Payments
Transactions, Refunds and Cancels
Use transaction endpoints for reconciliation, customer support and post-payment actions.
TransactionsRefundsCancels
Transaction endpoints
| Method | Endpoint | Purpose |
|---|---|---|
| GET | /transactions | List transactions with pagination and filters. |
| GET | /transactions/{id} | Retrieve one transaction. |
| POST | /transactions/{id}/refund | Create a full or partial refund. |
| POST | /transactions/{id}/cancel | Cancel a pending payment where cancellation is allowed. |
List transactions
true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $secretKey,
'Accept: application/json',
],
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo $response;
{
"success": true,
"data": [
{
"id": 6636598,
"trx": "NP-ORDER1001",
"status": "succeeded",
"amount": "15.99",
"currency": "GBP",
"created_at": "2026-04-22T02:37:11Z"
},
{
"id": 6636599,
"trx": "NP-ORDER1002",
"status": "pending",
"amount": "9.99",
"currency": "GBP",
"created_at": "2026-04-22T03:10:11Z"
}
]
}Retrieve one transaction
true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $secretKey,
'Accept: application/json',
],
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo $response;
{
"success": true,
"data": {
"id": 6636598,
"trx": "NP-ORDER1001",
"status": "succeeded",
"amount": "15.99",
"currency": "GBP",
"remark": "make_payment",
"created_at": "2026-04-22T02:37:11Z"
}
}Refund transaction
| Parameter | Type | Required | Description |
|---|---|---|---|
amount | decimal | Optional | Refund amount in major units. Omit for full refund where supported. |
reason | string | Optional | Use a short reason such as requested_by_customer. |
'POST',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $secretKey,
'Accept: application/json',
'Content-Type: application/json',
'X-NeroPay-Timestamp: ' . $timestamp,
'X-NeroPay-Signature: ' . $signature,
'Idempotency-Key: ' . bin2hex(random_bytes(16)),
],
CURLOPT_POSTFIELDS => $rawBody,
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo $response;
{
"success": true,
"data": {
"id": "rf_nero_123",
"transaction_id": 6636598,
"status": "succeeded",
"amount": "1.00",
"currency": "GBP"
}
}Cancel transaction
'POST',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $secretKey,
'Accept: application/json',
'Content-Type: application/json',
'X-NeroPay-Timestamp: ' . $timestamp,
'X-NeroPay-Signature: ' . $signature,
'Idempotency-Key: ' . bin2hex(random_bytes(16)),
],
CURLOPT_POSTFIELDS => $rawBody,
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo $response;
{
"success": true,
"data": {
"id": 6636599,
"status": "cancelled"
}
}| Code | When it happens | How to fix it |
|---|---|---|
authentication_failed | The bearer secret key is missing, incorrect or disabled. | Check the Authorization header and use a server-side secret key. |
invalid_signature | A signed write request has a missing or invalid timestamp/signature. | Generate the HMAC signature from timestamp + "." + rawBody. |
validation_failed | A required field is missing or a value is not valid. | Check the endpoint parameter table and send JSON with the correct types. |
resource_not_found | The id does not exist for the authenticated merchant or selected connected account. | Confirm the id and, for NeroConnect, the NeroPay-Account header. |
idempotency_conflict | The same idempotency key was reused with a different body. | Retry with the same request body or create a new idempotency key. |
account_not_found | The selected connected account is not assigned to the platform. | Use a valid public connected account id such as NPxxxx_12345. |