{
  "info": {
    "name": "RsomPay External API v1",
    "description": "Partner B2B API for RsomPay invoice integration.\n\nBase URLs:\n- Production: https://integration.rsompay.com/api/external/v1\n- Sandbox: https://integration-demo.rsompay.com/api/external/v1\n\nSet {{base_url}} to the environment you are testing.\n\nRequirements:\n- Bearer token named client-external-api (from RsomPay admin Integration tab)\n- notification_url and return_url must be HTTPS and publicly reachable\n- external_id is your idempotency key\n\nWebhooks:\n- RsomPay POSTs to notification_url with headers X-Rsom-Event, X-Rsom-Event-Id, X-Rsom-Timestamp, X-Rsom-Signature\n- Verify HMAC-SHA256 using your integration partner webhook signing secret only (see https://docs.rsompay.com §7.5)\n\nFull guide: https://docs.rsompay.com",
    "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
  },
  "variable": [
    { "key": "base_url", "value": "https://integration.rsompay.com/api/external/v1" },
    { "key": "sandbox_base_url", "value": "https://integration-demo.rsompay.com/api/external/v1" },
    { "key": "bearer_token", "value": "YOUR_CLIENT_EXTERNAL_API_TOKEN" },
    { "key": "customer_id", "value": "CUST-42" },
    { "key": "external_id", "value": "INV-PARTNER-001" }
  ],
  "item": [
    {
      "name": "Create Invoice",
      "request": {
        "method": "POST",
        "header": [
          { "key": "Authorization", "value": "Bearer {{bearer_token}}" },
          { "key": "Content-Type", "value": "application/json" }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"external_id\": \"{{external_id}}\",\n  \"reference_number\": \"2026-001\",\n  \"notification_url\": \"https://partner.example.com/webhooks/rsom\",\n  \"return_url\": \"https://partner.example.com/checkout/return\",\n  \"currency_code\": \"SAR\",\n  \"customer\": {\n    \"id\": \"{{customer_id}}\",\n    \"fullname\": \"Ahmed Ali\",\n    \"email\": \"ahmed@example.com\",\n    \"phone\": \"+966501234567\"\n  },\n  \"items\": [\n    {\n      \"description\": \"Service fee\",\n      \"item_type\": \"service\",\n      \"quantity\": 1,\n      \"unit_price\": 150,\n      \"discount_amount\": 10,\n      \"tax_rate\": 15,\n      \"reference_id\": \"LINE-001\"\n    }\n  ]\n}"
        },
        "url": "{{base_url}}/invoices"
      }
    },
    {
      "name": "Get Invoice by external_id",
      "request": {
        "method": "GET",
        "header": [{ "key": "Authorization", "value": "Bearer {{bearer_token}}" }],
        "url": {
          "raw": "{{base_url}}/invoices/by-reference?external_id={{external_id}}",
          "host": ["{{base_url}}"],
          "path": ["invoices", "by-reference"],
          "query": [{ "key": "external_id", "value": "{{external_id}}" }]
        }
      }
    },
    {
      "name": "Get Invoice by reference_number",
      "request": {
        "method": "GET",
        "header": [{ "key": "Authorization", "value": "Bearer {{bearer_token}}" }],
        "url": {
          "raw": "{{base_url}}/invoices/by-reference?reference_number=2026-001",
          "host": ["{{base_url}}"],
          "path": ["invoices", "by-reference"],
          "query": [{ "key": "reference_number", "value": "2026-001" }]
        }
      }
    },
    {
      "name": "Get Invoice by reference_number (INV)",
      "request": {
        "method": "GET",
        "header": [{ "key": "Authorization", "value": "Bearer {{bearer_token}}" }],
        "url": {
          "raw": "{{base_url}}/invoices/by-reference?reference_number=INV-42-001",
          "host": ["{{base_url}}"],
          "path": ["invoices", "by-reference"],
          "query": [{ "key": "reference_number", "value": "INV-42-001" }]
        }
      }
    },
    {
      "name": "List Customer Transactions",
      "request": {
        "method": "GET",
        "header": [{ "key": "Authorization", "value": "Bearer {{bearer_token}}" }],
        "url": {
          "raw": "{{base_url}}/transactions?customer_id={{customer_id}}&page=1&per_page=20",
          "host": ["{{base_url}}"],
          "path": ["transactions"],
          "query": [
            { "key": "customer_id", "value": "{{customer_id}}" },
            { "key": "page", "value": "1" },
            { "key": "per_page", "value": "20" }
          ]
        }
      }
    },
    {
      "name": "Webhook signature verification (reference)",
      "request": {
        "method": "GET",
        "header": [],
        "url": "https://postman-echo.com/get",
        "description": "Not an RsomPay API call. See https://docs.rsompay.com section 7.5 for HMAC verification in Node.js, Python, and PHP.\n\nAlgorithm:\nkey = webhook_signing_secret (per integration partner)\nexpected = HMAC-SHA256(key, X-Rsom-Timestamp + \".\" + raw_body)\nCompare to X-Rsom-Signature (timing-safe)."
      }
    }
  ]
}