Non-Secure Payment
The Payment API is used to send order and credit card details to the Paybull payment integration system. The merchant's website should receive the payment status immediately without loading the payment page. Based on the API success status, the shopping cart and order status should be updated accordingly.
If the return from the Token API (is_3d) is 1, the merchant's website needs to display a checkbox for the user to choose between 2D or 3D.
Method |
API Endpoint |
Content-Type |
POST |
/api/paySmart2D |
application/json |
Parameter |
Required |
Content-Type |
Authorization |
Mandatory |
Bearer |
Parameter |
Data Type |
Required |
Description |
cc_holder_name |
string |
Mandatory |
Name and surname on the card. |
cc_no |
string |
Mandatory |
Card number. |
expiry_month |
string |
Mandatory |
Card expiration month. |
expiry_year |
string |
Mandatory |
Card expiration year. 2030 |
cvv |
string |
Mandatory |
3-digit security code, 4 digits for foreign cards. |
currency_code |
string |
Mandatory |
Currency code. USD , TRY , EUR |
installments_number |
number |
Mandatory |
Number of installments. |
invoice_id |
string |
Mandatory |
Unique invoice number. |
invoice_description |
string |
Mandatory |
Cart description. |
name |
string |
Mandatory |
Name of the person purchasing the product. |
surname |
string |
Mandatory |
Surname of the person purchasing the product. |
total |
double |
Mandatory |
Amount to be paid. 1000.58 |
merchant_key |
string |
Mandatory |
Unique Merchant Key obtained from PayBull |
items |
string |
Mandatory |
Products in the cart |
cancel_url |
string |
Optional |
URL for unsuccessful payment. |
return_url |
string |
Optional |
URL for successful payment. |
response_method |
string |
Optional |
Parameters POST / GET are transmitted. |
hash_key |
string |
Mandatory |
Unique key ensuring that the user cannot make changes related to the payment before the transaction reaches the bank and that the payment is securely completed. See Hash Key Generation |
bill_address1 |
string |
Optional |
1st Address Line of the person purchasing the product. |
bill_address2 |
string |
Optional |
2nd Address Line of the person purchasing the product. |
bill_city |
string |
Optional |
City of the person purchasing the product. |
bill_postcode |
string |
Optional |
Postal code of the person purchasing the product. |
bill_state |
string |
Optional |
State of the person purchasing the product. |
bill_country |
string |
Optional |
Country of the person purchasing the product. |
bill_email |
string |
Optional |
Email address of the person purchasing the product. |
bill_phone |
string |
Optional |
Phone number of the person purchasing the product. |
card_program |
string |
Optional |
One of the values WORLD , BONUS , MAXIMUM , BANKKART_COMBO , PARAF , AXESS , ADVANT , CARD_FNS should be sent. |
ip |
string |
Optional |
Represents the IP address of the person purchasing the product. |
transaction_type |
string |
Optional |
Transmitted with parameters PreAuth / Auth , the payment must be completed or canceled within 20 days, otherwise it will be automatically canceled. |
sale_webhook_key |
string |
Optional |
When a purchase request is completed, Paybull sends a post request. The Sale Webhook URL must be assigned in the Paybull Merchant Panel. |
REPEATED REQUEST
Parameter |
Data Type |
Required |
Description |
order_type |
Integer |
Mandatory |
When set to 1 , it confirms Paybull to repeat the payment. |
recurring_payment_number |
Integer |
Mandatory |
Defines the number of payments to be repeated. If the initial amount is 100 TL and recurring_payment_number is 5, the total amount will be 100 TL * 5 = 500 TL. (Transaction cost may be added to each transaction) |
recurring_payment_cycle |
string |
Mandatory |
Defines the unit type of the recurring_payment_interval parameter. D / M / Y Ex: D: Days ,M: Months , Y: Years |
recurring_payment_interval |
Integer |
Mandatory |
Defines the interval value. If recurring_payment_interval = 2 and recurring_payment_cycle = "M", the transaction will occur every 2 months. |
recurring_webhook_key |
string |
Mandatory |
The Sale Webhook URL must be assigned in the Paybull Merchant Panel. |
FARMING REQUEST
Parameter |
Data Type |
Required |
Description |
maturity_period |
Integer |
Mandatory |
Should be sent as an integer if the transaction is farming. |
payment_frequency |
Integer |
Mandatory |
Should be sent as an integer if the transaction is farming. |
HASH KEY CREATION
function generateHashKey($total, $installment, $currency_code, $merchant_key, $invoice_id, $app_secret)
{
$data = $total . '|' . $installment . '|' . $currency_code . '|' . $merchant_key . '|' . $invoice_id;
$iv = substr(sha1(mt_rand()), 0, 16);
$password = sha1($app_secret);
$salt = substr(sha1(mt_rand()), 0, 4);
$saltWithPassword = hash('sha256', $password . $salt);
$encrypted = openssl_encrypt("$data", 'aes-256-cbc', "$saltWithPassword", null, $iv);
$msg_encrypted_bundle = "$iv:$salt:$encrypted";
$msg_encrypted_bundle = str_replace('/', '__', $msg_encrypted_bundle);
return $msg_encrypted_bundle;
}
public static string GenerateHashKey(string total,string installment,string currency_code,string merchant_key,string invoice_id,string app_secret){
var data = total + '|'+installment+'|'+currency_code+'|'+merchant_key+'|'+invoice_id;
var sha1 = new SHA1Managed();
Random rnd = new Random();
var iv = sha1.ComputeHash(Encoding.UTF8.GetBytes(rnd.ToString()));
var password = sha1.ComputeHash(Encoding.UTF8.GetBytes(app_secret)).ToString();
rnd = new Random();
var shaSalt = sha1.ComputeHash(Encoding.UTF8.GetBytes(rnd.ToString())).ToString();
var salt = shaSalt.Substring(0, 4);
var sha256 = new SHA256Managed();
var saltWithPassword = sha256.ComputeHash(Encoding.UTF8.GetBytes(password+salt));
//var encrypted = EncryptString(data,saltWithPassword,iv);
var encrypted = "asdasdasd";
var msg_encrypted_bundle = iv + ":" + salt + ":" + encrypted;
msg_encrypted_bundle = msg_encrypted_bundle.Replace("/","__");
return msg_encrypted_bundle;
}
public static string EncryptString(string plainText, byte[] key, byte[] iv){
Aes encryptor = Aes.Create();
encryptor.Mode = CipherMode.CBC;
encryptor.Key = key;
encryptor.IV = iv;
MemoryStream memoryStream = new MemoryStream();
ICryptoTransform aesEncryptor = encryptor.CreateEncryptor();
CryptoStream cryptoStream = new CryptoStream(memoryStream, aesEncryptor, CryptoStreamMode.Write);
byte[] plainBytes = Encoding.ASCII.GetBytes(plainText);
cryptoStream.Write(plainBytes, 0, plainBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string cipherText = Convert.ToBase64String(cipherBytes, 0, cipherBytes.Length);
return cipherText;
}
function generateHashKey(total , installment , currency_code , merchant_key , invoice_id , app_secret) {
var data = total + "|" + installment + "|" + currency_code + "|" + merchant_key + "|" + invoice_id;
var randNumIv = Math.floor(Math.random() * (99999999999999999 - 10000000000000000) + 10000000000000000);
var hashNumIv = sha1(randNumIv);
hashNumIv = hashNumIv.create();
var iv = hashNumIv.slice(0,16);
var hashPass = sha1(app_secret);
hashPass = hashPass.create();
var password = hashPass.hex();
var randNumSalt = Math.floor(Math.random() * (99999999999999999 - 10000000000000000) + 10000000000000000);
var hashNumSalt = sha1(randNumIv);
hashNumSalt = hashNumSalt.create();
var salt = hashNumSalt.hex();
var strPassSalt = password + salt;
var hashStr = sha1(strPassSalt);
strPassSalt.create();
var saltWithPassword = strPassSalt.hex();
var encrypted = "";
var msg_encrypted_bundle = iv + ":" + salt + ":" + encrypted;
msg_encrypted_bundle = msg_encrypted_bundle.replaceAll("/" , "_");
return msg_encrypted_bundle;
}
SAMPLE CODE
payment_status = 1 Completed ,payment_status = 0 Failed
{
"cc_holder_name":"John Dao",
"cc_no":"5406675406675403",
"expiry_month":"12",
"expiry_year":"26",
"cvv":"000",
"currency_code":"TRY",
"installments_number": 1,
"invoice_id":"1693558087",
"invoice_description":" INVOICE TEST DESCRIPTION",
"total":10,
"merchant_key":"$2y$10$w/ODdbTmfubcbUCUq/ia3OoJFMUmkM1UVNBiIQIuLfUlPmaLUT1he",
"items":[{"name":"Item3","price":10.00,"quantity":1,"description":"item3 description"}],
"name" : "John",
"surname" : "Dao",
"hash_key" : "b8101ce330960fa7:8a81:YI9VbGOhKoFeEJ37Jha2XjXMs6Gq3750YoNlhze530mLhtbRZKjf3T__Ww0yD3PhAHv90PtyNG3RWXy__AIZyBzLqX8BBVAf4idqc1tPn98mAP5rcVPwqenMtSrDL8QE6t",
"cancel_url" : "cancel_url",
"return_url" : "return_url"
}
Array
(
"order_no": "169355826789055",
"order_id": "169355826789055",
"invoice_id": "1693558087",
"credit_card_no": "540667****5403",
"transaction_type": "Auth",
"payment_status": 1,
"payment_method": 1,
"error_code": 100,
"error": "Onaylandı",
"auth_code": "848287",
"merchant_commission": 1,
"user_commission": 0,
"merchant_commission_percentage": 1,
"merchant_commission_fixed": 0,
"installment": 1,
"amount": 10,
"currency_exchange_rate": "0.0000",
"currency_exchange_from": "",
"currency_exchange_to": "",
"hash_key": "37de7caae8c19c9b:d24d:fE8rEeGT2ff88AbJL8IC6nznJu5Cb3xgCDjrB6zGln4XkvJDDgni8__E30HnGWCYn",
"original_bank_error_code": "",
"original_bank_error_description": ""
)