Skip to content

Secure Payment Notification

Multiple payment notification methods

Apptus eSales Enterprise RESTful API includes two different payment notification methods. The recommended notification method to use is Secure Payment Notification.

Server side operation only

The payment notification with cost can not be made as a client side operation with the JavaScript library.

The secure payment notification is to be sent when the visitor has placed an order of one or more products and completed payment. The parameter paymentToken must be submitted in the request to notify cost.

The paymentToken is created by stringifying the payment object, see the request examples, and signing it with the MessageAuthentication class. The parameter customerKey must be present in the payment object.

Method

POST

URL format

/api/v1/notifications/payment?paymentToken={paymentToken}

Parameters

Name Type Description Example
sessionKey string A unique id. UUID / GUID 2F75A...EAFA6
customerKey string Visitor id. SHA256 hash if the visitor is signed in, otherwise a UUID / GUID. 5G7HJ...R77T1
market string Visitor Market Sweden
token string Unique token generated by the CustomerKeyAuthentication class. Should only be set for signed in visitors. EAFA6...2F75A
lines array[ ] Array with payment information. productKey: P1, quantity: 2, sellingPrice: 20.0, cost: 15.2
productKey string The unique key of the product. Not mandatory when variantKey is set. shirt_79709
variantKey string The unique key of the variant. Not mandatory when productKey is set. shirt_blue_79709
quantity int The quantity of the purchased product. 2
sellingPrice double The selling price of the purchased product. 20.0
cost double The cost of the purchased product. If the cost is not available, cost should not be included in the notification. 15.2
paymentToken string Unique token generated by the MessageAuthentication class. 6ffc1...a1921

Request body

{
    "sessionKey": "string",
    "customerKey": "string",
    "market": "string",
    "token": "string",
    "lines": [
        {
            "productKey": "string",
            "variantKey": "string",
            "quantity": "int",
            "sellingPrice": "double",
            "cost": "double"
        } 
    ]
}

Request content-type

application/json

Response content-type

HTTP response code

Responses

Response Description
204 Notifications was received successfully.
400 The payment was invalid (e.g. no order lines, cost was sent without paymentToken or both productKey and variantKey were null or empty).
403 A personal customer key was used, but it could not be validated, or client side payment notifications has been disabled for this cluster.
5xx Server error such as cluster unavailable or busy. The response body may contain more information about the error.

Examples

Try out the API at the Apptus API Playground with your eSales Playground and API credentials.

Request

request-body.json

{
    "sessionKey": "b106299c-eac0-4f6f-96d2-93e57c255784",
    "customerKey": "d9528030-509c-4e0f-b585-7168f1e9feca",
    "market": "UK",
    "lines": [
        {
            "productKey":"P_555452-0446_UK",
            "quantity": 1,
            "sellingPrice": 10.35,
            "cost": 5.1,
            "variantKey": null
        }
    ]
}

Stringified payment object

{"sessionKey":"b106299c-eac0-4f6f-96d2-93e57c255784","customerKey":"d9528030-509c-4e0f-b585-7168f1e9feca","market":"UK","token":null,"lines":[{"productKey":"P_555452-0446_UK","quantity":1,"sellingPrice":10.35,"cost":5.1,"variantKey":null}]}

cURL

#!/bin/bash
curl -i \
-X POST \
-T request-body.json \
-H "Content-Type: application/json" \
"https://{cluster-id}.api.esales.apptus.cloud/api/v1/notifications/payment?paymentToken=6ffc11ef974c1cda438ef9382e2cedf452d4e8f496d8405187583cf1c26a1921"

Response

HTTP/1.1 204 No Content
×
Copyright

This online publication is intellectual property of Apptus Technologies. Its contents can be duplicated in part or whole, provided that a copyright label is visibly located on each copy and the copy is used in conjunction with the product described within this document.

All information found in these documents has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither Apptus Technologies nor the authors shall be held liable for possible errors or the consequences thereof.

Software and hardware descriptions cited in these documents might be registered trademarks. All trade names are subject to copyright restrictions and may be registered trademarks. Apptus Technologies essentially adheres to the manufacturer’s spelling. Names of products and trademarks appearing in this document, with or without specific notation, are likewise subject to trademark and trade protection laws and may thus fall under copyright restrictions.

CLOSE