API Reference

PayTo (1.0.0)

PayTo is a modern digital payment solution enabling real-time, account-to-account payments from a customer’s bank account. Developed under the New Payments Platform Australia initiative, PayTo replaces traditional direct debit with a faster, more secure option

This API follows RESTful principles and provides a simple way to integrate PayTo functionality into your systems. It uses semantic versioning to ensure backward compatibility and includes idempotency support through the x-idempotency-id header to prevent duplicate transactions. The API is designed to be developer-friendly while maintaining the security and reliability required for financial transactions.

Download OpenAPI description

payto-send.json

payto-send.yaml

Servers

https://developer.api.commbank.com.au/

Agreements

Endpoints for creating, managing, and retrieving PayTo agreements between creditors and debtors.

Operations

Payments

Endpoints for initiating, managing, and retrieving payment transactions under PayTo agreements.

Operations

Create Payment for Agreement

Request

This endpoint allows you to debit an Agreement by creating a payment.

Security

oauth2

Path

idstring(uuid)(agreementId)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...required

Agreement ID

Headers

x-request-idstring(uuid)(xRequestId)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...

UUID that was passed to the request in the x-request-id header.

x-idempotency-idstring(uuid)(xIdempotencyId)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...required

Uniquely identifies the operation for safe retries. See API Usage page for more information.

Bodyapplication/jsonrequired

amountnumber(decimal)(amount)<= 10 characters<= 9999999.99^\d+\.\d{2}$required

The amount in AUD dollars

referencestring(string)<= 64 characters/^.*$/required

Short form description of the payment

descriptionstring(string)<= 280 characters/^.*$/

Longer form description of the payment

lastPaymentboolean

Indicates if this is the last payment in the agreement

initiatingPartyobject(initiatingParty)required

The party initiating the agreement

initiatingParty.idstring(uuid)(uuid)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...required

Commbank assigned ID for the merchant.

destinationobject

Destination account details

curl -i -X POST \
  'https://developer.api.commbank.com.au/agreements/{id}/payments' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'x-idempotency-id: 497f6eca-6276-4993-bfeb-53cbbbba6f08' \
  -H 'x-request-id: 497f6eca-6276-4993-bfeb-53cbbbba6f08' \
  -d '{
    "amount": 9999999.99,
    "reference": "string",
    "description": "string",
    "lastPayment": true,
    "initiatingParty": {
      "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08"
    },
    "destination": {
      "account": {
        "accountName": "string",
        "type": "bankAccount",
        "bsb": "string",
        "accountNumber": "string",
        "alternateIdentification": {
          "type": "EMAIL",
          "value": "string"
        }
      },
      "party": {
        "ultimatePartyName": "string"
      }
    }
  }'

Responses

Accepted

Headers

Content-Languagestring(language)<= 5 characters^en-AU$

Value"en-AU"

Content-Typestring(media)<= 16 characters^application/json$

Value"application/json"

Bodyapplication/json

idstring(uuid)(paymentId)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...

statusstring(string)<= 8 characters^[a-z\s]+$

The payment id

Value"received"

Response

application/json

{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "status": "received"
}

Get a Payment

Request

Get the details of a payment

Security

oauth2

Path

idstring(uuid)(paymentId)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...required

The payment Id

Headers

x-request-idstring(uuid)(xRequestId)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...

UUID that was passed to the request in the x-request-id header.

curl -i -X GET \
  'https://developer.api.commbank.com.au/payments/{id}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'x-request-id: 497f6eca-6276-4993-bfeb-53cbbbba6f08'

Responses

Headers

Content-Languagestring(language)<= 5 characters^en-AU$

Value"en-AU"

Content-Typestring(media)<= 16 characters^application/json$

Value"application/json"

Bodyapplication/json

idstring(uuid)(paymentId)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...

agreementIdstring(uuid)(agreementId)<= 36 characters^[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89...

Agreement ID

statusstring(string)<= 11 characters^[A-Z_]+$

Enum"payment_accepted""settlement_in_progress""successful""failed"

statusReasonobject

completedDatestring(date-time)(dateTime)<= 24 characters^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z$...

amountnumber(decimal)(amount)<= 10 characters<= 9999999.99^\d+\.\d{2}$

referencestring(string)<= 64 characters/^.*$/

sourceobject(partyAccountOptionalPartyDetails)

destinationobject(partyAccountOptionalPartyDetails)

descriptionstring

initiatingPartyobject(initiatingParty)

The party initiating the agreement

Response

application/json

{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "agreementId": "79458f91-82b5-4c38-a886-56df6a6b7980",
  "status": "payment_accepted",
  "statusReason": {
    "code": "string",
    "description": "string"
  },
  "completedDate": "2025-02-25T00:33:38.806Z",
  "amount": 9999999.99,
  "reference": "string",
  "source": {
    "account": { … },
    "party": { … }
  },
  "destination": {
    "account": { … },
    "party": { … }
  },
  "description": "string",
  "initiatingParty": {
    "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08"
  }
}

Utilities

Endpoints for auxiliary operations such as health checks and other supporting functionalities.

Operations

PayTo (1.0.0)

Agreements

Payments

Create Payment for Agreement

RequestExpand all

Responses

Get a Payment

Request

Responses

Utilities

Request