Authorization relay response
Contents
- 1 Payment Authorization Relay Response
- 2 PlatiOnline Authorization relay response
- 2.1 POST (JavaScript PlatiOnline Server - Client Internet Browser - Merchant Server)
- 2.2 POST (Direct PlatiOnline Server - Merchant Server) - Merchant HTML Page
- 2.3 POST (Direct PlatiOnline Server - Merchant Server) - PlatiOnline Template
- 2.4 GET (Redirect PlatiOnline Server - Client Internet Browser - Merchant Server)
- 2.5 SOAP (Direct PlatiOnline Server - Merchant Server) - PlatiOnline Template
- 2.6 SOAP (Direct PlatiOnline Server - Merchant Server) - Merchants HTML Page
Payment Authorization Relay Response
On each transaction you can setup the relay response method:
| Response method | Comments |
|---|---|
| PTOR | POST using JavaScript |
| POST_S2S_PO_PAGE | POST server PO to merchant server, customer get the PO template |
| POST_S2S_MT_PAGE | DEPRECATED - POST server PO to merchant server, customer get the Merchant template |
| SOAP_PO_PAGE | POST SOAP server PO to merchant server, customer get the PO template |
| SOAP_MT_PAGE | DEPRECATED - POST SOAP server PO to merchant server, customer get the Merchant template |
| GET | DISABLED - it is imposible to use it starting Plati Online 5.0 |
Also merchants can setup a parameter to instruct Plati Online system to send the transaction decline response to the merchant's server.
PlatiOnline Authorization relay response
PlatiOnline Authorization result is automatically sent when acquiring bank accepts or declines amount authorization.
PlatiOnline.ro system provides several methods that allow merchants to receive transaction response:
POST (JavaScript PlatiOnline Server - Client Internet Browser - Merchant Server)
This method creates a HTML form where « action » parameter has merchant's URL f_relay_response_url.
- Upon automated onLoad event, a JavaScript code will « submit » the form.
- By using this method SESSION variables related to HTTP communication between merchant server and customer's Browser can be used.
NOTE: this method is NOT recommended for websites that do not use SSL!
POST QueryString contain f_relay_message and f_crypt_message:
| Parameter | Data type | Comments |
|---|---|---|
| f_relay_message | text | Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm |
| f_crypt_message | text | AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys |
| merchant fields | text | QueryString used on Authorization XML request on tags //merchants_fields//PostQueryString;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd |
POST (Direct PlatiOnline Server - Merchant Server) - Merchant HTML Page
- Using this method allows a direct communication between servers without involving customer's Browser.
- PO Server will POST directly to merchant's URL;
- Merchant server processes transaction result and responds to PO server with a HTML/JavaScript code;
- PO Server saves HTML/JavaScript code and then sends it directly to customer's Browser.
- The customer will view in Browser the merchant generated HTML/JavaScript response.
NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.
NOTE: this method is recommended for websites that do not use SSL!
SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure.plationline.eu/xml_validation/auth.soap.response.v5.xsd
| Tag | Data type | Comments |
|---|---|---|
| f_relay_message | string | Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm |
| f_crypt_message | text | AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys |
| merchant_SoapTags | complex | SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd |
POST (Direct PlatiOnline Server - Merchant Server) - PlatiOnline Template
- It's similar to above method, but customer will view authorization result in a PlatiOnline HTML format.
- Depending on the transaction result, we provide the following templates:
- PO Template for Authorized transactions;
- PO Template for Declined transactions. In this template we provide a decline message and also allow the customer to retry the transaction by pressing one button;
- PO Template for Pending Verification transactions. In this template customer is informed s/he must wait for final transaction result since transaction will undergo a manual verification.
- PO Template for Expired transactions (authorized transactions, but completed AFTER the time frame allowed by to merchant for authorization completion has passed - authorization DELTA T) - <f_auth_minutes> TAG from f_message
NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.
NOTE: this method is recommended for websites that do not use SSL!
POST QueryString contain f_relay_message and f_crypt_message:
| Parameter | Data type | Comments |
|---|---|---|
| f_relay_message | text | Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm |
| f_crypt_message | text | AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys |
| merchant fields | text | QueryString used on Authorization XML request on tags //merchants_fields//PostQueryString;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd |
GET (Redirect PlatiOnline Server - Client Internet Browser - Merchant Server)
DISABLED
SOAP (Direct PlatiOnline Server - Merchant Server) - PlatiOnline Template
- Using this method allows a direct communication between servers without involving customer's Browser.
- PO Server will post directly to merchant's URL by:
- Content-Type="application/soap+xml; charset=utf-8";
- SOAPAction=RelayResponse;
- Merchant's server processes transaction result and response to PO Server with a XML code;
- PO Template for Authorized transactions;
- PO Template for Declined transactions. In this template we provide a decline message and also allow the customer to retry the transaction by pressing one button;
- PO Template for Pending Verification transactions. In this template customer is informed s/he must wait for final transaction result since transaction will undergo a manual verification.
- PO Template for Expired transactions (authorized transactions, but completed AFTER the time frame allowed by to merchant for authorization completion has passed - authorization DELTA T) - <f_auth_minutes> TAG from f_message
NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.
NOTE: this method is recommended for websites that do not use SSL!
SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure2.plationline.ro/xml_validation/auth.soap.response.v5.xsd
| Tag | Data type | Comments |
|---|---|---|
| f_relay_message | string | Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm |
| f_crypt_message | text | AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys |
| merchant_SoapTags | complex | SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd |
SOAP (Direct PlatiOnline Server - Merchant Server) - Merchants HTML Page
- Using this method allows a direct communication between servers without involving customer's Browser.
- PO Server will post directly to merchant's URL by:
- Content-Type="application/soap+xml; charset=utf-8";
- SOAPAction=RelayResponse;
- Merchant's server processes transaction result and response to PO Server with a XML code;
NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.
NOTE: this method is recommended for websites that do not use SSL!
SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure.plationline.eu/xml_validation/auth.soap.response.v5.xsd
| Tag | Data type | Comments |
|---|---|---|
| f_relay_message | string | Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm |
| f_crypt_message | text | AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys |
| merchant_SoapTags | complex | SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd |
