Payware MCP Server

Payware MCP Server

Enables merchant integration with payware payment APIs for creating transactions, managing authentication, and generating code examples across multiple programming languages. Provides comprehensive tools for payment processing, JWT authentication, and sandbox testing.

Category
Visit Server

README

payware MCP Server

Minimal MCP server for payware API integration. Enables quick merchant integration with payware APIs in sandbox environment.

Features

🔐 Authentication Tools

  • RSA Key Generation: Generate secure 2048-bit RSA key pairs
  • JWT Token Creation: Create properly formatted JWT tokens
  • Sandbox Setup: Configure sandbox authentication

💳 Transaction Tools

  • Create Transaction: Support PLAIN, QR, and BARCODE transactions
  • Transaction Status: Check transaction status by ID
  • Callback Simulation: Test callback scenarios

🛠️ Utility Tools

  • Advanced Code Generation: Generate complete integration code across 8 languages (Python, Node.js, PHP, Java, C#, Go, Ruby, cURL) with 16+ framework support
  • Framework Integration: Framework-specific examples for Django, FastAPI, Express, NestJS, Laravel, Spring Boot, ASP.NET, and more
  • Real-world Scenarios: Generate complete integration scenarios (e-commerce, ISV multi-merchant, P2P payments)
  • Comprehensive Documentation: Auto-generate complete API documentation with code examples
  • Request Formatting: Format and validate API requests

Quick Start

1. Installation

cd payware/mcp
npm install

2. Environment Configuration

Copy the example environment file and configure your credentials:

cp .env.example .env

Edit .env file:

# Partner ID from payware dashboard
PAYWARE_PARTNER_ID=your_partner_id_here

# Path to private key file (relative to project root)
PAYWARE_SANDBOX_PRIVATE_KEY_PATH=keys/sandbox-your-private-key.pem
PAYWARE_PRODUCTION_PRIVATE_KEY_PATH=keys/production-your-private-key.pem

# Optional: Sandbox base URL (defaults to https://sandbox.payware.eu/api)
PAYWARE_SANDBOX_URL=https://sandbox.payware.eu/api

⚠️ Security Note: Never commit the .env file to version control. It contains sensitive credentials.

3. Start the MCP Server

npm start

4. Basic Integration Flow

  1. Generate RSA Keys

    Tool: payware_authentication_generate_rsa_keys

  2. Create JWT Token

    Tool: payware_authentication_create_jwt_token
Parameters:
- partnerId: (from PAYWARE_PARTNER_ID)
- privateKey: (from environment-specific key path)

  3. Setup Sandbox

    Tool: payware_authentication_setup_sandbox_auth
Parameters:
- partnerId: (from PAYWARE_PARTNER_ID)

  4. Create Transaction

    Tool: payware_operations_create_transaction
Parameters:
- partnerId: (from PAYWARE_PARTNER_ID)
- privateKey: (from environment-specific key path)
- amount: 10.00
- currency: EUR
- reasonL1: "Payment description"
- type: PLAIN

  5. Check Status

    Tool: payware_operations_get_transaction_status
Parameters:
- partnerId: (from PAYWARE_PARTNER_ID)
- privateKey: (from environment-specific key path)
- transactionId: TRANSACTION_ID

API Request Structure

The payware MCP server transforms flat parameter inputs into the proper nested JSON structure required by the payware API:

Create Transaction Request Structure

{
  // ROOT LEVEL - Transaction metadata
  "shop": "SHOP001",                    // Optional: Shop code
  "account": "GB29NWBK60161331926810",  // Optional: Account identifier
  "friendlyName": "Your Shop Name",     // Optional: Account holder name
  "callbackUrl": "https://callback.url", // Optional: HTTPS callback URL
  "passbackParams": "{\"orderId\":\"12345\"}", // Optional: Callback parameters
  
  // TRANSACTION DATA - Required transaction information
  "trData": {
    "amount": "25.50",              // String/Number: Amount (can be "0.00" for flexible amounts)
    "currency": "EUR",              // REQUIRED: ISO 3-character currency code
    "reasonL1": "Payment for services", // REQUIRED: Transaction description (max 100 chars)
    "reasonL2": "Order #12345"      // Optional: Additional description (max 100 chars)
  },
  
  // TRANSACTION OPTIONS - Transaction behavior settings
  "trOptions": {
    "type": "QR",                   // PLAIN, QR, or BARCODE (default: PLAIN)
    "timeToLive": 300               // Seconds: 60-600 (default: 120)
  },
  
  // QR OPTIONS - Only included when type=QR
  "qrOptions": {
    "qrFormat": "PNG",              // PNG, SVG, JPG, GIF, BMP (default: SVG)
    "qrBorder": 4,                  // Border modules: 1-10 (default: 4)
    "qrErrorCorrection": "QUARTILE", // LOW, MEDIUM, QUARTILE, HIGH (default: QUARTILE)
    "qrScale": 16,                  // Pixel size: 1-100 (default: 16, irrelevant for SVG)
    "qrVersion": 10                 // QR version: 1-40 (default: 10, auto if not specified)
  },
  
  // BARCODE OPTIONS - Only included when type=BARCODE
  "barOptions": {
    "barFormat": "SVG",             // PNG, SVG, JPG (default: SVG)
    "barModuleWidth": 2,            // Module width: 1-10 (default: 2)
    "barBarHeight": 100,            // Height: 15-1000 (default: 100)
    "barFontSize": 12,              // Font size: 0-24 (default: 12)
    "barHumanReadableLocation": "NONE" // NONE, BOTTOM, TOP (default: NONE)
  }
}

Parameter Mapping

When using MCP tools, parameters are automatically mapped to the correct API structure:

MCP Tool Parameter API Location Description
partnerId, privateKey Authentication Used for JWT signing, not sent in request
account, friendlyName, shop, callbackUrl, passbackParams Root Level Transaction metadata
amount, currency, reasonL1, reasonL2 trData object Core transaction data
type, timeToLive trOptions object Transaction behavior
qrFormat, qrBorder, etc. qrOptions object QR code settings (when type=QR)
barFormat, barModuleWidth, etc. barOptions object Barcode settings (when type=BARCODE)

Available Tools

Code Generation & Documentation

payware_generate_code_example

Advanced multi-language code generation with framework support

Supports 60+ operations across all partner types:

  • Transactions: create_transaction, get_transaction_status, cancel_transaction, process_transaction, get_transaction_history, simulate_callback
  • Products: create_product, get_product, update_product, delete_product, list_products, get_product_image, create_schedule, update_schedule, delete_schedule, list_schedules
  • OAuth2 (ISV only): obtain_token, get_token_info, create_token_simple, refresh_token, revoke_token, list_active_tokens
  • Data: generate_report, get_report_status, export_report, download_export, cancel_report, list_reports, get_analytics_summary, create_custom_report
  • Deep Links: get_transaction_link, get_product_link, create_custom_link, delete_transaction_link, delete_product_link, list_active_links, get_link_analytics, create_batch_links
  • P2P (Payment Institution): initiate_p2p_transfer, accept_p2p_transfer, reject_p2p_transfer, get_p2p_transfer_status, list_p2p_transfers, cancel_p2p_transfer, create_p2p_link, get_p2p_analytics
  • Soundbites (Payment Institution): register_audio, get_audio, update_audio, delete_audio, list_audios, create_soundbite_transaction, stream_audio, download_audio, get_soundbite_analytics, create_audio_playlist, get_audio_preview

payware_generate_documentation

Comprehensive documentation generator

Generates complete API documentation with working code examples for any partner type and programming language combination.

Authentication

payware_authentication_generate_rsa_keys

Generate RSA key pair for API authentication.

Parameters:

  • keySize (optional): RSA key size in bits (default: 2048)

payware_authentication_create_jwt_token

Create JWT token for API authentication.

Parameters:

  • partnerId (required): Partner ID from payware
  • privateKey (required): RSA private key in PEM format

payware_authentication_validate_jwt

Validate JWT token format and signature.

Parameters:

  • token (required): JWT token to validate
  • partnerId (required): Partner ID for validation

payware_authentication_test_jwt

Test JWT token with payware API.

Parameters:

  • token (required): JWT token to test
  • partnerId (required): Partner ID

payware_authentication_setup_sandbox_auth

Setup sandbox authentication configuration.

Parameters:

  • partnerId (required): Partner ID from payware
  • privateKey (optional): Private key for validation

Transactions

Transaction Status Overview

payware transactions can have the following statuses:

ACTIVE Status:

  • ACTIVE: Active transaction pending processing or finalizing
  • This is the only status returned by payware_transactions_get_transaction_status
  • Use GET /transactions/{id} endpoint

Final Statuses:

  • CONFIRMED: Successfully finalized
  • DECLINED: Declined by the user, processing or finalizing payment institutions
  • 💥 FAILED: Failed due to technical reasons or other
  • EXPIRED: Time to live of the transaction has passed
  • 🚫 CANCELLED: Transaction canceled by the originator

These final statuses are only available through payware_operations_get_transaction_history using GET /transactions-history/{id} endpoint.

payware_operations_create_transaction

Create a new transaction with full API structure support.

Key Parameters:

  • currency (required): ISO 3-character code (EUR, USD, GBP, etc.)
  • reasonL1 (required): Transaction description (max 100 chars)
  • partnerId (required): Partner ID from payware dashboard
  • privateKey (required): RSA private key for JWT signing
  • amount (optional): Currency value (default: "0.00" for flexible amounts)
  • type (optional): PLAIN, QR, or BARCODE (default: PLAIN)
  • timeToLive (optional): Payment timeout in seconds, 60-600 (default: 120)

QR Options (when type=QR):

  • qrFormat: PNG, SVG, JPG, GIF, BMP (default: SVG)
  • qrErrorCorrection: LOW, MEDIUM, QUARTILE, HIGH (default: QUARTILE)
  • qrScale, qrBorder, qrVersion: Size and appearance settings

Barcode Options (when type=BARCODE):

  • barFormat: PNG, SVG, JPG (default: SVG)
  • barModuleWidth, barBarHeight, barFontSize: Size settings

payware_operations_get_transaction_status

Get status of ACTIVE transactions only. For completed/finalized transactions use history tool.

Parameters:

  • transactionId (required): Transaction ID (starts with 'pw')
  • partnerId (required): Partner ID
  • privateKey (required): Private key for JWT signing

payware_operations_simulate_callback

Simulate callback scenarios for testing.

Parameters:

  • transactionId (required): Transaction ID
  • status (optional): CONFIRMED, DECLINED, FAILED, EXPIRED, or CANCELLED (default: CONFIRMED)
  • callbackUrl (optional): URL where callback would be sent
  • amount (optional): Transaction amount (default: 10.00)
  • currency (optional): Currency (default: EUR)
  • type (optional): Transaction type (default: PLAIN)

Utilities

payware_generate_code_example

Generate production-ready code examples for any payware operation.

Parameters:

  • operation (required): Operation to generate - see complete list below
  • language (optional): python, nodejs, php, java, csharp, curl (default: python)
  • partner_type (optional): merchant, isv, payment_institution (default: merchant)
  • include_comments (optional): Include detailed code comments (default: true)
  • include_error_handling (optional): Include comprehensive error handling (default: true)

Available Operations by Category:

Authentication:

  • authentication - JWT authentication setup

Transaction Operations (all partner types):

  • create_transaction - Create a new payment transaction
  • get_transaction_status - Get transaction status and details
  • process_transaction - Process a pending transaction
  • cancel_transaction - Cancel a pending transaction

Product Operations (merchant, isv):

  • create_product - Create a new product
  • get_product - Get product details
  • list_products - List all products

OAuth2 Operations (isv only):

  • obtain_token - Obtain OAuth2 access token
  • get_token_info - Get OAuth2 token information

Data Operations (all partner types):

  • generate_report - Generate analytics report
  • get_report_status - Get report generation status

P2P Operations (payment_institution only):

  • initiate_p2p_transfer - Initiate peer-to-peer transfer
  • accept_p2p_transfer - Accept P2P transfer

Deep Links (all partner types):

  • get_transaction_link - Get deep link for transaction

Soundbites (payment_institution only):

  • register_audio - Register audio content for soundbite transactions

payware_generate_documentation

Generate comprehensive API documentation with code examples.

Parameters:

  • language (optional): Target programming language (default: python)
  • partnerType (optional): merchant, isv, payment_institution (default: merchant)
  • includeScenarios (optional): Include real-world integration scenarios (default: true)
  • outputFormat (optional): markdown, html, json (default: markdown)

payware_utils_format_request

Format and validate API requests with deterministic JSON serialization for MD5 consistency.

Parameters:

  • type (required): transaction, headers, or curl
  • data (optional): Data to format
  • jwtToken (optional): JWT token for headers
  • signature (optional): Request signature
  • endpoint (optional): API endpoint for curl
  • method (optional): HTTP method (default: POST)

payware_utils_format_json_deterministic

Format JSON with deterministic property ordering for consistent MD5 calculation.

Parameters:

  • data (required): Object to serialize
  • minimize (optional): Remove whitespace (default: true)

payware_utils_server_info

Get MCP server information and configuration.

Note: All transaction data is serialized using consistent property ordering to prevent MD5 mismatch errors.

Dependencies

  • @modelcontextprotocol/sdk: MCP server framework
  • axios: HTTP client for API calls
  • jsonwebtoken: JWT token creation
  • node-forge: RSA key generation

Environment

  • Sandbox Only: All API calls are restricted to sandbox environment
  • Base URL: https://sandbox.payware.eu/api/v1
  • Supported Currencies: EUR, USD, GBP
  • Supported Transaction Types: PLAIN, QR, BARCODE

Security

⚠️ Important Security Notes:

Environment Variables

  • REQUIRED: Use environment variables for all credentials
  • Never commit .env files to version control
  • Use different credentials for development and production
  • Store private key files outside web-accessible directories

Private Key Security

  • Generate separate key pairs for sandbox and production
  • Store private keys with restricted file permissions (600)
  • Never embed private keys in source code
  • Rotate keys regularly according to security policies

API Security

  • This server is designed for sandbox testing only
  • Never use sandbox keys in production environment
  • Implement proper error handling in production
  • Use HTTPS for all API communications
  • Validate all input parameters
  • Implement rate limiting and monitoring

JSON Serialization & MD5 Consistency

⚠️ CRITICAL: payware API requires deterministic JSON serialization for MD5 calculation

  • Property Order: JSON objects must have consistent property ordering
  • Minimized Format: No whitespace or formatting in request bodies
  • MD5 Calculation: Must be calculated from the exact same JSON string sent to API
  • Implementation: This server uses deterministic JSON serialization to ensure consistency

Example of correct JSON format:

{"trData":{"amount":"25.50","currency":"EUR","reasonL1":"Payment description"},"trOptions":{"timeToLive":300,"type":"PLAIN"}}

Why this matters:

  • Different property orders produce different MD5 hashes
  • MD5 mismatch results in ContentMd5 mismatch errors
  • Server validates that JWT contentMd5 matches request body MD5

Troubleshooting

Common Issues

  1. Authentication Failed (ERR_INVALID_SIGNATURE)

    • Root Cause: Public key registered with payware doesn't match your private key
    • Solution: Ensure the public key registered on payware site corresponds to your private key
    • Verification: Use openssl rsa -in privateKey.pem -pubout to extract public key from private key
    • Status: ✅ Resolved - Keys must be properly registered on payware partner portal

  2. ContentMd5 Mismatch Error

    • Root Cause: Inconsistent JSON property ordering
    • Solution: Use deterministic JSON serialization (implemented in this server)
    • Symptoms: Server logs show different expected vs actual MD5 hashes
    • Prevention: Always use createMinimizedJSON() from /src/utils/json-serializer.js
    • Status: ✅ Fixed - Deterministic JSON serialization implemented

  3. Transaction Creation Failed

    • Ensure all required parameters are provided
    • Check amount is non-negative
    • Verify transaction type is supported
    • Status: ✅ Working - Create and cancel operations confirmed functional

  4. MCP Connection Issues

    • Ensure server is started with npm start
    • Check that MCP client is properly configured
    • Verify no firewall blocking stdio communication
    • Note: Use MCP Inspector (npm run inspector) for debugging

Proxy and Bridge Tools

HTTP Proxy Server (npm run proxy):

  • Bridges MCP tools to HTTP REST API
  • Useful for testing tools via HTTP requests
  • Documentation: README-proxy.md

MCP Bridge (npm run bridge):

  • Connects MCP server to MCP Inspector
  • Essential for debugging and development
  • Use with: npm run inspector

Testing Status

✅ Confirmed Working Operations:

  • JWT token creation with RS256 algorithm
  • Transaction creation (POST /api/transactions)
  • Transaction cancellation (PATCH /api/transactions/{id})
  • Deterministic JSON serialization for MD5 consistency
  • Public/private key pair validation

🧪 Test Results:

  • All MCP tools tested successfully with real payware sandbox API
  • Both create and cancel transaction flows working end-to-end
  • Signature validation resolved with proper key registration

Support

For issues related to:

  • MCP Server: Check server logs and MCP client configuration
  • payware API: Refer to payware documentation and sandbox status
  • Integration: Use code examples and formatting tools provided
  • Key Issues: Ensure public key is registered on payware partner portal

License

MIT License

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured