Withdraw
Introduction
Initiates a new withdrawal, returning the URL where the end-user can complete the withdrawal process.
You can find more information about how to display the Trustly URL here.
A typical withdrawal flow is:
- The merchant sends a Withdraw API call and receives a URL back from Trustly's API.
- The merchant displays the Trustly URL to the end-user (you can find more information about how to display the Trustly URL here).
- The end-user selects the amount to withdraw and provides his/her bank account details.
- If the Withdrawal process is not completed, a cancel notification is sent.
- When the end-user has completed the withdrawal process using the Trustly URL, Trustly sends a debit notification to the merchant's
NotificationURL. The merchant should try to deduct the specified amount from the end-user's balance in the merchant's system.- If the merchant is able to deduct the amount from the user's balance, the debit notification response should be sent with "status" : "OK".
- If the merchant is NOT able to deduct the amount from the user's balance, the debit notification response should be sent with "status" : "FAILED". The withdrawal is then aborted on Trustly's side and an error message is shown to the end-user. A cancel notification is sent to the merchant.
- (Optional) An account notification is sent to provide the merchant with more information about the account that was selected by the end user. This notification is not enabled by default, please reach out to your Trustly contact if you want to receive it. This information can be used by the merchant to determine if the Withdrawal should be approved or not (see next step).
- If manual approval is required, Trustly does nothing with the withdrawal request until it has been approved or denied by the merchant with ApproveWithdrawal / DenyWithdrawal (it is also possible for the merchant to approve or deny the withdrawal in Trustly's backoffice). Auto-approval can be enabled if requested.
- If DenyWithdrawal is sent, the withdrawal is aborted on Trustly's side and a cancel and credit notification is sent to the merchant.
- If the Withdrawal is approved, Trustly will process the withdrawal.
- (Optional) A Payout confirmation notification is sent to the merchant when the transfer has been confirmed. Note: this notification is not enabled by default. Please speak to your Trustly contact if you want to have it enabled.
- If the withdrawal fails, Trustly will send a credit notification and a cancel notification (see more details below under "Failed Withdrawals").
Request parameters
| Parameter name | Description | Required | Type | Example |
|---|---|---|---|---|
| Username | The username. | Yes | Text | joe |
| Password | The password. | Yes | Text | secret |
| NotificationURL | The URL to which notifications for this payment should be sent to. This URL should be hard to guess and not contain a ? ("question mark"). | Yes | Text | https://www.joe.com/Trustly/ Notify/a2b63j23d |
| EndUserID | ID, username, hash or anything uniquely identifying the end-user requesting the withdrawal. Preferably the same ID/username as used in the merchant's own backoffice in order to simplify for the merchant's support department. | Yes | Text | 123123 |
| MessageID | Your unique ID for the withdrawal. | Yes | Text | 12345678 |
| Currency | The currency of the end-user's account in the merchant's system. | Yes | Text | SEK |
| Attributes | Optional attributes for this method. | Yes | Object | { "Locale": "sv_SE" } |
The parameter Attributes is a JSON object. New attributes may be added in future versions of the API but existing attributes will never be removed.
Attributes
| Attribute name | Description | Required | Type | Example |
|---|---|---|---|---|
| Firstname | The end-user's first name. Some banks require the recipients name. | Yes | Text | Steve |
| Lastname | The end-user's last name. Some banks require the recipients name. | Yes | Text | Smith |
| Country | The ISO 3166-1-alpha-2 code of the end-user's country. This will be used for preselecting the correct country for the end-user in the iframe. Note: This will only have an effect for new end-users. If an end-user has done a previous order (with the same EndUserID), the country that was last used will be pre-selected. | Yes | Text | SE |
| Locale | The end-users localization preference in the format [language[_territory]]. Language is the ISO 639-1 code and territory the ISO 3166-1-alpha-2 code. This will be used to pre-select the language in the trustly iframe. | Yes | Text | en_US |
| SuccessURL | The URL to which the end-user should be redirected after a successful withdrawal. Do not put any logic on that page since it's not guaranteed that the end-user will in fact visit it. | Yes | Text | https://trustly.com/ thank_you.html |
| FailURL | The URL to which the end-user should be redirected after a failed withdrawal. Do not put any logic on that page since it's not guaranteed that the end-user will in fact visit it. | Yes | Text | https://trustly.com/ payment_error.html |
| ShopperStatement | The text to show on the end-user's bank statement after Trustly's own 10 digit reference (which always will be displayed first). The reference must let the end user identify the merchant based on this value. So the ShopperStatement should contain either your brand name, website name, or company name.If possible, try to keep this text as short as possible to maximise the chance that the full reference will fit into the reference field on the customer's bank since some banks allow only a limited number of characters. If the full ShopperStatement does not fit into the reference it will be truncated from the end. | Yes | Text | MyBrand.com |
| The email address of the end user. | No | Text | [email protected] | |
| DateOfBirth | The date of birth of the end user. | No | Text | 1990-01-20 |
| SuggestedAmount | Sets a fixed withdrawal amount which cannot be changed by the end-user in the Trustly iframe. If this attribute is not sent, the end-user will be asked to select the withdrawal amount in the Trustly iframe. Do not use in combination with SuggestedMinAmount and SuggestedMaxAmount. Use dot (.) as decimal separator. | No | Text | 100.00 |
| SuggestedMinAmount | The minimum amount the end-user is allowed to withdraw in the currency specified by Currency. Only digits. Use dot (.) as decimal separator. | No | Text | 5.00 |
| SuggestedMaxAmount | The maximum amount the end-user is allowed to withdraw in the currency specified by Currency. Only digits. Use dot (.) as decimal separator. | No | Text | 500.00 |
| IP | The IP-address of the end-user. | No | Text | 83.140.44.184 |
| TemplateURL | The TemplateURL should be used if you want to design your own payment page but have it hosted on Trustly's side. The URL of your template page should be provided in this attribute in every Deposit API call. | No | Text | https://example.org/ withdraw_trustly.html |
| URLTarget | The html target/framename of the SuccessURL. Only _top, _self and _parent are supported. | No | Text | _top |
| MobilePhone | The mobile phone number to the end-user in international format. This is used for KYC and AML routines. | No | Text | +46709876543 |
| NationalIdentification Number | The end-user's social security number / personal number / birth number / etc. Useful for some banks for identifying transactions and KYC/AML. If a Swedish personid ("personnummer") is provided, it will be pre-filled when the user logs in to their bank. | No | Text | 790131-1234 |
| UnchangeableNational IdentificationNumber | This attribute disables the possibility to change/type in national identification number when logging in to a Swedish bank. If this attribute is sent, the attribute NationalIdentificationNumber needs to be correctly included in the request. Note: This is only available for Swedish banks. | No | Text | 1 |
| AddressCountry | The ISO 3166-1-alpha-2 code of the address country. Required attribute for merchants who are sending physical goods to customers. | No | Text | SE |
| AddressPostalCode | Postal code of the end user. | No | Text | SE-11253 |
| AddressCity | City of the end user. | No | Text | Stockholm |
| AddressLine1 | Street address of the end user. | No | Text | Main street 1 |
| AddressLine2 | Additional address information of the end user. | No | Text | Apartment 123, 2 stairs up |
| Address | The entire address of the end user. This attribute should only be used if you are unable to provide the address information in the 5 separate attributes above (AddressCountry, AddressPostalCode, AddressCity, AddressLine1 and AddressLine2). | No | Text | Birgerstreet 14, SE-11411 Stockholm, Sweden |
| [DEPRECATED, see ReturnToAppURL instead] URLScheme | Please note that when rendering the Trustly Checkout from a native app you are required to pass your application's URLScheme as an attribute to the order initiation request. By doing so, Trustly can redirect users back to your app after using external identification apps such as Mobile BankID. Please visit this link for more info. It must not be included for transactions that are not originating from an app | No | Text | yourCustomURLScheme:// |
| ReturnToAppURL | When rendering the Trustly Checkout in a native app you are required to pass your application's url as an attribute to the order initiation request. By doing so, Trustly can redirect users back to your app after using external identification apps such as Mobile BankID: Please visit this link for more info. It must not be included for transactions that are not originating from an app. NOTE! This value is only used for redirecting users back to the native app within the flows. See also SuccessURL and FailURL descriptions. | No | Text | yourCustomAppURL:// |
| ExternalReference | The ExternalReference is a reference set by the merchant for any purpose and does not need to be unique for every API call. The ExternalReference will be included in version 1.2 of the settlement report, ViewAutomaticSettlementDetailsCSV. | No | Text | 23423525234 |
| PSPMerchant | Human-readable identifier of the consumer-facing merchant (e.g. legal name or trade name) | Yes* | Text | Merchant Ltd. |
| PSPMerchantURL | URL of the consumer-facing website where the order is initiated | Yes* | Text | www.merchant.com |
| MerchantCategoryCode | VISA category codes describing the merchant's nature of business. | Yes* | Text | 5499 |
| SenderInformation | Information about the Payer (ultimate debtor). ** Mandatory for certain types of merchants and partners (see more information below). | Yes** | Object | {"Firstname": "Steve"...} |
* PSPMerchant, PSPMerchantURL and MerchantCategoryCode
PSPMerchant, PSPMerchantURL and MerchantCategoryCode** are mandatory attributes for Trustly Partners that are using Express Merchant Onboarding (EMO) and aggregate traffic under a master processing account.
** SenderInformation
SenderInformation{} is mandatory to send in Attributes{} for money transfer services (including remittance houses), e-wallets, prepaid cards, as well as for Trustly Partners that are using Express Merchant Onboarding and aggregate traffic under a master processing account (other cases may also apply).
SenderInformation attributes
The parameters to SenderInformation{} are:
| Name | Description | Required | Type | Example |
|---|---|---|---|---|
| Partytype | Partytype can be "PERSON" or "ORGANISATION" (if the ultimate debtor is an organization/company). | Yes | Text | PERSON |
| Address | The Payer's address | Yes | Text | Street 1, 12345 Barcelona |
| CountryCode | The ISO 3166-1-alpha-2 code of the Payer's country. | Yes | Text | SE |
| Firstname | First name of the person (or the name of the organization) | Yes | Text | Steve |
| Lastname | Last name of the person (empty for organization) | Yes | Text | Smith |
| CustomerID | Payment account number or an alternative consistent unique identifier which allows to identify the Payer in the system of the PSP of the Payer. Note: this is not a transaction ID or similar. This identifier must stay consistent across all transactions relating to this Payer. | No | Text | 123456789 |
| DateOfBirth | Date of birth for the person (YYYY-MM-DD) or organizational number for the organization | No | Text | 1990-03-31 |
Response
The result returned is a JSON object with the following elements:
| Hash key | Description | Type | Example |
|---|---|---|---|
| orderid | The globally unique OrderID of the withdrawal that was assigned in our system. | Text | 7653345123 |
| url | The Trustly URL to be displayed to the end-user. | Text | https://checkout.trustly.com/checkout?OrderID=1234567890&SessionID=... |
Request and Response examples
{
"method": "Withdraw",
"params": {
"Signature": "S9+hjuMqbsH0Ku ... S16VbzRsw==",
"UUID": "258a2184-2842-b485-25ca-293525152425",
"Data": {
"Username": "merchant_username",
"Password": "merchant_password",
"NotificationURL": "https://URL_to_your_notification_service",
"EndUserID": "12345",
"MessageID": "your_unique_withdrawal_id",
"Currency": "SEK",
"Attributes": {
"Country": "SE",
"Locale": "sv_SE",
"IP": "83.140.44.184",
"MobilePhone": "+46709876543",
"Firstname": "Steve",
"Lastname": "Smith",
"Email": "[email protected]",
"DateOfBirth": "1990-01-20",
"NationalIdentificationNumber": "790131-1234",
"SuccessURL": "https://yourpage.com/success",
"FailURL": "https://yourpage.com/fail",
"AddressCountry": "SE",
"AddressPostalCode": "SE-11253",
"AddressCity": "Stockholm",
"AddressLine1": "Main street 1"
}
}
},
"version": "1.1"
}
{
"result": {
"signature": "F7jhjuMqbsD4ju ... S16VbzdR1==",
"uuid": "258a2184-2842-b485-25ca-293525152425",
"method": "Withdraw",
"data": {
"orderid": "2190971587",
"url": "https://checkout.trustly.com/checkout?OrderID=1234567890&SessionID=..."
}
},
"version": "1.1"
}
Failed withdrawals
In case an error occurs when processing the withdrawal, a credit notification will be sent to the provided NotificationURL so that the merchant can flag the withdrawal as failed in their system. And in case the end-user holds a balance on the merchant's system, the amount specified in the credit notification should be credited back to the end user's balance. Note that the credit notification will be sent AFTER the withdrawal has been successfully approved (either automatically or by sending ApproveWithdrawal .
There are 2 main reasons why a Withdrawal can fail after being approved:
- There are not enough funds on the merchant's Trustly account. In this case the credit notification will be sent immediately after the withdrawal has been approved.
- The funds are sent to the end user's bank account, but then later Trustly is notified by the bank that the transfer failed, for example if the recipient's bank account has been closed. This is usually very uncommon, but if it happens the credit notification can be sent several days after the Withdrawal has been approved.
In case something is wrong in the Withdrawal API call itself, you will receive a synchronous API error code. A list of the most common error codes can be found here.
Updated 5 months ago