POS API
The interface used by hardware POS terminals (Sunmi, SmartOne, Datecs, Ingenico, PAX) and SoftPOS apps to accept payments through miaPOS. Terminal activation, seller auth, shift management, QR transactions, refunds, settings — twenty-five endpoints under /pos/api/v1/.
Overview
The POS API is the interface between a POS device (hardware terminal or SoftPOS app) and the miaPOS backend. All endpoints live under /pos/api/v1/. The flow is: activate the terminal, sign the seller in, open a shift, generate QR / create transactions, then close the shift at end-of-day. Refunds and status queries hang off the same base.
The API is IP-rail only. Payments are authorised by the buyer in their own banking app after scanning the QR or opening the miaPOS payment link — the terminal does not touch card data, so there is no PCI scope on the merchant side.
Base URL & environments
Every partner integration uses its own base URL. Sandbox and production hosts, merchant identifiers, terminal identifiers and operator credentials are issued per partner during onboarding — request sandbox access from sales. Public documentation intentionally does not list host names or credentials.
Authentication
Each seller signs in with userName + userPassword against the seller endpoint and receives an access token and a refresh token. The access token is passed as Authorization: Bearer <accessToken> on every subsequent request. Refresh is one-shot — POST /seller/refresh exchanges the refresh token for a new pair.
init → otp-resend → confirm or the simplified variant) binds this physical device to the merchant and the terminal identifier. Once activated, the seller flow is enough for day-to-day operations.Endpoints
Terminal activation
6 endpointssimplified variant is used for pre-provisioned devices.Seller authentication
4 endpointsShift management
4 endpointsTransactions — QR & status
6 endpointsReturns & refunds
3 endpointsSettings
2 endpointsSchemas
Full request and response schemas for every endpoint — including examples, enum values and per-field descriptions — are published in the interactive Redoc reference. The reference is generated from the same OpenAPI spec (v5) that drives the mia-pos service in production.
Postman collection
The full request set is published as a Postman collection so a developer can start integrating without hand-writing calls:
miapos-pos-api.postman_collection.json— the requests, ordered by flow.miapos-pos-api.postman_environment.json— an environment template with placeholders. PopulatebaseUrl,merchantIdno,terminalId,userNameanduserPasswordwith sandbox values from sales.
Errors
All endpoints return errors in the standard envelope. See Errors for the full catalogue and the mapping from HTTP status to internal error code.
Webhooks
Terminal-to-backend polling is supported for status checks, but webhooks are the recommended way to receive transaction lifecycle events (paid, failed, refunded). See Webhooks for payload shape and Signature verification for verifying authenticity.