Subsites API

The Segpay Subsites API streamlines the process of adding new subsites (subdomains or subdirectories) to your approved parent website. It eliminates manual entry through the Segpay Merchant Portal and enables efficient bulk subsite creation.

Base URL

https://srs.segpay.com/MerchantServices/website-sections

What You Can Do

  • Add subdomains (e.g., shop.mywebsite.com)

  • Add subdirectories (e.g., mywebsite.com/shop)

  • Test integrations safely with Test Mode

  • Support both JSON and XML formats

Use Case

Automate the addition of multiple subsites at once, eliminating the need to manually enter them one by one in the Segpay Merchant Portal.

Prerequisites

Before using the Subsites API, make sure you have the following:

Requirement Description
Segpay Merchant Account Active account with approved website(s).
Subsites Feature Enabled Contact techsupport@segpay.com to enable.
Parent Website Registered Main website must be added to the system and approved by Compliance before creating subsites. For more information on adding a main website, see the Websites API or Manage Websites documentation.
API Credentials (SRS) SRS User ID and User Access Key for API access.
IP Whitelisting Your server IP must be whitelisted.
Valid URLs All URLs must be legitimate. Do not submit fake or non-functioning URLs that don't resolve.

Quick Start Guide

Add your first subsite in under 5 minutes.

Step 1: Gather Your Credentials

You’ll need your SRS User ID and User Access Key (contact techsupport@segpay.com).

Step 2: Obtain Your Parent Website ID

ParentID of your approved main website, which you can obtain from either the Websites API or the Merchant Portal.

Step 3: Make Your First Request

cURL Example (Test Mode)

bashcurl -X POST "https://srs.segpay.com/MerchantServices/website-sections?test=true" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -H "Authorization: Basic <YOUR_BASE64_CREDENTIALS>" \
  -d '{
    "ParentId": 12345,
    "Type": "Subdomain",
    "Url": "shop.mywebsite.com",
    "UserName": "administrator",
    "Password": "password123",
    "AccessNotes": "Login form is on the main page"
  }'

Expected Response

json{
  "Succeeded": true,
  "Message": "Website section has NOT been created because of TEST mode."
}

Step 4: Go Live

To actually add the subsite, remove ?test=true from the URL.

All URLs must be legitimate. Do not submit fake or non-functioning URLs that don't resolve.

Authentication

The Subsites API uses HTTP Basic Authentication.

Creating Your Authorization Header

  1. Concatenate your credentials: username:password

  2. Base64 encode the combined username:password string

  3. Add to header: Authorization: Basic <encoded_string>

  • Username = myuser

  • Password = mypassword

  • String to Encode = myuser:mypassword

  • Base64 Result = bXl1c2VyOm15cGFzc3dvcmQ=

  • Header = Authorization: Basic bXl1c2VyOm15cGFzc3dvcmQ=

API Reference

Create Subsite

Add a new subsite under an existing parent website.

Endpoint

POST https://srs.segpay.com/MerchantServices/website-sections

Request Headers

Header Value Description
Content-Type application/json or application/xml Request format
Accept application/json or application/xml Response format
Authorization Basic <Base64-encoded-credentials> Authentication

All headers shown are required.

Request Parameters

Parameter Type Required Description Example
ParentId Number Yes ID of the approved parent website 12345
Type String Yes "Subdomain" or “Subdirectory" "Subdomain"
Url String Yes Full subsite URL (max 150 chars). Protocol (http:// or https://) is accepted but removed automatically.

www.mywebsite.com/subdirectory

subdomain.mywebsite.com

UserName String Yes Login username (6 - 100 characters) administrator
Password String Yes Password for subsite access (6 - 100 characters) password123
AccessNotes String No Additional info for compliance review (max 1000 characters) Enter username and password into the form on the main page.

Example Requests

JSON Example

{
  "ParentId": 12345,
  "Type": "Subdirectory",
  "Url": "mywebsite.com/page1",
  "UserName": "administrator",
  "Password": "password123",
  "AccessNotes": "Enter user name and password in the top form on the main page"
}

XML Example

<Parameters>
  <ParentId>12345</ParentId>
  <Type>Subdirectory</Type>
  <Url>mywebsite.com/page1</Url>
  <UserName>administrator</UserName>
  <Password>password123</Password>
  <AccessNotes>Enter user name and password in the top form on the main page</AccessNotes>
</Parameters>

cURL Example (Test Mode)

bashcurl -X POST "https://srs.segpay.com/MerchantServices/website-sections?test=true" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -H "Authorization: Basic <YOUR_BASE64_CREDENTIALS>" \
  -d '{
    "ParentId": 12345,
    "Type": "Subdomain",
    "Url": "shop.mywebsite.com",
    "UserName": "administrator",
    "Password": "password123",
    "AccessNotes": "Login form is on the main page"
  }'

Response Format

Success Response (JSON)

{
  "Succeeded": true,
  "Id": 12345,
  "Message": "Website section has been created successfully."
}

Success Response (XML)

<Result>
  <Succeeded>true</Succeeded>
  <Id>12345</Id>
  <Message>Website section has been created successfully.</Message>
</Result>

Error Response (JSON)

{
  "Succeeded": false,
  "Message": "IP address XXX.XXX.XXX.XXX is not allowed for this merchant."
}

Error Response (XML)

<Result>
  <Succeeded>false</Succeeded>
  <Message>IP address XXX.XXX.XXX.XXX is not allowed for this merchant.</Message>
</Result>

Test Mode

Use Test Mode to validate your integration without creating actual subsites.

Enabling Test Mode

Add ?test=true to the endpoint URL:

https://srs.segpay.com/MerchantServices/website-sections?test=true

Test Mode Behavior

  • No subsites created - Safe for testing

  • Validation checks performed - Catch integration issues early

  • IP restrictions relaxed - Test from any IP address

Test Mode Response

{
  "Succeeded": true,
  "Message": "Website section has NOT been created because of TEST mode."
}

Error Handling & Troubleshooting

HTTP Status Codes

Status Code Meaning Action Required
200 OK Success Request processed successfully.
401 Unauthorized Authentication Failed Check credentials and Basic Auth header.
403 Forbidden Access Denied Verify IP whitelisting and account permissions.
400 Bad Request Invalid Request Check required parameters and formats.
500 Internal Server Error Server error Retry request. If the error persists, contact techsupport@segpay.com.

Common Error Messages & Solutions

Error Message Cause Solution
"IP address XXX.XXX.XXX.XXX is not allowed for this merchant." IP not whitelisted Contact techsupport@segpay.com to whitelist your IP.
"Account is not enabled for Subsites." Feature not enabled Contact techsupport@segpay.com to enable this feature.
"Account is not enabled for Sub URL Type {Type}." Sub URL Type not enabled (Subdirectory / Subdomain) Contact techsupport@segpay.com to enable this URL type.
"{Missing Parameter} is required." Required parameter(s) missing Ensure all required parameters are included in the request.
"MerchantUrl {ParentId} not found." Invalid parent ID Verify that the specified ParentId exists in your account.
"MerchantUrl {ParentId} is not in an eligible status." The main website (parent) has not been approved Contact techsupport@segpay.com to request approval.
"{URL} format is incorrect for Sub URL Type {Type}." Subsite URL/Type mismatch Ensure the Subsite URL format matches the specified Subsite Type.
"Domain {URL} is not a {Type} of {ParentId Domain} The main website (root domain) is incorrect Ensure the URL contains the correct root domain for the specified Subsite.
"MerchantUrl \\"{URL}\\" already exists." Duplicate URL Use a different URL.
"Url has invalid format." Malformed URL Ensure the Subsite URL format matches the specified Subsite Type (subdomain or subdirectory).

Validation Rules

URL Format Requirements:

  • Subdomain: subdomain.parentdomain.com

  • Subdirectory: parentdomain.com/directory

  • Protocol: Automatically stripped (don't include http:// or https://)

  • Maximum length: 150 characters

Authentication Requirements:

  • Username: Minimum 6 characters, maximum 100

  • Password: Minimum 6 characters, maximum 100

  • AccessNotes: Maximum 1000 characters (optional)

Support & Resources

Getting Help

Type Contact Response Time
Technical Support techsupport@segpay.com 24-48 hours
Compliance Questions compliance@segpay.com 2-3 business days

Additional Resources

  • [Websites API Documentation] - For managing parent websites

  • Manage Websites: Web-based management for adding and administering websites

  • Manage Subsites: Web-based management for adding and administering subsites

Changelog

Version 1.0 (August 18, 2025)

  • Initial public release of the Subsites API

  • Add multiple subsites (subdomains and subdirectories) at once under an approved parent website, eliminating the need for manual entry through the Segpay Merchant Portal

  • Single POST endpoint: https://srs.segpay.com/MerchantServices/website-sections

  • Supports both JSON and XML for requests and responses

  • Authentication: HTTP Basic Authentication (username and password)

  • Test Mode: ?test=true lets you validate integration without creating subsites

  • Includes validation rules, error handling, and troubleshooting guidance

  • Example requests and responses for both JSON and XML included

  • API request and response formats documented for easy integration

  • Support information provided