Skip to main content
Version: multi-v3



The Weavr API is a RESTful API. Our API has predictable resource-oriented URLs, accepts form-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.

You can test the Weavr API in the Sandbox environment, which does not affect your live data or interact with any banking networks. The environment that you use (Sandbox or Live) determines whether our platform treats the request as a test request or a live request. The API endpoints and API keys for the two environments are different.

When you register with Weavr, you get a Multi account in the Sandbox environment where you can choose the payment model and configure your application. We will give you access to the Live environment after we review your business (KYB) and your application.

After you open a Multi account and configure your application profiles, you can start building your application. API environment URLs are as follows.

Liveon request

Simulating Transactions

Our Sandbox environment includes a simulator that simulates external events not usually triggered by Weavr, for example, receipt of a bank transfer or a purchase on a card. You can use the simulator to test all the functions of your application in a Sandbox environment.

Handling Errors

When you invoke the Weavr API, you may encounter errors, which may be caused by the request or by the server. Our API returns errors according to the standard HTTP status code scheme. For example, you may receive the following codes:

  • 4XX: Client error
    • 400: Bad request
    • 401: Unauthorised
    • 403: Not authenticated
    • 409: Conflict, together with an error code that identifies the issue
  • 5XX: Server error
    • 500: Internal server error
    • 503: Service unavailable

Idempotent Requests

An API is idempotent if you can make the same call many times but the result does not change. In other words, if you make many identical requests to an idempotent API, the effect is the same as if you made just one request.

GET and DELETE operations are guaranteed to be idempotent. If you want POST operations to be idempotent, you need to provide the idempotency-ref parameter. Subsequent requests with the same idempotency reference are idempotent. Otherwise, repeated requests will result in duplicate operations.