All APIs provided by NeoX are RESTful.
Authentication mechanism: OAuth 2.0 Bearer Token.
How to do it: call the API authenPlatform endpoint to obtain an access_token, then pass it in the Authorization header of every other call:
Authorization: Bearer <access_token>Every Global Collections endpoint is documented relative to a base URL placeholder:
https://{base_url_openapi}/v2/gc/<path>{base_url_openapi} is provided by NeoX per environment (sandbox / production). All Global Collections endpoints live under the /v2/gc/ namespace.
Authorization
Yes
Bearer <access_token> from the authenPlatform API.
Content-Type
Yes
application/json (or multipart/form-data for file upload).
Accept-Language
No
Response language. Supported values: vi, en. Default en.
Every Global Collections API returns the same envelope. Endpoint-specific data is always carried inside data.
state
number
State of the response.
data
object
Endpoint-specific payload.
message
string
Response message.
neoResponseId
string
Unique NeoX response identifier.
A successful response uses code = 1, state = 2, message = "Successful".
Every create/initiate request carries a merchant-generated requestId (UUID recommended).
NeoX de-duplicates on requestId: re-sending the same requestId returns the result of the original operation instead of creating a duplicate.
Always generate a fresh requestId for a genuinely new operation, and reuse the same requestId when retrying or polling the same operation.
Asynchronous events are delivered as webhooks (see Event Notification). Each webhook payload includes a secureHash field that the Merchant must verify with the Secret Key configured on the Merchant Portal before trusting the payload.
Last updated
Was this helpful?
Was this helpful?