PCI Subscription Creation Endpoint
The PCI flow is available only to merchants who have achieved PCI compliance and can securely handle credit card information.
Endpoint
POST https://cc-api-stg.directa24.com/v3/subscriptions
Process
Merchant collects payment details directly from customer
Merchant submits complete subscription request including credit card data
System processes payment and creates subscription immediately
API returns subscription confirmation directly in the response
This endpoint allows PCI merchants to create a new subscription with direct credit card details.
Media type of the body sent to the API.
application/jsonISO8601 Datetime with Timezone (yyyy-MM-dd'T'HH:mm:ssZ)
Merchant X-Login API Key.
Authorization control hash.
Unique idempotency key for ensuring that the same request is not processed more than once.
Unique identifier for the invoice
INV123456Amount to be charged for the subscription
70Three-letter currency code (ISO 4217)
BRLTwo-letter country code (ISO 3166-1 alpha-2)
BRDescription of the subscription
Premium SubscriptionIP address of the client
192.168.1.1URL to redirect after payment process
https://example.com/backURL to redirect after successful payment
https://example.com/successURL to redirect after failed payment
https://example.com/errorURL to send payment status notifications
https://example.com/notifyPOST /v3/subscriptions HTTP/1.1
Host: cc-api-stg.directa24.com
Content-Type: application/json
X-Date: 2025-06-26T07:35:38.481Z
X-Login: text
Authorization: text
Accept: */*
Content-Length: 680
{
"invoice_id": "INV123456",
"amount": 70,
"currency": "BRL",
"country": "BR",
"payer": {
"id": "PAYER123",
"document": 123456789,
"document_type": "CPF",
"email": "[email protected]",
"first_name": "Roberto",
"last_name": "Carlos"
},
"description": "Premium Subscription",
"subscription": {
"start_date": "2025-01-01",
"plan": "MONTHLY",
"plan_unit": 1,
"auto_renewal": false
},
"credit_card": {
"cvv": "123",
"card_number": "4111111111111111",
"expiration_month": "12",
"expiration_year": "25",
"holder_name": "John Doe"
},
"client_ip": "192.168.1.1",
"back_url": "https://example.com/back",
"success_url": "https://example.com/success",
"error_url": "https://example.com/error",
"notification_url": "https://example.com/notify"
}{
"subscription_id": 358
}Successful Response Structure
subscription_id
Integer
Unique identifier of the created subscription
1234
Example response
{
"subscription_id": 358
}Error Response Structure
code
Integer
Error code indicating the type of error
400
description
String
Human-readable description of the error
"Invalid input data"
type
String
Machine-readable error type identifier
"VALIDATION_ERROR"
Bad Request - Invalid input data
{
"code": 400,
"description": "Invalid input data",
"type": "VALIDATION_ERROR"
}Unprocessable Entity - Validation error
{
"code": 422,
"description": "Validation error",
"type": "VALIDATION_ERROR"
}Service Unavailable - Error creating subscription
{
"code": 503,
"description": "Error creating subscription",
"type": "SERVICE_ERROR"
}Subscription Plans
The following subscription frequencies are supported:
DAILY
Recurring billing every day
WEEKLY
Recurring billing every week
MONTHLY
Recurring billing every month
ANNUALLY
Recurring billing every year
Tests in STG Environment.
To test the Subscriptions API in the staging environment, use the parameter plan with the value TEST inside the subscription[] object when calling either the OneShot or PCI endpoints.
This triggers simulated deposits every minute, along with the corresponding webhook events, so you can quickly verify the full subscription lifecycle.
The number of deposits generated depends on the value of the plan_unit parameter, making it easy to observe the expected behavior in just a few minutes.
Last updated
Was this helpful?