Skip to main content

Sessions

Client transaction sessions drive the payment UI flow. Your backend creates a session, passes its token to the frontend, and the customer completes the payment or adds a payment method using the provider's hosted UI. Once the customer is done, your backend verifies the session to get the final result.

AccruPay supports three session flows:

  • Payment session — charge a payment method
  • Add-payment-method session — store a payment method without charging
  • Authorization session — authorize (reserve) funds without capturing

Session fields

The following fields are returned by session queries and mutations.

FieldTypeDescription
idID!AccruPay session ID
tokenStringShort-lived token passed to the frontend/React SDK (nullable)
providerCodeString!Provider-assigned session reference
statusCLIENT_TRANSACTION_SESSION_STATUS!Current session status
kindCLIENT_TRANSACTION_SESSION_KIND!Whether the session was started from CLIENT or SERVER context
merchantInternalTransactionCodeStringYour own reference code for this session
transactions[MerchantTransaction!]Resulting transaction(s), available after verify
transactionProviderIdString!ID of the merchant-provider configuration used
createdAtDateTimeISO!When the session was created
updatedAtDateTimeISO!When the session was last updated
tokenExpiresAtDateTimeISOWhen the session will expire

merchantApiClientTransactionSessions — list sessions

Returns a paginated list of client transaction sessions.

Query

query ListSessions(
$take: Int
$skip: Int
$after: String
$first: Int
$providerStatus: CLIENT_TRANSACTION_SESSION_STATUS
$merchantInternalTransactionCode: String
) {
merchantApiClientTransactionSessions(
take: $take
skip: $skip
after: $after
first: $first
providerStatus: $providerStatus
merchantInternalTransactionCode: $merchantInternalTransactionCode
) {
edges {
node {
id
token
status
kind
merchantInternalTransactionCode
createdAt
tokenExpiresAt
}
cursor
}
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
}
totalCount
}
}

Filter parameters

ParameterTypeDescription
takeIntPage size for offset pagination
skipIntOffset for offset pagination
firstIntPage size for cursor pagination (forward)
afterStringCursor for forward pagination
providerStatusCLIENT_TRANSACTION_SESSION_STATUSFilter by session status
merchantInternalTransactionCodeStringFilter by your transaction reference

merchantApiClientTransactionSession — get one session

Fetch a single session by ID or by your internal transaction code.

Query

query GetSession(
$id: String
$merchantInternalTransactionCode: String
) {
merchantApiClientTransactionSession(
id: $id
merchantInternalTransactionCode: $merchantInternalTransactionCode
) {
id
token
providerCode
status
kind
merchantInternalTransactionCode
transactionProviderId
createdAt
updatedAt
tokenExpiresAt
transactions {
id
status
}
}
}

Identifiers

ParameterTypeDescription
idStringAccruPay session ID
merchantInternalTransactionCodeStringYour own transaction reference code

merchantApiClientTransactionSessionBaseConfig — fetch provider config

Returns the provider configuration needed to initialize a payment session on the frontend. Selected by provider (not by session). Return type MerchantClientTransactionSessionBaseConfig exposes provider and data (a provider-specific union).

Query

query GetSessionBaseConfig(
$merchantTransactionProviderId: String
$transactionProvider: TRANSACTION_PROVIDER
) {
merchantApiClientTransactionSessionBaseConfig(
merchantTransactionProviderId: $merchantTransactionProviderId
transactionProvider: $transactionProvider
) {
provider
data {
... on MerchantClientTransactionSessionNuveiBaseConfig {
env
merchantId
merchantSiteId
}
... on MerchantClientTransactionSessionGenericBaseConfig {
publicKey
}
}
}
}
ParameterTypeDescription
merchantTransactionProviderIdStringTarget a specific configured provider by its internal ID
transactionProviderTRANSACTION_PROVIDERAlternatively, select the provider by enum

Payment session mutations

merchantApiClientTransactionPaymentSessionStartV2 — start a payment session

Creates a new client payment session. Returns a session with a token to pass to the frontend.

Mutation

mutation StartPaymentSession(
$transactionProvider: TRANSACTION_PROVIDER!
$data: MerchantApiClientTransactionPaymentSessionStartSchema!
) {
merchantApiClientTransactionPaymentSessionStartV2(
transactionProvider: $transactionProvider
data: $data
) {
id
token
providerCode
status
merchantInternalTransactionCode
tokenExpiresAt
}
}

Variables

{
"transactionProvider": "YOUR_PROVIDER",
"data": {
"amount": 10000,
"currency": "USD",
"merchantInternalTransactionCode": "order-001",
"merchantInternalCustomerCode": "customer-456",
"storePaymentMethod": false,
"billing": {
"billingFirstName": "Jane",
"billingLastName": "Smith",
"billingEmail": "jane@example.com",
"billingPhone": "+15555550100",
"billingAddressLine1": "123 Main St",
"billingAddressCity": "New York",
"billingAddressState": "NY",
"billingAddressPostalCode": "10001",
"billingAddressCountry": "US"
}
}
}

curl example

curl -X POST https://api.pay.accru.co/graphql \
-H "Content-Type: application/json" \
-H "accrupay-api-secret: YOUR_SECRET" \
-d '{
"query": "mutation StartPaymentSession($transactionProvider: TRANSACTION_PROVIDER!, $data: MerchantApiClientTransactionPaymentSessionStartSchema!) { merchantApiClientTransactionPaymentSessionStartV2(transactionProvider: $transactionProvider, data: $data) { id token providerCode status tokenExpiresAt } }",
"variables": {
"transactionProvider": "YOUR_PROVIDER",
"data": {
"amount": 10000,
"currency": "USD",
"merchantInternalTransactionCode": "order-001",
"merchantInternalCustomerCode": "customer-456",
"storePaymentMethod": false,
"billing": {
"billingFirstName": "Jane",
"billingLastName": "Smith",
"billingEmail": "jane@example.com",
"billingAddressCountry": "US"
}
}
}
}'

Input schema

FieldTypeRequiredDescription
amountBigInt!YesPayment amount in minor currency units
currencyCURRENCY!YesISO 4217 currency code
merchantInternalTransactionCodeString!YesYour unique reference for this transaction
merchantInternalCustomerCodeStringNoYour reference for the customer
storePaymentMethodBoolean!YesWhether to store the payment method for future use
customerMerchantCustomerSelectorNoCustomer selector. When provided, merchantInternalCustomerCode is required within it.
billing.billingFirstNameStringYesBilling first name
billing.billingLastNameStringYesBilling last name
billing.billingEmailStringYesBilling email
billing.billingAddressCountryCOUNTRY_ISO_2YesBilling country
billing.billingPhoneStringNoBilling phone number
billing.billingAddressLine1StringNoBilling street address line 1
billing.billingAddressLine2StringNoBilling street address line 2
billing.billingAddressCityStringNoBilling city
billing.billingAddressStateStringNoBilling state or region
billing.billingAddressPostalCodeStringNoBilling postal code

The session-start input also accepts optional shipping, device, and user objects — see Optional input objects.


merchantApiClientTransactionPaymentSessionVerify — verify a payment session

Verifies a completed payment session and returns the resulting transaction. Call this from your backend after the customer completes the payment UI.

Mutation

mutation VerifyPaymentSession(
$id: String
$token: String
$providerCode: String
$merchantInternalTransactionCode: String
) {
merchantApiClientTransactionPaymentSessionVerify(
id: $id
token: $token
providerCode: $providerCode
merchantInternalTransactionCode: $merchantInternalTransactionCode
) {
id
status
action
amount
currency
paymentMethodType
providerCode
providerError
transactionError
createdAt
updatedAt
}
}

Identifiers

ParameterTypeDescription
idStringAccruPay session ID
tokenStringSession token (from the start mutation response)
providerCodeStringProvider-assigned session reference
merchantInternalTransactionCodeStringYour own transaction reference code
warning

merchantApiClientTransactionPaymentSessionVerify returns a Transaction, not a session. After calling this mutation, check the transaction's status field to determine whether the payment succeeded.


Add-payment-method session mutations

Use these to store a payment method without charging it.

merchantApiClientTransactionAddPaymentMethodSessionStart

mutation StartAddPaymentMethodSession(
$transactionProvider: TRANSACTION_PROVIDER!
$data: MerchantApiClientTransactionAddPaymentMethodSessionStartSchema!
) {
merchantApiClientTransactionAddPaymentMethodSessionStart(
transactionProvider: $transactionProvider
data: $data
) {
id
token
providerCode
status
merchantInternalTransactionCode
tokenExpiresAt
}
}

Input schema

FieldTypeRequiredDescription
currencyCURRENCY!YesCurrency for the session
merchantInternalTransactionCodeString!YesYour unique reference for this operation
merchantInternalCustomerCodeStringNoYour reference for the customer
billing.billingFirstNameStringYesBilling first name
billing.billingLastNameStringYesBilling last name
billing.billingEmailStringYesBilling email
billing.billingAddressCountryCOUNTRY_ISO_2YesBilling country

merchantApiClientTransactionAddPaymentMethodSessionVerify

mutation VerifyAddPaymentMethodSession(
$id: String
$token: String
$providerCode: String
$merchantInternalTransactionCode: String
) {
merchantApiClientTransactionAddPaymentMethodSessionVerify(
id: $id
token: $token
providerCode: $providerCode
merchantInternalTransactionCode: $merchantInternalTransactionCode
) {
id
status
action
providerCode
createdAt
updatedAt
}
}

Identifiers are the same four as the payment session verify mutation. Returns a Transaction with action: ADD_PAYMENT_METHOD.

warning

As with payment session verify, this returns a Transaction — not a payment method object. To retrieve the stored payment method, query merchantApiCustomerPaymentMethods filtered by merchantInternalCustomerCode after a successful verify.


Authorization session mutations

Use these to authorize (reserve) funds without capturing them immediately.

merchantApiClientTransactionAuthorizationSessionStart

mutation StartAuthorizationSession(
$transactionProvider: TRANSACTION_PROVIDER!
$data: MerchantApiClientTransactionAuthorizationSessionStartSchema!
) {
merchantApiClientTransactionAuthorizationSessionStart(
transactionProvider: $transactionProvider
data: $data
) {
session {
id
token
providerCode
status
merchantInternalTransactionCode
tokenExpiresAt
}
}
}

Returns a MerchantClientTransactionSessionContext — the session (with its token) is under session. The input schema is the same as the payment session start schema; amount and currency are required.

merchantApiClientTransactionAuthorizationSessionVerify

mutation VerifyAuthorizationSession(
$id: String
$token: String
$providerCode: String
$merchantInternalTransactionCode: String
) {
merchantApiClientTransactionAuthorizationSessionVerify(
id: $id
token: $token
providerCode: $providerCode
merchantInternalTransactionCode: $merchantInternalTransactionCode
) {
session {
id
status
}
transactions {
id
action
status
amount
currency
providerCode
}
}
}

Returns a MerchantClientTransactionSessionContext. The authorization transaction(s) are under transactions (each with action: AUTHORIZATION). Capture the authorized amount with a separate settle operation.

warning

Authorization session verify returns a MerchantClientTransactionSessionContext, not a flat transaction. The authorization transaction(s) are under transactions (each with action: AUTHORIZATION) — check their status before proceeding to capture.


Client Public API

These operations do not require the accrupay-api-secret header. They are used by the React SDK and frontend code to read session data without exposing your secret.

clientPublicTransactionSession — get session by ID

Returns MerchantClientPublicTransactionSessionData: the resolved provider, the transactionSession, and the provider baseConfig.

query GetPublicSession($merchantPublicId: String!, $transactionSessionId: String!) {
clientPublicTransactionSession(
merchantPublicId: $merchantPublicId
transactionSessionId: $transactionSessionId
) {
provider
transactionSession {
id
status
kind
token
tokenExpiresAt
}
}
}
ParameterTypeRequiredDescription
merchantPublicIdString!YesYour merchant public ID (safe for frontend use)
transactionSessionIdString!YesSession ID from the start mutation
note

baseConfig on this type is MerchantClientTransactionSessionBaseConfigData, a provider-specific union (generic or Nuvei). Select it with inline fragments, or use the dedicated clientPublicTransactionSessionBaseConfig query below.

clientPublicTransactionSessionBaseConfig — get provider config

Returns the provider-specific configuration needed to initialize the payment UI. The React SDK calls this automatically. Return type MerchantClientTransactionSessionBaseConfig exposes provider and data (a provider-specific union).

query GetPublicSessionBaseConfig(
$merchantPublicId: String!
$transactionSessionId: String
$transactionProvider: TRANSACTION_PROVIDER
) {
clientPublicTransactionSessionBaseConfig(
merchantPublicId: $merchantPublicId
transactionSessionId: $transactionSessionId
transactionProvider: $transactionProvider
) {
provider
data {
# provider-specific union — select with inline fragments
... on MerchantClientTransactionSessionNuveiBaseConfig {
env
merchantId
merchantSiteId
}
... on MerchantClientTransactionSessionGenericBaseConfig {
publicKey
}
}
}
}
ParameterTypeRequiredDescription
merchantPublicIdString!YesYour merchant public ID (safe for frontend use)
transactionSessionIdStringNoSession ID from the start mutation
transactionProviderTRANSACTION_PROVIDERNoTarget a specific provider's config
note

These Client Public API queries use merchantPublicId instead of the accrupay-api-secret header. The public ID is safe to embed in browser code. Never expose your API secret to the frontend.