Retrieve comprehensive order information with decrypted voucher codes for delivered orders

Get Order Details API

Retrieve detailed information for a specific order, including decrypted voucher codes when the order has been delivered.

Endpoint

GET /api/v1/orders/{id}

Authentication: API Key + Secret required

Request Headers

X-API-Key: sk_live_abc123def456
X-API-Secret: your-secret-here

Path Parameters

Parameter	Type	Required	Description
`id`	integer	Yes	Order ID (must be > 0)

Response

Success Response

Status Code: 200 OK

Response Body:

{
  "id": 12345,
  "reference_code": "ORD-ABC123",
  "transaction_id": 789,
  "amount": "25.00",
  "product_id": 1001,
  "denomination": "25.00",
  "quantity": 1,
  "discount": "0.00",
  "vouchers": [
    {
      "claim_url": "https://redeem.example.com/abc123xyz",
      "card_number": "1234567890123456",
      "voucher_reference_number": "REF-VOUCHER-123",
      "pin_code": "1234",
      "expires_at": "2025-12-31T23:59:59Z"
    }
  ],
  "status": "delivered",
  "placed_at": "2024-01-15T10:30:00Z"
}

Response Fields

Order Fields

Field	Type	Description
`id`	integer	Unique order identifier
`reference_code`	string	Unique order reference for tracking
`transaction_id`	integer	Associated payment transaction ID
`amount`	string	Total order amount (2 decimal places)
`product_id`	integer	Product catalog identifier
`denomination`	string	Unit value (2 decimal places)
`quantity`	integer	Number of units ordered
`discount`	string	Applied discount amount
`vouchers`	array	Voucher details (only when delivered)
`status`	string	Current order status
`placed_at`	string	Order timestamp in RFC3339 format

Voucher Fields

The fields present depend on the product's delivery_type (see Delivery Type Values).

Field	Type	Present	Description
`card_number`	string \| null	Always	Decrypted voucher/gift card code
`pin_code`	string \| null	`code_with_pin` only	Separate PIN required alongside the card number
`claim_url`	string \| null	When available	URL for one-click voucher redemption
`voucher_reference_number`	string \| null	When available	Vendor reference number
`expires_at`	string	Always	Voucher expiration date (RFC3339)

Voucher Availability by Status

Orders progress through different statuses, with voucher data becoming available based on the current status:

Status	Description	Wallet Deduction	Vouchers Available
`PENDING`	Order created, processing in progress	Yes (Deducted)	No (Not yet)
`PROCESSING`	Order currently being fulfilled	Yes (Deducted)	No (Not yet)
`DELIVERED`	Order completed successfully	Yes (Deducted)	Yes (Available)
`PARTIALLY_DELIVERED`	Some vouchers delivered	Yes (Deducted)	Partial (Some available)
`FAILED`	Order processing failed	No (Refunded)	No (None)
`CANCELLED`	Order was cancelled	No (Refunded)	No (None)

Status Flow:

Order Creation → PENDING → PROCESSING → DELIVERED
                    ↓
                 FAILED (if processing fails)

Important: Voucher codes are only decrypted and returned when the order status is DELIVERED or PARTIALLY_DELIVERED. For other statuses, the vouchers array will be empty.

Security Features

Encryption

All sensitive voucher data is encrypted at rest:

Voucher codes are stored using AES-256 encryption
Decryption only occurs when order status is DELIVERED
PIN codes and reference numbers are separately encrypted

Examples

# Get order details
curl -X GET "{{host}}/api/v1/orders/12345" \
  -H "X-API-Key: sk_live_abc123def456" \
  -H "X-API-Secret: your-secret-here"

# Get order and extract vouchers (using jq)
curl -X GET "{{host}}/api/v1/orders/12345" \
  -H "X-API-Key: sk_live_abc123def456" \
  -H "X-API-Secret: your-secret-here" \
  | jq '.vouchers'

# Check order status
curl -X GET "{{host}}/api/v1/orders/12345" \
  -H "X-API-Key: sk_live_abc123def456" \
  -H "X-API-Secret: your-secret-here" \
  | jq '.status'

# Get voucher codes securely
curl -s -X GET "{{host}}/api/v1/orders/12345" \
  -H "X-API-Key: sk_live_abc123def456" \
  -H "X-API-Secret: your-secret-here" \
  | jq -r '.vouchers[] | "Card: \(.card_number) PIN: \(.pin_code)"'

Error Responses

401 Unauthorized

{
  "error": "unauthorized",
  "message": "Invalid or expired access token"
}

404 Not Found

{
  "error": "not_found",
  "message": "No Matching Result Found!"
}

500 Internal Server Error

{
  "error": "internal_error",
  "message": "Failed to retrieve order"
}

Best Practices

Security

Never Log Voucher Codes - Avoid logging sensitive voucher data
Secure Display - Hide voucher codes by default, reveal on click
Copy Protection - Implement copy-to-clipboard functionality
Session Timeout - Auto-logout after viewing vouchers
Audit Trail - Log voucher access for security monitoring

Performance

Poll Efficiently - Use exponential backoff when checking status
Cache Static Data - Cache delivered orders client-side
Lazy Load Vouchers - Load vouchers only when needed
Minimize API Calls - Batch status checks where possible

User Experience

Status Indicators - Show clear order status with icons
Progress Updates - Display processing progress if available
Copy Functionality - Make voucher codes easy to copy
Expiration Warnings - Highlight approaching expiration dates
Redemption Links - Provide direct redemption URLs

Rate Limits

Standard Rate: 200 requests per minute
Burst Limit: 20 requests per 10 seconds
Per-Order Limit: 60 requests per order per hour

Rate limiting prevents:

Voucher harvesting attempts
Excessive status polling
Automated scraping

Monitoring Best Practices

Status Polling Strategy

Timeout Recommendations

Fast Products: 2-5 minutes
Standard Products: 5-10 minutes
Slow Products: 10-30 minutes

Next Steps

List All Orders - View order history
Create New Order - Submit orders
Product Catalog - Browse available products
Authentication - Secure API access

Get Order Details API

On this page