A swipe represents the transactions made with a card to draw on a line of credit account. LoanPro’s architecture requires that a swipe is associated with a card and a line of credit account to ensure that the requested funds are available for a transaction. Swipes are created within Secure Payments, and Secure Payments passes that information to LoanPro to update the line of credit account.

This request creates a Swipe. Note the following when using this request:

Creating a swipe requires a swipe_id. This field is commonly used to list an issuing processor's transaction ID to maintain continuity between their record and LoanPro's. If you'd like to test this request in your own environment by generating a random swipe ID, take a look at our sample script below.

Many fields within this request's payload are important for swipe authorization—the process of determining whether a swipe should be accepted or not. Check the payload parameter descriptions to see which fields are important for authorization.

Other fields within this request's payload are important for swipe handling—the process of determining swipe events, statuses, and the handling of funds. Check the payload parameter descriptions to see which fields are important for swipe handling.

Much of the information within this payload is purely informational for the card issuer. This payload is built to simplify the process of mapping values between different parties.

A swipe can be declined by Secure Payments in certain circumstances. When this happens, the swipe's information will not be sent through the card network. Declines from Secure Payments may occur if the card isn't valid; for example, transactions will be denied if they're made via a card with a status of anything other than active.

⚠️

Understanding the response.

As long as the endpoint and headers of the request are correct, then this request will return a 200 response. However, a 200 response does not indicate that the request was successful. The status field returned in the response will indicate whether or not the request was successful. You can find a list of successful statuses and their definition in our Swipes article.

However if a request failed, then the status field will return the following values:

• 208: Duplicated request
• 400: Invalid input exception
• 500: Unexpected exception

🗝️

This request uses a special set of headers.

Here's a breakdown of what they mean:

• x-user-id : This is an ID associated with your Secure Payments account. You can also locate this value by logging in to your Secure Payments account and navigate to the Profile tab located within the Settings section.
• x-signature : This header uses the swipe processor token from your account to create an SHA512 hash signature.
• x-request-id : This is a randomly generated GUID that represents the request to create a swipe.

🚀

Testing this request yourself in a Postman workspace?

We've written a Pre-request Script to help you get this request working in your own workspace:

Pre-request Script

// Generate and set variables used in the headers and payload of the request:
let uuid = require('uuid');
pm.collectionVariables.set('swipe-id', uuid.v4());

const message = pm.request.body.raw.replace('{{swipe-id}}', pm.collectionVariables.get('swipe-id'))
.replace('{{card-uuid}}', pm.collectionVariables.get('card-uuid'));
var hashHmacSHA512 = CryptoJS.HmacSHA512(message, pm.collectionVariables.get('swipe-processor-token')).toString();
pm.collectionVariables.set('signature', hashHmacSHA512);

Copy the script above and paste it into the Pre-request Script text section of your request.

The script will automatically generate some of the headers you'll need for this request; however, it will require a little bit of work on your end. You'll need to set some collection-level variables that represent card-uuid, swipe-id, and swipe-processor-token to get this script to work.

Please note: the script above generates a randomized swipe-id which is a payload requirement. You can use a different method to generate a swipe-id if desired.

{
    "swipe-id": "e39ed072-3ebd-4e21-bd18-4adf4f67f5e3",
    "card-uuid": "54e7a88f-5c8b-464b-abc5-fe9f20d7a436",
    "amount": 24.97,
    "merchant-name": "Target",
    "merchant-descriptor": "Target #9960",
    "merchant-mcc": 5411,
    "merchant-requested-amount": 24.97,
    "merchant-currency": "USD",
    "merchant-rate": 1.00,
    "merchant-longitude": -111.8560587,
    "merchant-latitude": 40.722187,
    "merchant-postal-code": "84106",
    "merchant-address": "2236 S 1300 E Ste D",
    "merchant-city": "Salt Lake City",
    "merchant-state": "UT",
    "merchant-country": "USA",
    "network-merchant-id": "12sdf12fd",
    "network-risk-score": 1.00,
    "authorization-tolerance": 1.00,
    "transaction-fee-amount": 0.24,
    "ecommerce": "false",
    "card-present?": true,
    "cardholder-verified?": "Yes",
    "cardholder-verification-method": "CVV2",
    "cvv1": "None",
    "cvv2": "Validated",
    "cvv3": "None",
    "arqc": "Validated",
    "pin": "None",
    "offline-pin": "None",
    "3ds": "None",
    "avs-result": "Passed",
    "acq-method": "EMV Terminal",
    "emv-terminal": "True",
    "network": "Visa",
    "network-tx-id": "456df456fd",
    "issuer-decline-reason": "None",
    "issuer-transaction-id": "4455",
    "issuer-decline?": false,
    "authorization-advice?": false,
    "preauthorization?": false,
    "force-clearing?": false,
    "cash-advance?": false,
    "credit-authorization?": false,
    "sma?": false,
    "preferred-date": "2025-07-17",
    "metadata": "Some metadata"
}

{
    "swipe-id": "e39ed072-3ebd-4e21-bd18-4adf4f67f5e3",
    "card-uuid": "54e7a88f-5c8b-464b-abc5-fe9f20d7a436",
    "amount": 24.97
}

Results

Returns a status, swipe object, and card object after a successful swipe creation. If a swipe status is declined, it will include a reason. A 200 response can be an error with a status and error_v2 object indicating the type of error (e.g. invalid card-uuid or invalid x-user-id).