How do I use the Web API to pay for an order?

  1. GET to /v2/merchant/{mId}/pay/key To get the encryption information you’ll need for the pay endpoint.
  2. Encrypt the card information
    1. Prepend the card number with the prefix fromGET /v2/merchant/{mId}/pay/key.
    2. Generate an RSA public key using the modulus and exponent provided byGET /v2/merchant/{mId}/pay/key.
    3. Encrypt the card number and prefix from step 1 with the public key.
    4. Base64 encode the resulting encrypted data into a string which you will send to Clover in the “cardEncrypted” field.
  3. POST to /v2/merchant/{mId}/pay Pass the encrypted card data and order information to Clover in order to pay for the order.
    • Note: If you are using the same credit card on the same merchant account, you can send the token in the paylod instead ofcardEncrypted, first6,last4, cvv, expMonth, expYear, and zip.

When the order is paid, the order and payment data are automatically synchronized between the Clover Server and the merchant’s Clover devices.

Example Code

public static PublicKey getPublicKey(final BigInteger modulus, final BigInteger exponent) {
    try {
      final KeyFactory factory = KeyFactory.getInstance("RSA");
      final PublicKey publicKey = factory.generatePublic(new RSAPublicKeySpec(modulus, exponent));
      return publicKey;
    } catch (GeneralSecurityException e) {
      throw new BaseException(e);
public static String encryptPAN(final String prefix, final String pan, PublicKey publicKey) {
   byte[] input = String.format("%s%s", prefix, pan).getBytes();
   try {
     Cipher cipher = Cipher.getInstance("RSA/None/OAEPWithSHA1AndMGF1Padding", "BC");
     cipher.init(Cipher.ENCRYPT_MODE, publicKey, RANDOM);
     byte[] cipherText = cipher.doFinal(input);
     return DatatypeConverter.printBase64Binary(cipherText);
   } catch (GeneralSecurityException ignore) {
     return null;