Accept recurring payments


Charges a specific AccountID using direct debit. A previously approved direct debit mandate must exist on the AccountID (see SelectAccount for details).

Request example

      "Signature":"f4ThjuMqbsdG6u ... S16VbzD4h==",
            "Email":"[email protected]",
  "method": "Charge",
  "params": {
    "Signature": "f4ThjuMqbsdG6u ... S16VbzD4h==",
    "UUID": "258a2184-2842-b485-25ca-293525152425",
    "Data": {
      "AccountID": "1234567890",
      "Amount": "25.00",
      "Attributes": {
        "PSPMerchant": "merchant_name",
        "PSPMerchantURL": "",
        "MerchantCategoryCode": "1234",
        "Email": "[email protected]",
        "ShopperStatement": "Trustly"
      "Currency": "SEK",
      "EndUserID": 12345,
      "MessageID": "your_unique_transaction_id",
      "NotificationURL": "https://URL_to_your_notification_service",
      "Password": "merchant_password",
      "Username": "merchant_username"
  "version": "1.1"

Request parameters

Parameter nameDescriptionReq.TypeExample
UsernameThe username.YesTextjoe
PasswordThe password.YesTextsecret
AccountIDThe AccountID received from an Account notification which shall be charged.YesText1234567890
NotificationURLThe URL to which notifications for this payment should be sent to. This URL should be hard to guess and not contain a ? ("question mark").YesText
EndUserIDID, username, hash or anything uniquely identifying the end-user being charged.

Preferably the same ID/username as used in the merchant's own backoffice in order to simplify for the merchant's support department.
MessageIDYour unique ID for the charge.YesText12345678
AmountThe amount to charge. See format in Handling currencies. Only digits. Use dot (.) as decimal separator.YesText98.02
CurrencyThe currency of the amount to charge.YesChar(3)SEK
AttributesAttributes for this method.YesHash{"ShopperStatement":"Flowers"}


Attribute nameDescriptionReq.TypeExample
ShopperStatementThe text to show on the end-user's bank statement as well as in end-user e-mail communication. On the bank statement, only the first seven characters (along with Trustly's reference) will be shown. Allowed characters: A-Z (both upper and lower case), 0-9, ".", "-", "_", " " (dot, dash, underscore, space).YesTextShopperstatement: "Sport Shop". Will result in "T Sport S xyz" in bank statement and "Sport Shop" in e-mails.
EmailThe email address of the end user.YesText[email protected]
PaymentDateThe date when the funds will be charged from the end user's bank account. If this attribute is not sent, the charge will be attempted as soon as possible.NoText2019-06-25
ExternalReferenceThe ExternalReference is a reference set by the merchant for any purpose and does not need to be unique for every API call. For example, it can be used for invoice references, OCR numbers and also for offering end users the option to part-pay an invoice using the same ExternalReference. The ExternalReference will be included in version 1.2 of the settlement report. See ViewAutomaticSettlementDetailsCSV.NoText32423534523
PSPMerchantHuman-readable identifier of the consumer-facing merchant (e.g. legal name or trade name)Yes*TextMerchant Ltd.
PSPMerchantURLURL of the consumer-facing website where the order is initiatedYes*
MerchantCategoryCodeVISA category codes describing the merchant's nature of business.Yes*Text5499


* PSPMerchant, PSPMerchantURL and MerchantCategoryCode

PSPMerchant, PSPMerchantURL and MerchantCategoryCode are mandatory attributes for Trustly Partners that are using Express Merchant Onboarding (EMO) and aggregate traffic under a master processing account.

Response example

   "signature":"QBuLx ... JDGM/GVq5EBaPnGmvxA=="

Response attributes

The returned result is a hash with the following attributes.

Hash keyDescriptionTypeExample
result1 if the charge was accepted for processing, 0 otherwise. Note that this is an acceptance of the order, no money has been charged from the account until you receive notifications thereof.Boolean1
orderidThe globally unique OrderID the charge order was assigned in our system, or null if the charge was not accepted. The order has no end-user interaction; it is merely used as a reference for the notifications delivered regarding the charge. See section "Notifications" below for details.BigInt7653345737
rejectedIf the charge was NOT accepted, a textual code describing the rejection reason, null otherwise. The possible rejected codes are:

ERROR_MANDATE_NOT_FOUND - the AccountID does not have an active mandate

ERROR_DIRECT_DEBIT_NOT_ALLOWED - Trustly Direct Debit is not enabled on the merchant's account in Trustly's system.

ERROR_ACCOUNT_NOT_FOUND - the specified AccountID does not exist.


The notifications delivered for Charge orders are as follows:

  1. Immediately after the Charge has been accepted for processing, a Pending notification is sent.
  2. If the Charge could not be processed, a Cancel notification is sent.
  3. Once the Charge has been successfully processed, a Credit notification is sent.

Error codes

These error codes can be returned for Charge calls. To handle errors, see Error handling.

The Charge method can also return a number of "rejected" messages. See rejected in Response attributes.

Error NumberError CodeDescription
602ERROR_FUNCTION_ACCESS_DENIEDThe merchant does not have access to this function.
607ERROR_HOST_ACCESS_DENIEDThe IP address of the merchant has not been added to Trustly's IP-whitelist.
615ERROR_INVALID_AMOUNTThe Amount is invalid. The amount must be > 0 with 2 decimals.
616ERROR_INVALID_CREDENTIALSThe username and/or password used in the API call is incorrect.
620ERROR_UNKNOWNThere could be several reasons for this error, please reach out to your Trustly contact for details.
623ERROR_INVALID_PARAMETERSSome value or parameter in the API call does not match the expected format.
636ERROR_UNABLE_TO_VERIFY_RSA_SIGNATUREThe signature could not be verified using the merchant's public key. Either the wrong private key was used to generate the signature, or the the data object used to create the signature was serialised incorrectly.
637ERROR_DUPLICATE_MESSAGE_IDThe MessageID has been used before.
638ERROR_ENDUSER_IS_BLOCKEDThe end-user that initiated the payment is blocked.
639ERROR_NO_PUBLIC_KEYNo public key has been configured for the merchant on Trustly's side.
642ERROR_INVALID_EMAILThe email attribute is missing or invalid (this is a requirement when using Trustly Direct Debit).
688ERROR_DUPLICATE_UUIDThis UUID has been used before.
696ERROR_ENDUSERID_IS_NULLThe EndUserID sent in the request is null
697ERROR_MESSAGEID_IS_NULLThe MessageID sent in the request is null
704ERROR_MALFORMED_MESSAGEIDThe MessageID sent in the request is malformed.
705ERROR_MALFORMED_NOTIFICATIONURLThe NotificationURL sent in the request is malformed. It must be a valid https address.
706ERROR_MALFORMED_ENDUSERIDThe EndUserID sent in the request is malformed.
712ERROR_DIRECT_DEBIT_NOT_ALLOWEDTrustly Direct Debit (TDD) is not enabled on the merchant's user in Trusty's system. If you want to use TDD, please reach out to your Trustly contact.
717ERROR_INVALID_ORDER_ATTRIBUTEOne or more attributes are sent with the incorrect value. Please reach out to your Trustly contact for more information.
718ERROR_DISABLED_USERThe merchant's user is disabled in Trustly's system.
734ERROR_NOT_SECURE_NOTIFICATIONURLThe NotificationURL must be using HTTPS, not plain HTTP.