Payment method callback
After creating the payment method, the AppotaPay system calls back the results to the partner's system
- Using the
signatureparameter to check the integrity of the received data, the partner creates a signature from the data received by AppotaPay and then compares it with thesignatureparameter sent by AppotaPay.
Web callback
AppotaPay will send the results via the API URL of the partner sending AppotaPay for configuration, the partner server checks the data integrity through the signature parameter then updates the status of the payment method.
Header
{
"Content-Type": "applicaton/json"
}
Request params
Method: POST
| Param | Type | Description |
|---|---|---|
| data | String | Transaction information is encode with base64encode & json_encode format |
| signature | String | Signature to check data signature = |
| time | String | Response time |
Decode
- Partners use the
Base64Decodefunction to decode data in string form. - Use the
JSON_Decodefunction to decode the data a second time in json form.
| Param | Required | Type | Description |
|---|---|---|---|
| event | Required | String | Event: - payment_method.activated: when the payment method has been activated and can be used for recurring payment - payment_method.failed: payment method triggers failure when performing authentication or authorization - payment_method.inactivated: payment method cannot be used for payment - payment_method.expired: payment method has expired and cannot be used for payment |
| data | Required | Object | Data |
| data.paymentMethodRefId | Required | String | Unique reference code of partner Partner-provided identifier for the payment method. |
| data.paymentMethodId | Required | String | Payment Method ID |
| data.customerId | Required | String | Customer ID |
| data.country | Required | String | Country code of transaction |
| data.currency | Required | String | Currency unit |
| data.paymentMethod | Required | String | Payment method - CC_SUBS: payment with credit card - EWALLET_SUBS: payment with ewallet |
| data.reusability | Required | String | Describes whether or not the payment method can be reused for subsequent payments. - MULTIPLE_USE: may be reused for subsequent payments |
| data.card | Optional | Object | Card information |
| data.card.properties | Optional | Object | Properties |
| data.card.properties.skipThreeDSecure | Optional | String | This field value is only configurable for reusability = MULTIPLE_USE to indicate whether to perform 3DS during the linking phase - YES: skip to perform 3DS - NO: perform 3DS |
| data.card.properties.successReturnUrl | Optional | String | URL where the end-customer is redirected if the linking is successful. |
| data.card.properties.failureReturnUrl | Optional | String | URL where the end-customer is redirected if the linking is failed. |
| data.card.cardInfo | Optional | Object | Card information |
| data.card.cardInfo.cardNumber | Optional | String | Card number |
| data.card.cardInfo.cardMonth | Optional | String | Card expiry month, contain the leading zero (E.g. 03) |
| data.card.cardInfo.cardYear | Optional | String | Card expiry year (E.g. 2024) |
| data.card.cardInfo.cardHolderName | Optional | String | Card holder name |
| data.ewallet | Optional | Object | Ewallet information |
| data.ewallet.serviceCode | Optional | String | Ewallet code |
| data.ewallet.properties | Optional | Object | Properties |
| data.ewallet.properties.successReturnUrl | Optional | String | URL where the end-customer is redirected if the linking is successful. |
| data.ewallet.properties.pendingReturnUrl | Optional | String | URL where the end-customer is redirected if the linking is pending. |
| data.ewallet.properties.failureReturnUrl | Optional | String | URL where the end-customer is redirected if the linking is failed. |
| data.billing | Optional | Object | Billing information |
| data.billing.country | Optional | String | Country code |
| data.billing.city | Optional | String | City |
| data.billing.provinceState | Optional | String | Province/ state |
| data.billing.address | Optional | String | Address |
| data.billing.zipcode | Optional | String | Zip code |
| data.status | Required | String | Trạng thái: - PENDING: request to initiate payment method has been sent, AppotaPay is processing to activate the payment method, then waiting for callback from AppotaPay to update status - REQUIRES_ACTION: additional actions need to be performed to activate the payment method, common actions are OTP validation or redirecting the user to the authentication page - ACTIVE: the payment method has been activated - INACTIVE: payment method cannot be used to make transactions - EXPIRED: authorization has expired or been invalid - FAILED: create payment method unsuccessfully |
| data.actions | Optional | Array | If status is REQUIRES_ACTION, the object has specific information to perform the next action to activate the payment method |
| data.actions.*.url | Optional | String | URL to perform action |
| data.actions.*.action | Optional | String | The purpose the corresponding action - AUTH - Trigger this action in order to authorize linking or payment - RESEND_AUTH - Trigger this action in order to resend the authorization code to the end-customer |
| data.actions.*.method | Optional | String | HTTP method for calling the url. - GET - POST |
| data.createdAt | Required | String | Creation time (standard format: ISO-8601) |
| data.updatedAt | Required | String | Last updated time (standard format: ISO-8601) |
Response format
- The partner needs to respond to AppotaPay to confirm that they have received the result
- The response is considered successful when HTTP code = 200