Direct API

Payments redirect API

Build a payment URL and redirect the customer to CrossPay's hosted page. After payment, CrossPay redirects back to your return_url with the result. Includes PaySky, Lahza, cards, PayPal, and more.

Download PDF (v4 PaySky)

Overview

Base URL: https://crosspayonline.com/api

Integration model: your backend builds a signed payment URL (GET) and issues an HTTP redirect. Never expose your API key in the browser—generate URLs server-side only.

Quick start (Lahza / PaySky)

  1. Create a unique invoice_id (your order ID).
  2. Prepare inv_details JSON (line items, info rows, customer).
  3. Build the request URL using the endpoint for your payment method (e.g. createInvoiceByAccountPaySky).
  4. Redirect the customer to the generated URL.
  5. On return_url, read invoice_id, is_paid, transaction_id and update order status.

Common query parameters

All payment endpoints share the same parameters; only the path changes.

ParameterTypeRequiredNotes
api_datastringYesStatic value issued by CrossPay for your account.
invoice_idstringYesYour order / invoice ID; returned on redirect.
apiKeystringYesMerchant API key — server-side only.
totalnumberYesAmount, e.g. 10.00
currencystringYes3-letter code, e.g. USD
inv_detailsJSON (URL-encoded)YesInvoice payload; must be URL-encoded in the query string.
return_urlURLYesHTTPS endpoint where the customer returns after payment.
emailstringOptionalCustomer email.
mobailstringOptionalMobile number (parameter name is mobail per API contract).
namestringOptionalCustomer full name.

inv_details JSON

Keys: inv_items (line items), inv_info (VAT, delivery, discounts), user.userName. Field spellings match the live API contract.

{
  "inv_items": [
    {
      "name": "Shopping from store",
      "quntity": "1.00",
      "unitPrice": "10.00",
      "totalPrice": "10.00",
      "currency": "USD"
    }
  ],
  "inv_info": [
    { "row_title": "Vat", "row_value": "0" },
    { "row_title": "Delevery", "row_value": "0" },
    { "row_title": "Promo Code", "row_value": 0 },
    { "row_title": "Discounts", "row_value": 0 }
  ],
  "user": {
    "userName": "Customer Name"
  }
}

Endpoints (GET → redirect)

There must be no spaces after /api/ in the URL.

MethodEndpoint
Cardshttps://crosspayonline.com/api/createInvoiceByAccount
PayPalhttps://crosspayonline.com/api/createInvoiceByAccountPaypal
Spaceremithttps://crosspayonline.com/api/createInvoiceByAccountSpaceremit
Lahzahttps://crosspayonline.com/api/createInvoiceByAccountLahza
USDThttps://crosspayonline.com/api/createInvoiceByAccountUSDT
PaySkyhttps://crosspayonline.com/api/createInvoiceByAccountPaySky

PaySky uses the same parameters and flow as Lahza; only the endpoint path changes.

Platform SDK — server samples

Use these patterns on your backend as your "SDK": build the query string with proper encoding, then redirect. Replace placeholders with your CrossPay credentials.

PHP (redirect)

<?php
$base = "https://crosspayonline.com/api/createInvoiceByAccountPaySky";
$invDetails = [
  "inv_items" => [[
    "name" => "Order #1001",
    "quntity" => "1.00",
    "unitPrice" => "10.00",
    "totalPrice" => "10.00",
    "currency" => "USD"
  ]],
  "inv_info" => [
    ["row_title" => "Vat", "row_value" => "0"],
    ["row_title" => "Delevery", "row_value" => "0"],
  ],
  "user" => ["userName" => "Customer Name"]
];
$params = [
  "api_data" => "YOUR_API_DATA",
  "invoice_id" => "ORDER-1001",
  "apiKey" => "YOUR_API_KEY",
  "total" => "10.00",
  "currency" => "USD",
  "inv_details" => json_encode($invDetails),
  "return_url" => "https://merchant.com/payment/return",
  "email" => "customer@mail.com",
  "mobail" => "0590000000",
  "name" => "Customer Name",
];
$url = $base . "?" . http_build_query($params);
header("Location: " . $url);
exit;

Node.js (Express redirect)

app.get("/pay", (req, res) => {
  const base = "https://crosspayonline.com/api/createInvoiceByAccountPaySky";
  const invDetails = {
    inv_items: [{
      name: "Order #1001",
      quntity: "1.00",
      unitPrice: "10.00",
      totalPrice: "10.00",
      currency: "USD"
    }],
    inv_info: [
      { row_title: "Vat", row_value: "0" },
      { row_title: "Delevery", row_value: "0" },
    ],
    user: { userName: "Customer Name" }
  };
  const params = new URLSearchParams({
    api_data: "YOUR_API_DATA",
    invoice_id: "ORDER-1001",
    apiKey: "YOUR_API_KEY",
    total: "10.00",
    currency: "USD",
    inv_details: JSON.stringify(invDetails),
    return_url: "https://merchant.com/payment/return",
    email: "customer@mail.com",
    mobail: "0590000000",
    name: "Customer Name",
  });
  res.redirect(`${base}?${params.toString()}`);
});

Return URL contract

CrossPay appends query parameters when redirecting the customer back:

ParameterDescription
invoice_idSame value you sent.
is_paid1 = paid, 0 = unpaid.
transaction_idPayment reference.

Example:

https://merchant.com/payment/return?invoice_id=ORDER-1001&is_paid=1&transaction_id=ABC123

Security & best practices

  • Keep apiKey on the server only.
  • Always URL-encode inv_details and return_url (http_build_query / URLSearchParams).
  • Use HTTPS for return_url.
  • Log return query params for debugging (avoid sensitive data in logs).

Troubleshooting

IssueFix
Payment page does not openNo spaces after /api/; verify query encoding.
inv_details breaks URLEnsure JSON is URL-encoded.
Missing return parametersreturn_url must be public HTTPS and allow redirects.

Documentation version 2025-07 · Last updated 2026-03-30 · Source: Crosspay API Documentation (PaySky v4 PDF).