Skip to content

HTTP

Synqpay API with JSON-RPC can operate over HTTP and HTTPS on the device's local network.
The service is served on the following ports:

  • HTTP: Port 8000
  • HTTPS: Port 8443

In both cases, the endpoint is /synqpay.

HTTPS Certificate

The server certificate is self-signed and issued by the Synqpay Root CA. Clients can either trust this certificate or disable verification to establish an HTTPS connection.

For more details and download links, see Synqpay Root CA Certificate.

Authorization

All API methods must be authenticated using an API key in the header api-key. The API key is obtained through a pairing process.

Hebrew / Arabic support

The Synqpay API supports UTF-8 encoding for all characters, including Hebrew and Arabic. It is highly recommended that each request include the header Content-Type: application/json; charset=utf-8.

CORS Support

Synqpay API supports Cross-Origin Resource Sharing (CORS) with the following settings:

  • Allowed Origin: The origin of the incoming request is allowed.
  • Supported Headers: Supports headers such as api-key and Content-Type.
  • Preflight Handling: OPTIONS (preflight) requests are processed correctly.
  • Max Age: Preflight responses are cached for 86400 seconds (24 hours).

Status Code

Synqpay HTTP and HTTPS servers support the following status codes:

Status Code Description
200 All JSON-RPC calls, regardless of success or error
401 Unauthorized access. Missing or invalid api-key (No response body)
404 Wrong endpoint

Working Locally

For client applications with limited access to native (Java/Kotlin) resources—such as those built with Flutter—Synqpay supports a special configuration. When enabled, this mode offers the following benefits:

  • Managed Interface:
    The Synqpay Service will automatically manage all necessary screens, eliminating the need for direct native integrations.

  • No Authentication Required:
    In local mode, the device is configured to accept requests only from localhost, so authentication is not needed.

  • Client Integration via SynqpaySDK:
    The client application must use the SynqpaySDK (see the SDK getting started guide) to connect to the Synqpay Service. This setup enables seamless communication over HTTP/HTTPS while leveraging the locally provided resources.

Examples

cURL

Run the following command in your terminal, replacing <DEVICE-IP> and <API-KEY> with your actual device IP and API key:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
curl http://<DEVICE-IP>:8000/synqpay \
-X POST
-H 'api-key: <API-KEY>' \
-H 'Content-Type: application/json; charset=utf-8' \
-d '{
    "jsonrpc": "2.0",
    "method": "getDeviceInfo",
    "id": "1234",
    "params": null
}'

Info

In Windows Powershell, quotations in curl commands can behave differently than expected. We recommend using Postman on Windows systems.

Postman

Call the JSON-RPC methods using Postman.

Click Run in Postman to fork the collection and make requests.

HTTP

Run In Postman

HTTPS

Run In Postman

Info

This collection includes an environment that needs to be activated and filled before executing methods. Ensure you fill in your device-ip and device-sn in the selected environment.

Warning

If the pairing process with Postman is performed, the device-key is filled automatically after authorization succeeds. If the pairing process was done outside Postman, the device-key must be manually filled out in the environment.