Authorization relay response

From PlatiOnline.EU
Jump to: navigation, search

Payment Authorization Relay Response

On each transaction you can setup the relay response method:

Response method Comments
PTOR POST using JavaScript
POST_S2S_PO_PAGE POST server PO to merchant server, customer get the PO template
POST_S2S_MT_PAGE POST server PO to merchant server, customer get the Merchant template
SOAP_PO_PAGE POST SOAP server PO to merchant server, customer get the PO template
SOAP_MT_PAGE POST SOAP server PO to merchant server, customer get the Merchant template
GET DISABLED imposible to use Plati Online 5.x

Also merchants can setup a parameter to instruct Plati Online system to send the transaction decline response to the merchant's server.


PlatiOnline Authorization relay response

PlatiOnline Authorization result is automatically sent when acquiring bank accepts or declines amount authorization.
PlatiOnline.ro system provides several methods that allow merchants to receive transaction response:

POST (JavaScript PlatiOnline Server - Client Internet Browser - Merchant Server)

This method creates a HTML form where « action » parameter has merchant's URL f_relay_response_url.

  • Upon automated onLoad event, a JavaScript code will « submit » the form.
  • By using this method SESSION variables related to HTTP communication between merchant server and customer's Browser can be used.

NOTE: this method is NOT recommended for websites that do not use SSL!


POST QueryString contain f_relay_message and f_crypt_message:

Parameter Data type Comments
f_relay_message text Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant fields text QueryString used on Authorization XML request on tags //merchants_fields//PostQueryString;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd

POST (Direct PlatiOnline Server - Merchant Server) - Merchant HTML Page

Using this method allows a direct communication between servers without involving customer's Browser.
  • PO Server will POST directly to merchant's URL;
  • Merchant server processes transaction result and responds to PO server with a HTML/JavaScript code;
  • PO Server saves HTML/JavaScript code and then sends it directly to customer's Browser.
  • The customer will view in Browser the merchant generated HTML/JavaScript response.

NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.

NOTE: this method is recommended for websites that do not use SSL!



SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure.plationline.eu/xml_validation/auth.soap.response.v5.xsd


Tag Data type Comments
f_relay_message string Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant_SoapTags complex SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd

POST (Direct PlatiOnline Server - Merchant Server) - PlatiOnline Template

It's similar to above method, but customer will view authorization result in a PlatiOnline HTML format.
Depending on the transaction result, we provide the following templates:
  • PO Template for Authorized transactions;
  • PO Template for Declined transactions. In this template we provide a decline message and also allow the customer to retry the transaction by pressing one button;
  • PO Template for Pending Verification transactions. In this template customer is informed s/he must wait for final transaction result since transaction will undergo a manual verification.
  • PO Template for Expired transactions (authorized transactions, but completed AFTER the time frame allowed by to merchant for authorization completion has passed - authorization DELTA T) - <f_auth_minutes> TAG from f_message


NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.

NOTE: this method is recommended for websites that do not use SSL!



POST QueryString contain f_relay_message and f_crypt_message:

Parameter Data type Comments
f_relay_message text Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant fields text QueryString used on Authorization XML request on tags //merchants_fields//PostQueryString;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd

GET (Redirect PlatiOnline Server - Client Internet Browser - Merchant Server)

DISABLED

SOAP (Direct PlatiOnline Server - Merchant Server) - PlatiOnline Template

Using this method allows a direct communication between servers without involving customer's Browser.
PO Server will post directly to merchant's URL by:
  • Content-Type="application/soap+xml; charset=utf-8";
  • SOAPAction=RelayResponse;
Merchant's server processes transaction result and response to PO Server with a XML code;
  • PO Template for Authorized transactions;
  • PO Template for Declined transactions. In this template we provide a decline message and also allow the customer to retry the transaction by pressing one button;
  • PO Template for Pending Verification transactions. In this template customer is informed s/he must wait for final transaction result since transaction will undergo a manual verification.
  • PO Template for Expired transactions (authorized transactions, but completed AFTER the time frame allowed by to merchant for authorization completion has passed - authorization DELTA T) - <f_auth_minutes> TAG from f_message


NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.

NOTE: this method is recommended for websites that do not use SSL!



SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure2.plationline.ro/xml_validation/auth.soap.response.v5.xsd


Tag Data type Comments
f_relay_message string Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant_SoapTags complex SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd

SOAP (Direct PlatiOnline Server - Merchant Server) - Merchants HTML Page

Using this method allows a direct communication between servers without involving customer's Browser.
PO Server will post directly to merchant's URL by:
  • Content-Type="application/soap+xml; charset=utf-8";
  • SOAPAction=RelayResponse;
Merchant's server processes transaction result and response to PO Server with a XML code;


NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.

NOTE: this method is recommended for websites that do not use SSL!



SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure.plationline.eu/xml_validation/auth.soap.response.v5.xsd


Tag Data type Comments
f_relay_message string Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant_SoapTags complex SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd