examples (400)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "type": "https://example.com/errors/bad-request",
  "title": "Bad Request",
  "status": 400,
  "detail": "The request is invalid or missing required parameters."
}

Response examples (400)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "type": "https://example.com/errors/bad-request",
  "title": "Bad Request",
  "status": 400,
  "detail": "The request is invalid or missing required parameters."
}

Response examples (401)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "type": "https://example.com/errors/unauthorized",
  "title": "Unauthorized",
  "status": 401,
  "detail": "You do not have the necessary permissions."
}

Response examples (401)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "type": "https://example.com/errors/unauthorized",
  "title": "Unauthorized",
  "status": 401,
  "detail": "You do not have the necessary permissions."
}

Response examples (403)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "type": "https://example.com/errors/forbidden",
  "title": "Forbidden",
  "status": 403,
  "detail": "Access is forbidden with the provided credentials."
}

Response examples (403)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "type": "https://example.com/errors/forbidden",
  "title": "Forbidden",
  "status": 403,
  "detail": "Access is forbidden with the provided credentials."
}

Response examples (429)

# Headers
RateLimit: limit=10, remaining=0, reset=10
Retry-After: 120

# Payload
{
  "type": "https://example.com/errors/too-many-requests",
  "title": "Too Many Requests",
  "status": 429,
  "detail": "You have exceeded the rate limit."
}

Response examples (429)

# Headers
RateLimit: limit=10, remaining=0, reset=10
Retry-After: 120

# Payload
{
  "type": "https://example.com/errors/too-many-requests",
  "title": "Too Many Requests",
  "status": 429,
  "detail": "You have exceeded the rate limit."
}

Response examples (500)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "type": "https://example.com/errors/internal-server-error",
  "title": "Internal Server Error",
  "status": 500,
  "detail": "An unexpected error occurred."
}

Response examples (500)

# Headers
RateLimit: limit=10, remaining=0, reset=10

# Payload
{
  "type": "https://example.com/errors/internal-server-error",
  "title": "Internal Server Error",
  "status": 500,
  "detail": "An unexpected error occurred."
}