Payments

Create a payment request

Generate a new payment request for a product, subscription, or invoice.

POST
POST
POST

https://api.docly.com/v1/payments

Request

curl --request DELETE \
  --url https://api.yourdomain.com/v1/auth/session \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "session_id": "sess_82bd91fa",
    "reason": "user_logout"
  }'

Request

curl --request DELETE \
  --url https://api.yourdomain.com/v1/auth/session \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "session_id": "sess_82bd91fa",
    "reason": "user_logout"
  }'

Request

curl --request DELETE \
  --url https://api.yourdomain.com/v1/auth/session \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "session_id": "sess_82bd91fa",
    "reason": "user_logout"
  }'

200

400

{
  "success": true,
  "invalidated_session_id": "sess_82bd91fa",
  "revoked_tokens": 2,
  "revoked_at": "2026-02-16T15:42:12Z"
}

200

400

{
  "success": true,
  "invalidated_session_id": "sess_82bd91fa",
  "revoked_tokens": 2,
  "revoked_at": "2026-02-16T15:42:12Z"
}

200

400

{
  "success": true,
  "invalidated_session_id": "sess_82bd91fa",
  "revoked_tokens": 2,
  "revoked_at": "2026-02-16T15:42:12Z"
}

The Create a Payment Request endpoint generates a payment request that can be sent to a customer. This is commonly used for invoicing, pre-authorizations, or collecting payments without immediately charging a card.

Authorizations

Authorization

string

required

A valid refresh token passed using the Bearer authentication scheme.

Format: Authorization: Bearer <refresh_token>

The token must be active and issued by your authentication server.

Authorizations

Authorization

string

required

A valid refresh token passed using the Bearer authentication scheme.

Format: Authorization: Bearer <refresh_token>

The token must be active and issued by your authentication server.

Authorizations

Authorization

string

required

A valid refresh token passed using the Bearer authentication scheme.

Format: Authorization: Bearer <refresh_token>

The token must be active and issued by your authentication server.

Request Body

device_id

string

optional

Unique identifier of the client device requesting the refresh.

Used for session tracking and anomaly detection.

Example: "web-3f92ab1c"

rotate_refresh_token

boolean

optional

Indicates whether a new refresh token should be issued.

Defaults to true.

If set to false, the existing refresh token remains valid.

client_version

string

optional

Version of the client application initiating the request.

Useful for telemetry and debugging.

Example: "2.4.1"

Request Body

device_id

string

optional

Unique identifier of the client device requesting the refresh.

Used for session tracking and anomaly detection.

Example: "web-3f92ab1c"

rotate_refresh_token

boolean

optional

Indicates whether a new refresh token should be issued.

Defaults to true.

If set to false, the existing refresh token remains valid.

client_version

string

optional

Version of the client application initiating the request.

Useful for telemetry and debugging.

Example: "2.4.1"

Request Body

device_id

string

optional

Unique identifier of the client device requesting the refresh.

Used for session tracking and anomaly detection.

Example: "web-3f92ab1c"

rotate_refresh_token

boolean

optional

Indicates whether a new refresh token should be issued.

Defaults to true.

If set to false, the existing refresh token remains valid.

client_version

string

optional

Version of the client application initiating the request.

Useful for telemetry and debugging.

Example: "2.4.1"

Response Fields

access_token

string

required

New short-lived access token used to authorize API requests.

refresh_token

string

required

New refresh token issued when rotation is enabled.

expires_at

string

required

ISO 8601 timestamp indicating when the access token will expire.

Example: "2026-03-01T18:25:43Z"

session_id

string

required

Identifier of the active authentication session.

refresh_token_expires_at

string

optional

Expiration timestamp for the newly issued refresh token.

Response Fields

access_token

string

required

New short-lived access token used to authorize API requests.

refresh_token

string

required

New refresh token issued when rotation is enabled.

expires_at

string

required

ISO 8601 timestamp indicating when the access token will expire.

Example: "2026-03-01T18:25:43Z"

session_id

string

required

Identifier of the active authentication session.

refresh_token_expires_at

string

optional

Expiration timestamp for the newly issued refresh token.

Response Fields

access_token

string

required

New short-lived access token used to authorize API requests.

refresh_token

string

required

New refresh token issued when rotation is enabled.

expires_at

string

required

ISO 8601 timestamp indicating when the access token will expire.

Example: "2026-03-01T18:25:43Z"

session_id

string

required

Identifier of the active authentication session.

refresh_token_expires_at

string

optional

Expiration timestamp for the newly issued refresh token.

Error Fields

error_code

string

required

Machine-readable identifier describing the failure.

Possible values:

  • refresh_token_invalid

  • refresh_token_expired

  • session_not_found

  • token_rotation_failed

error_description

string

required

Detailed explanation of why the request failed.

Error Fields

error_code

string

required

Machine-readable identifier describing the failure.

Possible values:

  • refresh_token_invalid

  • refresh_token_expired

  • session_not_found

  • token_rotation_failed

error_description

string

required

Detailed explanation of why the request failed.

Error Fields

error_code

string

required

Machine-readable identifier describing the failure.

Possible values:

  • refresh_token_invalid

  • refresh_token_expired

  • session_not_found

  • token_rotation_failed

error_description

string

required

Detailed explanation of why the request failed.

Previous

Previous

Previous

Need help? Contact Support

Join our Discord Community

Questions? Contact Sales

Request

curl --request DELETE \
  --url https://api.yourdomain.com/v1/auth/session \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "session_id": "sess_82bd91fa",
    "reason": "user_logout"
  }'

200

400

{
  "success": true,
  "invalidated_session_id": "sess_82bd91fa",
  "revoked_tokens": 2,
  "revoked_at": "2026-02-16T15:42:12Z"
}

Create a free website with Framer, the website builder loved by startups, designers and agencies.