Authentication

These are the standard headers that should be included in HTTP requests to the API:

Content-Type: application/json
X-Zip-API-Key: API Key supplied by Zip

Idempotency

The zipMoney API supports idempotency of refund operations in order to support retry on failure.

An "Idempotency-Key" header needs to be sent for each unique request. It is a good idea to use a UUID/GUID here to ensure no collisions of previous requests. If a request is to be retried the SAME value will need to be sent in the retry operation to let zip know that this is a replayed request.

This allows requests to be queued and replayed at a later time once any network or server issues are resolved without re-capturing or performing a refund twice.

Sample Headers

curl --request POST \
     --url https://api.sand.au.edge.zip.co/checkouts \
     --header 'Accept: application/json' \
     --header 'X-Zip-API-Key: YOUR_API_KEY' \
     --header 'Content-Type: application/vnd.zipco.v3+json' \
     --header 'Idempotency-Key: EXAMPLE_KEY'