LoginSign UpGet Demo
Get accountRequest Demo
DocumentationIntegrationsTools
BlogChangelogPricingLogin
Back

Braintree API Essential Guide

Aug 8, 20246 minute read

What type of API does Braintree provide?

Braintree offers a GraphQL API. The key points are:

  1. Braintree has a GraphQL API that allows developers to make API calls.

  2. The API has a single HTTP endpoint for all requests (queries and mutations).

  3. Authentication is required using credentials in the Authorization header.

  4. The API implements the Relay specification, which adds some features on top of the GraphQL specs.

  5. Braintree provides an API Explorer tool that allows developers to browse the schema documentation and test queries and mutations.

  6. The GraphQL API offers benefits like:

    • Typed schema that improves discoverability
    • No versioning required
    • Flexible permissions for selectively exposing functions
    • Ability to request only the needed data

  7. Some potential downsides of GraphQL APIs in general include:

    • Performance issues with complex nested queries
    • Caching complexity
    • Steeper learning curve compared to REST

Does the Braintree API have webhooks?

Yes, the official Braintree API does have webhooks. Here are the key points about Braintree's webhook functionality:

Webhook Overview

  • Braintree webhooks allow you to receive automated notifications when certain events occur in your Braintree account.
  • Webhooks push information to your specified destination URL when important events happen, rather than requiring you to pull data via the API.

Event Types

You can subscribe to webhooks for a wide variety of event types, including:

  • Transaction statuses
  • Account Updater activity
  • Sub-merchant account status changes
  • Disbursements to your account
  • Disputes on transactions
  • Fraud protection events
  • Payment method status changes
  • Subscription status changes
  • Local payment method completions
  • OAuth access revocation

Implementation Details

  • Webhook notifications are delivered via HTTPS POST to a destination URL you specify.
  • Each webhook contains a notification kind and the full Braintree object the notification is reporting on.
  • You must use a valid HTTPS URL for security purposes.
  • Webhooks can be created and configured in the Braintree Control Panel.

Best Practices

  • Use webhooks to update your system or trigger business processes in real-time when important events occur.
  • Implement proper security measures when receiving webhooks, as they contain sensitive information.
  • Test your webhook implementation using Braintree's testing tools before going live.

In summary, Braintree's webhook system provides a robust way to receive real-time notifications about a wide range of events in your Braintree account, allowing you to automate processes and keep your systems in sync with the payment gateway.

Rate Limits and other limitations

Here are the key points about API rate limits for the Braintree API:

Rate Limiting Policy

  • Braintree does not publish a specific rate limiting policy.
  • They may temporarily rate limit traffic if they identify activity that appears to be abusive or risks negative impact to other merchants.
  • Rate limiting is done to ensure site availability, security and stability.

Rate Limit Indicators

  • If you receive an HTTP 429 "Too Many Requests" status code, it indicates you have exceeded the rate limit.
  • You may also get a 403 "Too Many Requests" exception after many requests in a short time period.

Tips to Avoid Rate Limiting

  • Use webhooks or Instant Payment Notifications (IPN) instead of polling.
  • Cache OAuth 2.0 access tokens rather than generating a new one for each transaction.
  • Set a timeout of 60 seconds for API requests to accommodate potentially longer processing times.

Key Considerations

  • Braintree constantly evaluates traffic patterns and may adjust their rate limiting policies.
  • If rate limiting negatively impacts your integration, you can contact Braintree's Merchant Technical Support.
  • The API always returns a 200 status code with JSON response body, even for errors. Check the "errors" array in the response to detect issues.

Best Practices

  • Use the provided request ID in API responses when contacting support about specific requests.
  • Set appropriate timeouts in your client code to handle potentially longer API response times.
  • Monitor for rate limit errors and implement appropriate retry logic with backoff if needed.

In summary, while Braintree does not publish specific rate limits, they do employ rate limiting to protect their systems. Following their best practices and monitoring for rate limit errors is recommended for a robust integration.

Latest API Version

Based on the search results provided, here are the key points regarding the most recent version of the Braintree API:

  1. The latest major version of the Braintree Android SDK is version 5 (v5). This is mentioned in the announcement: "📣 A new major version of the SDK is now available. See the v5 migration guide for details." [4]

  2. The most recent beta release is version 5.0.0-beta1, which was released on July 23, 2023. This beta version includes numerous breaking changes and updates across various modules of the SDK. [1]

  3. For existing integrations using older versions, it's important to note that the SSL certificates for the Android SDK are set to expire by June 31, 2025. Users are advised to upgrade to v4.45.0+ to continue using the Braintree SDK. [4]

  4. The Braintree Android SDK is actively developed and maintained. It is open source and available under the MIT license. [4]

  5. The SDK helps developers accept card and alternative payments in Android apps. It includes various modules such as BraintreeCore, DataCollector, Venmo, GooglePay, ThreeDSecure, PayPal, and more. [1][4]

  6. Braintree also offers a GraphQL API, which can be used alongside their Drop-in UI for end-to-end integrations. [5]

It's important to note that while version 5 is the latest major version, it's still in beta. For production use, developers should consider using the latest stable version (v4.45.0+) unless they are specifically testing or preparing for the v5 upgrade.

How to get a Braintree developer account and API Keys?

Here are the steps to get a developer account for Braintree to create an API integration:

  1. Sign up for a Braintree sandbox account:
  • Go to the Braintree sandbox signup page
  • Fill out the form with your details to create a sandbox account
  • This will give you access to the Braintree Control Panel and sandbox environment
  1. Get your API credentials:
  • Log into your Braintree Control Panel
  • Go to Account > My User > View Authorizations
  • You'll see your Merchant ID, Public Key, and Private Key
  1. Link a PayPal sandbox account (if you want to accept PayPal payments):
  • Create a PayPal sandbox account at developer.paypal.com if you don't have one
  • In your Braintree Control Panel, go to Settings > Processing > PayPal
  • Enter your PayPal sandbox API credentials to link the accounts
  1. Start integrating:
  • Use your sandbox API credentials to start integrating Braintree into your application
  • Refer to the Braintree developer documentation for integration guides and SDKs

What can you do with the Braintree API?

Based on the search results provided, here is a list of data models you can interact with using the Braintree API, along with what is possible for each:

Transactions

  • Create payments
  • Cancel payments
  • Process refunds (referenced refunds only)
  • Support for Level 2 and Level 3 card data (Braintree v2.0 only)
  • Support for 3D Secure 2.0 authentication
  • Support for delayed capture (Braintree v2.0 only)

Payment Methods

  • Credit Card/Gift Card/Prepaid Card
  • ACH (Braintree v2.0 only)
  • Apple Pay (Braintree v2.0 only)
  • Google Pay (Braintree v2.0 only)
  • PayPal (Braintree v2.0 only)
  • Credit Card Reference Transactions (Braintree v2.0 only)

Customer Data

  • Store customer information securely in the Braintree Vault
  • Data portability - ability to export customer data

Subscriptions

  • Support for recurring billing
  • Ability to push notifications for subscription status changes

Fraud Protection

  • Utilize Braintree's fraud protection tools
  • Pass device data for fraud analysis

Address Information

  • Store and update shipping and billing address details

Additional Transaction Data

  • Add purchase order numbers
  • Include tax information
  • Apply discounts
  • Add shipping amounts and details

Integration Options

  • Use Drop-in UI or Custom UI
  • Integrate via SDKs for multiple programming languages
  • Utilize Hosted Fields for PCI compliance

Webhooks

  • Receive notifications for various events (implied by subscription status changes)

Reporting and Search

  • Ability to search and retrieve transaction data (implied, not explicitly stated)

While the search results don't provide an exhaustive list of all data models, these are the key areas that can be interacted with using the Braintree API based on the information provided. The capabilities may vary between the standard Braintree integration and Braintree v2.0, with v2.0 offering some additional features.

Ship integrations on autopilot

Get Demo
Resources
DocumentationIntegrationsAPI Integration GuidesBlogChangelogPricingSupport
Legal
Terms of ServicePrivacy PolicyGoogle API
© 2024 Playbook Software Inc.