Server to server

Introduction

Server to server mode allows to process transactions by sending POST requests to our gateway directly from your platform / back-office.

With this integration mode, you have to provide all user’s informations, including payment method details.

security

For bank card transactions, server to server integration mode requires you to receive sensible card holder data and has a great impact on the security of your platform. See PCI-DSS standard reference

Basic workflow

Here is a simple diagram illustrating the server-to-server workflow.

Workflow

  1. You display a payment form on your own application collecting required data.
  2. You send a HTTPS POST request to our server to server url: https://secure-test.be2bill.com/front/service/rest/process. The requests contains at least two parameters: method : the action to process (ex: payment) and params: the parameter list.
  3. The Dalenys platform sends a request to the bank network and wait for the result.
  4. You receive the result in the request response.
  5. The transaction result is confirmed by a notification request sent to the merchant’s NOTIFICATION_URL, containing the transaction’s parameters (of which EXECCODE and TRANSACTIONID).
info

The NOTIFICATION_URL can be configured through the Dalenys extranet, in the technical account configuration.

Authentication

In order to be authenticated, your transaction request must be signed with the dalenys_signature function as described in the authentication section.

Basic server to server example

Here is a simple server to server payment request:

$> curl --request POST --url "https://secure-test.be2bill.com/front/service/rest/process" \
--data "method=payment" \
--data "params[IDENTIFIER]=YOUR_IDENTIFIER" \
--data "params[OPERATIONTYPE]=payment" \
--data "params[ORDERID]=1234" \
--data "params[AMOUNT]=1000" \
--data "params[CLIENTIDENT]=john.snow" \
--data "params[CLIENTEMAIL]=john.snow@example.com" \
--data "params[CLIENTREFERRER]=https://your_shop.com/order?id=1234" \
--data "params[CLIENTUSERAGENT]=Mozilla/5.0 (Windows NT 6.1; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0" \
--data "params[CLIENTIP]=10.1.1.1" \
--data "params[CARDCODE]=1111222233334444" \
--data "params[CARDCVV]=123" \
--data "params[CARDVALIDITYDATE]=12-17" \
--data "params[CARDFULLNAME]=JOHN SNOW" \
--data "params[DESCRIPTION]=Knows nothing" \
--data "params[HASH]=15477dcb8687adf90fa51e418f3c1a2d025f40b177a978c2734514734633b3c4" \
--data "params[VERSION]=3.0" \

Validating the transaction status

The result of a server to server request is a JSON string.

To make sure your server to server request is successful, you have to check both the HTTP code value and the EXECCODE in the response.

  • The HTTP code value should be 200. A 200 HTTP code indicates that the transaction was correctly received by our gateway.

Any other HTTP code indicates that a technical issue happened.

  • The EXECCODE value indicates the operation status (ex: succeeded, refused…).

If you configured a NOTIFICATION_URL (recommended) in your account configuration page in the Dalenys extranet, you will receive a confirmation of your transaction result.

warning

Keep in mind that the notification request could be sent asynchronously. It means that you can receive the notification before or after you received the request response.