Skip to content

General Information


  • All messages are sent via HTTPS as POST or GET requests. The data is sent in JSON-format.

  • In all responses sent to the client, data will also be sent as JSON-string.

  • All fields in requests and responses are strings.

  • When calling the service, the first part of the path of the address is a reference to the customer (/$customer/). The second part is used for selecting the action to be performed. The options are “createToken” and “pay”, for example.

  • Address of our test installation with test accounts:

  • An example of a complete address:

Return Codes

The value returned in the field “returnCode” is a general value defined by SIHOT.PMS and does not depend on the service provider. There is a mapping to self-defined return codes, to facilitate the integration of different service provider.

Return code Description
0 Success
1 transaction declined
2 Transaction declined because of security reasons
3 Provider messages to call the card issuer
4 Request data is invalid or missing
5 System error
6 Configuration error
7 The called function is not implemented
-1 Un-Categorized or unknown error

The fields "returnText", "returnCodeSP" and "returnTextSP" are only send if "returnCode" is not "0".

Property identification

The property itself is derived from the URL and the $customer however additionally each request sent to the tokenizer has to contain an ID for the property identification. E.g. in case

hotelID Property identification in SIHOT.PMS or any other system Mandatory
hotelIDType Name or type of the sending system Mandatory for all systems but SIHOT.PMS


Card Types are transmitted in both variants. The inner representation within SIHOT (numerical) (cardType) as well as the according to the definition of the Payment Provider (cardTypeCode). The cardTypeCodes will have to be provided by the Payment Provider and mapped within the SIHOT installation.

Within the cardType field the following values are available:

  • americanExpress = "1"
  • dinersClub = "2"
  • masterCard = "3"
  • visa = "4"
  • discover = "5"
  • jcb = "6"
  • enRoute = "7"
  • ecCard = "8"
  • red6000 = "9"
  • vierB = "10"
  • other = "11"
  • jelmoli = "12"
  • vPay = "13"
  • unionPay = "14"
  • mirrussia = "15"
  • eftpos = "16"

Service providers

The service provider is a string value configuration of the SIHOT.PAYENGINE. Typically, it refers to the name of the payment provider configured in the backend, however, may differ if 2 different backend need to be configured for the same payment provider. This is e.g., the case if MOTO (mail and telephone order) transactions as well as the eCommerce transactions need to be supported thus 2 different merchant IDs are required from the payment provider.


All requests are expected to be authorized by a JWT token. Please refer to #authentication

Usage of the fields

The definition of the mandatory fields may vary depending on the service provider and may therefore change at any time.

All data must be sent as String.