DropPay for Developers¶
...and for who will possibly hire a developer in a near future...¶
If you landed here we expect you to be a developer or someone else who is all the same interested in knowing what DropPay can offer to extend product and services and might want to integrate its API to collect payments.
Welcome, you are however in the right place.
Here you can get familiar with DropPay's services and products from a developer point of view and, more peculiarly, from your application's perspective.
Choose a knowledge area you would like to explore among the boxes here below, they are enough independent to let you get in deep of DropPay features, or keep on reading this page to have a very quick introduction.
- Quick Start - Go through an API based simple payment example.
- Security - How DropPay guarantees Users and Apps communications and access permissions.
- API Reference - The complete API technical docs collection.
POS - Checkout
If you're looking for a quick & easy way to collect payments from your web site, don't read further and jump directly to DropPay POS Checkout page and learn how to get paid without setting up a full DropPay Application integration.
Conversely, if you need to build an app mixing different APIs (i.e. Shop, Bank, etc..) a fully integrated Application is required.
Users and Accounts¶
We call DropPay users, or simply users, those subscribers who are owner of at least one DropPay Account, and can access and operate on it through our DropPay mobile app (iOS and Android) and our DropPay Secure websites.
Users must connect application and accounts¶
Users may want to endorse your application to connect their DropPay Account so that the application can read or write data, initiate payment procedures, initiate money transfers or whatever DropPay API enables your application to run.
Without the user's grant your application will be unable to perform any actions against the user's account. Read the Security section of this site to get in deep on DropPay security model.
Users are always in control: Connections, Permissions and Authorizations¶
Users can anytime revoke the grant (Connection) they provided to your application and, in addiction, they will always be asked by DropPay to explicitly authorize critical operations such:
- money transfers
That is, from the user's point of view, an application could have asked him to connect his account but initiating a money transfer or any other financial operation must be enabled by a specific Permission.
Connection enables applications to consume DropPay API presenting requests as they were performed by user, account connected tuple, Permissions, on the other hand, enables applications to effectively settle payments or money transfers within the declared scope of their limits.
Permissions stand between Applications an Account Owners
Authorizations, finally, enable an Account Owner, who's using any DropPay Application, to perform financial operations against an Account of another DropPay User who is approving it with his Secret PIN.
Authorizations stand between Applications an Account Owners
Two Factor Authentication
Critical operations' authorization is always performed through DropPay mobile app (installed in your smartphone) acting as second authentication factor.
Please read carefully the Security section of this site to be confident on dealing with security requirements and issues.
Applications are any computer software program able to communicate on Internet with the DropPay's API central domain at the following URL
Your application can be any of the following
- a web site
- a mobile app
- a desktop application
- a browser plugin
- a server enterprise solution
- a simple script
- an embedded system
- a... thing
Register your application¶
Whatever your app is, DropPay must be informed about, before you can run any API access.
You must accomplish that preliminary task through DropPay Secure Developer area.
That means that you must be a DropPay User in order to register a new application. Every application's owner is a DropPay User.
For Business Accounts only
At the time being registering applications is possible only for DropPay Users that are owners of a DropPay Business Account.
Application credentials and scope¶
Every application you register will be provided with a couple of credentials (App Key and App Secret) and an access Scope.
Credentials are used by DropPay to identify your application while the
value defines the set of resources and operations your app can access.
In other words, a service resides within a specific scope as well as the applications that wants to consume that service.
Without the DropPay user's grant your application will be unable to perform any actions against the user's account. Application credentials are not sufficient.
Learn how to consume DropPay services reading our API Reference.
DropPay recognizes as a Developer a DropPay User who registers at least one Application from within the User's reserved area of DropPay web site.
Not a DropPay User yet?
The Developer Secure Area¶
The Developer Secure Area is a special section of DropPay Secure website. Go to secure.drop-pay.com where Users can
- manage their own applications
- get usage reports for active applications
- add developers as collaborators for a specific application (Team Developers)
When you're a Business Account owner you can create DropPay Applications and consider yourself a DropPay Developer. Awesome, but what if you're missing technical skills to actually build your app? Hire a developer and invite him to collaborate as Team Developer.
Account credentials are safe
Your own DropPay credentials won't ever be revealed to a Team Developer who will be provided with an authorization code to access API on behalf of you, instead.