The user submits information to the AE CardAPI in a name/value pair format via GET/POST methods using HTTPS. The POST method should be used when there may be input data containing reserved characters. The CardAPI employs the standard “GET” method for passing data to the system, thus URL encoding is required. AE CardAPI also uses XML to respond to certain requests. Some of the API calls can return multiple rows of data; therefore, they can be better displayed using XML. The AE CardAPI receives messages as if they came from a Web browser. The interface between the User and the AE CardAPI is the standard HTTPS/1.0 HTTPS/1.1 using Secure Sockets Layer (SSL) encryption.
For each session (request), this interface will accept, process, and return a response before another request is accepted
Prod requests are sent to: https://api.m2fin.com:8443/AuthENGINAPI/AuthENGINAPI?
UAT requests are sent to: https://uatapi.m2fin.com:8443/AuthENGINAPI/AuthENGINAPI?
Wallet API (multicurrency) calls use the same URLs but use port 9000 instead of 8443.
IP Filtering: AE CardAPI services are accessible only to a permitted range of source IP addresses that need to be agreed beforehand with Digital Payments Group.