A single REST API at api.rmous.org for card authorizations, payment-code redemptions, captures, reversals, and webhooks. Test and production share the same base URL — the API key prefix selects the mode.
The same surface that powers RMO Debit, RMO Credit, RMOPay™, and QuickPay is available to processors and merchants. Authorize, capture, refund, and listen for events — just like Stripe, but on the RMO closed-loop network.
Submit an authorization with a 17-char card token. Get an approval code or decline reason back in real time. Capture, reverse, or increment from there.
Members generate a 10-char code + 7-char PIN. Merchants redeem it against an amount — perfect for in-person, no-card-present sales.
Register webhook subscriptions. We deliver signed HTTPS POSTs to your endpoint when authorizations approve, decline, capture, or reverse.
Three layers of authentication: public identifier, bearer secret (bcrypt-checked inside the DB), and optional HMAC request signing.
Predictable decline codes (14, 54, 61, 62, 75) and a stable error envelope for every endpoint.
Download the full 3.1 spec to generate clients, drop into Postman, or render in any docs tool. Single source of truth for every route.
Use pk_test_* keys. Hits the same api.rmous.org. Sandbox tenant pre-configured for anyone to play with.
Use pk_live_* keys. Real money. Real settlement. Real obligations.
Copy the test credentials, then run this curl. You should get back a 200 OK with your tenant identity.
# Verify your test credentials. curl https://api.rmous.org/v1/me \ -H "X-API-Key: pk_test_publicsandbox_2026" \ -H "Authorization: Bearer sk_test_publicsandbox_2026_anyone_can_use_this"
