Transaction Report (S2S)
Programmatically download CSV or XLS transaction reports over a date range
Transaction Report (S2S)
Download transaction reports for a date range as CSV or XLS, backend-to-backend. This is the server-to-server equivalent of the Export Transactions feature in the Exirom Merchant Portal — built for automating reconciliation, accounting, and downstream integrations on a schedule rather than exporting by hand.
POST https://sandbox.api.exirom.com/api/api/v1/report-generator/s2s
Base URL. Contact your Exirom account manager for the correct sandbox or production base URL. The path above uses the sandbox host.
#Authentication
This endpoint uses merchant key/secret headers — not the Bearer token used by the rest of the Card API. Keep the secret confidential; it is intended for backend use only.
| Header | Required | Description |
|---|---|---|
x-merchant-key | Yes | Your public merchant API key |
x-merchant-secret | Yes | Your private merchant API secret |
Content-Type | Yes | Must be application/json |
#Request Body
| Field | Type | Required | Description |
|---|---|---|---|
dateFrom | string | Yes | Start of range, YYYY-MM-DD (or YYYY-MM-DD HH:MM:SS) |
dateTo | string | Yes | End of range, YYYY-MM-DD (or YYYY-MM-DD HH:MM:SS) |
dateSource | string | Yes | Which timestamp the range filters on: createdDate (default) or lastModifiedDate |
format | string | No | CSV (default) or XLS |
Tip. Add a time component for tighter ranges, e.g.
"2025-07-05 00:00:00". Without it, the date is treated as a full day.
#Response
200 OK— the report as a binary file stream. When aContent-Disposition: attachmentheader is present, it carries the filename (e.g.transaction-report-2025-07-05.csv).4xx/5xx— a JSON error object (see Errors).
#Download a report
curl -OJ saves the response using the server-provided filename. In code, read the Content-Disposition header and stream the body to disk.
curl -OJ 'https://sandbox.api.exirom.com/api/api/v1/report-generator/s2s' \
-H 'x-merchant-key: YOUR_MERCHANT_KEY' \
-H 'x-merchant-secret: YOUR_MERCHANT_SECRET' \
-H 'Content-Type: application/json' \
--data '{"dateFrom":"2025-07-05 00:00:00","dateTo":"2025-07-06 23:59:59","dateSource":"createdDate"}'#XLS format
Set "format": "XLS" to receive a spreadsheet instead of CSV.
curl -OJ 'https://sandbox.api.exirom.com/api/api/v1/report-generator/s2s' \
-H 'x-merchant-key: YOUR_MERCHANT_KEY' \
-H 'x-merchant-secret: YOUR_MERCHANT_SECRET' \
-H 'Content-Type: application/json' \
--data '{"dateFrom":"2025-07-01","dateTo":"2025-07-07","dateSource":"createdDate","format":"XLS"}'#Errors {#errors}
Errors return a JSON body with an error message.
// Missing or empty required field
{ "error": "Invalid or missing 'dateFrom' field" }// Bad x-merchant-key / x-merchant-secret
{ "error": "Invalid merchant credentials" }#Best Practices
- Automate, don't poll manually. This endpoint is for scheduled jobs (nightly reconciliation, accounting exports), not interactive use.
- Match the portal. Output columns mirror the Merchant Portal's Export Transactions download.
- Use
lastModifiedDatewhen you need rows that changed in a window (e.g. settlements, status updates), andcreatedDatefor rows created in a window. - Keep credentials server-side. Never embed
x-merchant-secretin client apps.
#Related
- Transaction Status — status values shown in report rows
- Webhook Best Practices — pair reports with real-time webhook data