Server to server
- Introduction
- Basic workflow
- Authentication
- Basic server to server example
- Validating the transaction status
Introduction
Server to server mode allows to process transactions by sending POST requests to our gateway directly from your platform / back-office.
With this integration mode, you have to provide all user’s information, including payment method details.
security
For bank card transactions, server to server integration mode requires you to receive sensible card holder data and has a great impact on the security of your platform. See PCI-DSS standard reference
Basic workflow
Here is a simple diagram illustrating the server-to-server workflow.
- You display a payment form on your own application collecting required data.
- You send a
HTTPSPOSTrequest to our server to server url: https://secure-test.dalenys.com/front/service/rest/process. The requests contains at least two parameters:method: the action to process (ex:payment) andparams: the parameter list. - The Payplug platform sends a request to the bank network and wait for the result.
- You receive the result in the request response.
- The transaction result is confirmed by a notification request sent to the merchant’s
NOTIFICATION_URL, containing the transaction’s parameters (of whichEXECCODEandTRANSACTIONID).
info
The
NOTIFICATION_URLcan be configured through the Payplug dashboard, in the technical account configuration.
Authentication
In order to be authenticated, your transaction request must be signed with the dalenys_signature function as described in the authentication section.
Basic server to server example
Here is a simple server to server payment request:
$> curl --request POST --url "https://secure-test.dalenys.com/front/service/rest/process" \
--data "method=payment" \
--data "params[IDENTIFIER]=Demo Shop" \
--data "params[OPERATIONTYPE]=payment" \
--data "params[ORDERID]=1234" \
--data "params[AMOUNT]=1000" \
--data "params[CLIENTIDENT]=john.snow" \
--data "params[CLIENTEMAIL][email protected]" \
--data "params[CLIENTREFERRER]=https://your_shop.com/order?id=1234" \
--data "params[CLIENTUSERAGENT]=Mozilla/5.0 (Windows NT 6.1; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0" \
--data "params[CLIENTIP]=10.1.1.1" \
--data "params[CARDCODE]=1111222233334444" \
--data "params[CARDCVV]=123" \
--data "params[CARDVALIDITYDATE]=12-17" \
--data "params[CARDFULLNAME]=JOHN SNOW" \
--data "params[DESCRIPTION]=Knows nothing" \
--data "params[HASH]=15477dcb8687adf90fa51e418f3c1a2d025f40b177a978c2734514734633b3c4" \
--data "params[VERSION]=3.0" \
Validating the transaction status
The result of a server to server request is a JSON string.
To make sure your server to server request is successful, you have to check both the HTTP code value and the EXECCODE in the response.
- The HTTP code value should be
200. A200HTTP code indicates that the transaction was correctly received by our gateway.
Any other HTTP code indicates that a technical issue happened.
- The
EXECCODEvalue indicates the operation status (ex: succeeded, refused…).
If you configured a NOTIFICATION_URL (recommended) in your account configuration page in the Payplug dashboard, you will receive a confirmation of your transaction result.
warning
Keep in mind that the notification request could be sent asynchronously. It means that you can receive the notification before or after you received the request response.