Skip to main content

Server Payments

Server payment mutations charge a stored payment method or initiate an ACH payment directly from your backend, without a client-side checkout session. These operations require your API secret and must only be called from your server.

note

Every data input on this page also accepts optional shipping, device, and user objects alongside billing. See Optional input objects for their fields.


Charge a Stored Payment Method

merchantApiServerPaymentMethodTransactionCreate

Charge a previously stored payment method in a single server-side call.

mutation ChargeStoredMethod(
$providerId: String
$provider: TRANSACTION_PROVIDER
$data: MerchantApiServerPaymentMethodTransactionCreateSchema!
) {
merchantApiServerPaymentMethodTransactionCreate(
merchantTransactionProviderId: $providerId
transactionProvider: $provider
data: $data
) {
id
status
amount
currency
providerCode
providerAuthorizationCode
createdAt
}
}

Top-level arguments

ArgumentTypeRequiredDescription
merchantTransactionProviderIdStringOne of the twoAccruPay provider record ID
transactionProviderTRANSACTION_PROVIDEROne of the twoProvider enum (e.g. NUVEI). Use when you have one provider per type
dataMerchantApiServerPaymentMethodTransactionCreateSchemaYesCharge details

Provide exactly one of merchantTransactionProviderId or transactionProvider.

data fields

FieldTypeRequiredDescription
merchantCustomerPaymentMethodIdStringYesAccruPay stored payment method UUID
merchantInternalTransactionCodeStringYesYour idempotency key / order ID
amountBigIntYesCharge amount in smallest currency unit (e.g. cents)
currencyCURRENCYYesCurrency enum (e.g. USD)
billingBillingDataSchemaYesBilling address details
merchantInternalCustomerCodeStringNoDeprecated. Pass customer via the payment method instead

BillingDataSchema fields

FieldTypeRequiredDescription
billingFirstNameStringYesCardholder first name
billingLastNameStringYesCardholder last name
billingEmailStringYesBilling email address
billingAddressCountryCOUNTRY_ISO_2YesTwo-letter country code enum
billingAddressLine1StringNoStreet address
billingAddressLine2StringNoApartment, suite, etc.
billingAddressCityStringNoCity
billingAddressStateStringNoState or province
billingAddressPostalCodeStringNoPostal code
billingPhoneStringNoPhone number

Return shape

FieldTypeDescription
idStringAccruPay transaction UUID
statusTRANSACTION_STATUSSUCCEEDED, PENDING, FAILED, DECLINED, ERROR
amountBigIntCharged amount
currencyCURRENCYCurrency
providerCodeStringProvider's transaction reference
providerAuthorizationCodeStringAuthorization code from the card network
providerErrorStringRaw provider decline reason when status is DECLINED or FAILED
createdAtDateTimeISOTransaction creation timestamp
warning

Check transaction.status in the response. A DECLINED or FAILED status is not a GraphQL error — the mutation resolves successfully with a non-approved status. See Errors for details.


ACH Payment

merchantApiServerAchPaymentTransactionCreate

Initiate an ACH bank-to-bank payment from your server. The customer's bank account details are passed directly in the mutation.

mutation CreateAchPayment(
$providerId: String
$provider: TRANSACTION_PROVIDER
$data: MerchantApiServerAchPaymentTransactionCreateSchema!
) {
merchantApiServerAchPaymentTransactionCreate(
merchantTransactionProviderId: $providerId
transactionProvider: $provider
data: $data
) {
id
status
amount
currency
providerCode
createdAt
}
}

Top-level arguments

ArgumentTypeRequiredDescription
merchantTransactionProviderIdStringOne of the twoAccruPay provider record ID
transactionProviderTRANSACTION_PROVIDEROne of the twoProvider enum
dataMerchantApiServerAchPaymentTransactionCreateSchemaYesACH payment details

data fields

FieldTypeRequiredDescription
merchantInternalTransactionCodeStringYesYour idempotency key / order ID
amountBigIntYesPayment amount in smallest currency unit
currencyCURRENCYYesCurrency enum (e.g. USD)
billingBillingDataSchemaYesBilling details (same shape as above)
storePaymentMethodBooleanYesWhether to store the bank account for future use
ach.accountNumberStringYesBank account number
ach.routingNumberStringYesABA routing number
ach.secCodeTRANSACTION_ACH_SECCODENoACH SEC code: WEB, CCD, TEL, or UNKNOWN
ach.entityTypeENTITY_TYPENoINDIVIDUAL or COMPANY
customerMerchantCustomerSelectorNoCustomer selector for this payment. When provided, merchantInternalCustomerCode is required within it.
merchantInternalCustomerCodeStringNoLegacy top-level customer code. Prefer the customer selector.
note

ACH transactions are not settled synchronously. The initial response will typically have a PENDING status. The provider sends a settlement or return notification asynchronously, and AccruPay updates the transaction state when that event is received. Use merchantApiTransactionSyncOne or poll merchantApiTransaction to check the final status.


Server Authorization Session

Use these mutations when you want to authorize a stored payment method for a specific amount from your server and capture it separately.

merchantApiServerPaymentMethodTransactionAuthorizationSessionStart

Start an authorization-only session against a stored payment method.

mutation StartServerAuthSession(
$providerId: String
$provider: TRANSACTION_PROVIDER
$data: MerchantApiServerPaymentMethodTransactionAuthorizationSessionStartSchema!
) {
merchantApiServerPaymentMethodTransactionAuthorizationSessionStart(
merchantTransactionProviderId: $providerId
transactionProvider: $provider
data: $data
) {
session {
id
status
providerCode
}
transactions {
id
action
status
providerCode
providerAuthorizationCode
}
}
}

This mutation returns a MerchantClientTransactionSessionContext — the authorization session and the resulting transactions (plus customer, paymentMethod, transactionProvider) are nested fields, not top-level.

Top-level arguments

ArgumentTypeRequiredDescription
merchantTransactionProviderIdStringOne of the twoAccruPay provider record ID
transactionProviderTRANSACTION_PROVIDEROne of the twoProvider enum
dataschemaYesAuthorization session details

data fields

FieldTypeRequiredDescription
merchantCustomerPaymentMethodIdStringYesAccruPay stored payment method UUID
merchantInternalTransactionCodeStringYesYour idempotency key / order ID
amountBigIntYesAmount to authorize in smallest currency unit
currencyCURRENCYYesCurrency enum
billingBillingDataSchemaYesBilling details

merchantApiServerPaymentMethodTransactionAuthorizationSessionVerify

Verify and finalize the authorization session started above.

mutation VerifyServerAuthSession(
$id: String
$merchantInternalTransactionCode: String
$providerCode: String
) {
merchantApiServerPaymentMethodTransactionAuthorizationSessionVerify(
id: $id
merchantInternalTransactionCode: $merchantInternalTransactionCode
providerCode: $providerCode
) {
session {
id
status
providerCode
}
transactions {
id
action
status
providerCode
providerAuthorizationCode
}
}
}

Returns a MerchantClientTransactionSessionContext (same shape as start).

Provide at least one of id, merchantInternalTransactionCode, or providerCode to identify the session.

Arguments

ArgumentTypeRequiredDescription
idStringOne of threeAccruPay session UUID
merchantInternalTransactionCodeStringOne of threeYour order / transaction ID
providerCodeStringOne of threeProvider's reference code
warning

This mutation does not accept a session token. Unlike client-side session verification, server authorization session verification uses id, merchantInternalTransactionCode, or providerCode as the identifier. Passing a client session token here will fail.

Once verified, use merchantApiTransactionAuthorizationSettle to capture the funds.


Optional input objects

In addition to billing, every payment-create and session-start input accepts three optional objects — shipping, device, and user. They are used for fraud signals, fulfillment, and end-user identity, and are passed in the same data object as billing. These are the canonical definitions; other pages link here.

ShippingDataSchema

FieldTypeRequiredDescription
shippingFirstNameStringYesRecipient first name
shippingLastNameStringYesRecipient last name
shippingEmailStringYesRecipient email
shippingAddressCountryCOUNTRY_ISO_2YesISO 3166-1 alpha-2 country code
shippingPhoneStringNoRecipient phone
shippingAddressLine1StringNoStreet address line 1
shippingAddressLine2StringNoStreet address line 2
shippingAddressCityStringNoCity
shippingAddressStateStringNoState / region (ISO 3166-2 subdivision, e.g. NY)
shippingAddressPostalCodeStringNoPostal code

DeviceDataSchema

All fields optional. Used for device fingerprinting / fraud scoring.

FieldTypeDescription
deviceTypeDEVICE_TYPEDevice classification — see Enums
deviceBrowserStringBrowser identifier
deviceIdStringYour device identifier
deviceIpStringDevice IP address
deviceNameStringDevice name
deviceOSStringOperating system

UserDataSchema

End-user identity (distinct from billing). Required fields apply only when the user object is provided.

FieldTypeRequiredDescription
userFirstNameStringYesEnd-user first name
userLastNameStringYesEnd-user last name
userEmailStringYesEnd-user email
userAddressCountryCOUNTRY_ISO_2YesISO 3166-1 alpha-2 country code
userPhoneStringNoEnd-user phone
userBirthDateDateTimeISONoDate of birth
userLocaleStringNoLocale
userLegalIdentifierStringNoLegal identifier (e.g. tax/national ID)
userLegalIdentifierTypeStringNoType of the legal identifier
userAddressLine1StringNoStreet address line 1
userAddressLine2StringNoStreet address line 2
userAddressCityStringNoCity
userAddressStateStringNoState / region (ISO 3166-2 subdivision)
userAddressPostalCodeStringNoPostal code