Basket API
/
Checkout Sessions
/
Finish the active checkout.

Media Jay Basket API - v2 (2025-07-21)

The basket API provides shopping baskets. It is designed fast access for a big amount of users.

Authentication

To access the endpoints you require a X-API-Key in the header. Partners, please contact Transfermedia to retrieve one.

All endpoints are protected with a standard Authentication Bearer JWT token. We provide two mechanisms here:

  1. A JWT token provided on partner side. Signature validation is required. This allows comfort functions like:

    • the customer id to prevent users to re-enter their data multiple times
    • a payment token to checkout with a single click

    This requires:

    • that the JWT token can be validated on partners side.
    • the user id is specified in the 'sub' field of the payload.
    • optionally a static issuer is specified in the 'iss' field of the payload.
    • optionally a static audience is specified in the 'aud' field of the payload.

  2. A JWT token and a user id is generated on an endpoint in the basket api for guest users. In such a case the basket has some limitations:

    • the basket is a fresh one (filled only with the products specified)
    • no comfort functions are available
    • the JWT token expires after 30 days

Versioning

To use a specific implementation version of this API place it to the request header X-API-Version. If the header is missed the latest implementation version 2025-07-21 is used. The response header X-API-Version contains the implementation version the request was processed with.

Shopping basket

A shopping basket contains three product lists:

  • cart: holding up to 20 products planned to buy
  • saved: holding the products to remember for later usage (aka wishlist)
  • checkout: holding the products currently in the order process (in the active checkout session) Products can be added, updated and deleted to/from the cart or saved list.

Products

Products are represented by a product identifier with an order count. A product can be a main product or a product variant (e.g. a shoe in a specific size).

Checkout session

When the user decides to start the order process the checkout is the first step in the order process. It communicates with the payment service provider (PSP) responsible to manage the payment. If the payment succeeds an order process starts in the background.

Transfer basket

The API provides the ability to transfer a basket e.g., to a web shop. Optionally a QR code image can be created to be presented to a customer. For security reasons the transfer needs to be finished within 1 minute.

Further documentation

For further details please visit the documentation or contact Transfermedia support@transfermedia.de.

Download OpenAPI description
openapi.json
openapi.yaml
Languages
Servers
Development Server

https://docs.jay-metadata.com/_mock/apis/basket/latest/openapi/

Guest Baskets

Operations

Basket Operations

Operations

Product Operations

Operations

Product Details

Operations

Checkout Sessions

Operations

Checkout the shopping basket of the specified user.

Request

Contacts the payment service provider (PSP) to prepare a checkout of the products in the cart. Creates an order for this checkout.

Path
userIdstring(Userid)[ 1 .. 256 ] charactersrequired

The platform specific user identifier representing a user.

Query
testModestring(Use test mode)^(true|false)$

Set to "true" to work under test conditions (do not make real payments). Defaults to "false".

Please note that a test mode can also be configured by Jay for your complete company.

Default "false"
Example: testMode=true
Headers
X-API-Keystring(X-Api-Key)required

Required. API access key for authorized use of the checkout endpoints. Partners, please contact Transfermedia to retrieve a valid key.

__Secure-jay_trackingstring( Secure-Jay Tracking)

Tracking session header for user tracking and analytics. This is set by the /playouts/tracking/session endpoint.

Example: __Secure-jay_tracking=eyJzZX...
x-jay-api-versionstring(X-Jay-Api-Version)

The version of the API to use. Defaults to 2025-07-21.

Default 2025-07-21
Bodyapplication/json
languagestring(language)^[a-z]{2}$

The 2-letter language code as specified in ISO 639-1

countrystring(country)^[A-Z]{2}$

The 2-letter country code as specified in ISO 3166

stripeUsingSdkboolean(Use stripe SDK)

Set to True when confirming server-side and using Stripe.js, iOS, or Android client-side SDKs to handle the next actions. Defaults to False.

Default false
curl -i -X POST \
  'https://docs.jay-metadata.com/_mock/apis/basket/latest/openapi/baskets/users/{userId}/checkout/sessions?testMode=true' \
  -H 'Authorization: Bearer <YOUR_Bearer_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'X-API-Key: string' \
  -H '__Secure-jay_tracking: __Secure-jay_tracking=eyJzZX...' \
  -H 'x-jay-api-version: 2025-07-21' \
  -d '{}'

Responses

Successfully retrieved the checkout info for the shopping basket of the specified user

Bodyapplication/json
dataobject(The response data)

Represents the response of a checkout session.

Example: {"orderNo":"string","currency":"string","fullPrice":0,"fullTax":0,"shippingCost":0,"novalnet":{"priceByShop":"<typing.Dict[str, int]>","checkoutUrl":"string"},"stripe":{"priceByShop":"<typing.Dict[str, int]>","checkoutUrl":"string","publicKey":"string","customerId":"string","ephemeralKeySecret":"string","paymentIntentClientSecret":"string"},"testMode":true}
nextTokenstring(Next token)

The token, which can be used to retrieve the next page of data.

errorobject(The error response)

Represents a data response with a possible error.

Response
application/json
{
  "data": {
    "orderNo": "string",
    "currency": "string",
    "fullPrice": 0,
    "fullTax": 0,
    "shippingCost": 0,
    "novalnet": {},
    "stripe": {},
    "testMode": true
  }
}

Finish the active checkout.

Request

Finish the active checkout in the shopping basket.

Path
userIdstring(Userid)[ 1 .. 256 ] charactersrequired

The platform specific user identifier representing a user.

Headers
X-API-Keystring(X-Api-Key)required

Required. API access key for authorized use of the checkout endpoints. Partners, please contact Transfermedia to retrieve a valid key.

__Secure-jay_trackingstring( Secure-Jay Tracking)

Tracking session header for user tracking and analytics. This is set by the /playouts/tracking/session endpoint.

Example: __Secure-jay_tracking=eyJzZX...
x-jay-api-versionstring(X-Jay-Api-Version)

The version of the API to use. Defaults to 2025-07-21.

Default 2025-07-21
Bodyapplication/jsonrequired
orderedboolean(Ordered state)required

If True the active checkout session has been finished with success and the products are "ordered" now. If False the active checkout session has been aborted. The products in checkout will be moved back to the cart.

curl -i -X POST \
  'https://docs.jay-metadata.com/_mock/apis/basket/latest/openapi/baskets/users/{userId}/checkout/sessions/finish-active' \
  -H 'Authorization: Bearer <YOUR_Bearer_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'X-API-Key: string' \
  -H '__Secure-jay_tracking: __Secure-jay_tracking=eyJzZX...' \
  -H 'x-jay-api-version: 2025-07-21' \
  -d '{
    "ordered": true
  }'

Responses

Successfully finished the checkout process

Bodyapplication/json
dataobject(The response data)

Represents a users shopping basket.

Example: {"lastChanged":"2025-06-04T12:34:56Z","cart":[{"productId":"prod-123","count":2},{"productId":"prod-456","count":1}],"saved":[{"productId":"prod-789","count":1}],"checkout":[{"productId":"prod-123","count":1},{"productId":"prod-456","count":1}]}
nextTokenstring(Next token)

The token, which can be used to retrieve the next page of data.

errorobject(The error response)

Represents a data response with a possible error.

Response
application/json
{
  "data": {
    "lastChanged": "2025-06-04T12:34:56Z",
    "cart": [],
    "saved": [],
    "checkout": []
  }
}

Basket Transfer

Operations

API information

Operations