Overview
Check order status and retrieve card codes when order is fulfilled.
Path Parameters
Order ID from /placeOrder response
Response
- HANDLING: Processing - FULFILLED: Complete, cards available ✅ -
PARTIALLY_FILLED: Some cards delivered ⚠️ - REFUNDED: Failed and
refunded ❌
Number of cards delivered
Array of card objects (when FULFILLED or PARTIALLY_FILLED)
Card code/PIN (main credential)
Card serial number (secondary credential)
Examples
curl https://api.oneclickdz.com/v3/gift-cards/checkOrder/6901616fe9e88196b4eb64b3 \
-H "X-Access-Token: YOUR_API_KEY"
Handling Response
{
"success": true,
"data": {
"_id": "6901616fe9e88196b4eb64b3",
"status": "HANDLING",
"quantity": 2,
"product": "507f1f77bcf86cd799439011",
"type": "type_001",
"time": "2025-10-29T01:00:00.000Z"
}
}
Fulfilled Response
{
"success": true,
"data": {
"_id": "6901616fe9e88196b4eb64b3",
"status": "FULFILLED",
"quantity": 2,
"fulfilled_quantity": 2,
"fulfilled_amount": 980,
"price_per_card": 490,
"cards": [
{
"value": "XXXX-XXXX-XXXX-XXXX",
"serial": "123456789"
},
{
"value": "YYYY-YYYY-YYYY-YYYY",
"serial": "987654321"
}
],
"time": "2025-10-29T01:00:00.000Z"
}
}
Polling Example
async function pollOrder(orderId) {
const maxAttempts = 60;
for (let i = 0; i < maxAttempts; i++) {
const response = await fetch(
`https://api.oneclickdz.com/v3/gift-cards/checkOrder/${orderId}`,
{ headers: { "X-Access-Token": process.env.API_KEY } }
);
const { data } = await response.json();
if (["FULFILLED", "PARTIALLY_FILLED", "REFUNDED"].includes(data.status)) {
return data;
}
await new Promise((resolve) => setTimeout(resolve, 5000));
}
throw new Error("Timeout");
}
Status Handling
All cards delivered successfully
fulfilled_quantity === quantity- All cards available in
cards array
- Deliver to customer
Some cards delivered, rest cancelled
fulfilled_quantity < quantity- Partial refund issued
- Deliver available cards
- Refund difference to customer
Order completely failed
fulfilled_quantity === 0- Full refund issued
- Notify customer of failure
Secure Card Delivery
Handle cards securely. Never log card codes in plain text.
// Good: Secure delivery
async function deliverCards(userId, cards) {
// Store encrypted
await db.deliveredCards.insertMany(
cards.map((c) => ({
userId,
value: encrypt(c.value),
serial: encrypt(c.serial),
deliveredAt: new Date(),
}))
);
// Send via secure channel
await sendSecureEmail(userId, cards);
// Log without sensitive data
logger.info("Cards delivered", { userId, count: cards.length });
}
