Comment on page
4⃣
Handle Payment Response
After payment for an order has occurred, Optty performs the necessary confirmations and redirects to the merchant.

The following data is returned in the redirect back to the merchant, as url parameters.
Parameter | Type | Description |
---|---|---|
hash* | string | The hash being returned to the merchant for verification |
reference* | string | The reference provided by the merchant; can be used for lookups |
status* | string | The state of the transaction
Possible values are:
SUCCESSFUL, CANCELLED, DECLINED, ERROR |
providerReference | string | The reference provided by the APM provider; can be used for lookups directly with the APM provider |
http://example.com?hash=coqCmt%2FIZ4E3CzPvMY8zTjQVL5hYJUiBRg8UU%2BiCWo0&reference=1234&status=SUCCESSFUL&providerReference=c4dbe976f7
To protect your server from unauthorised redirects, we strongly recommend that you verify the HMAC signature by hashing with the merchant secret to recreate the signature, and only honour the redirect if it matches.
To calculate the hash value, concatenate the 'status' and 'reference' parameters (using a pipe "|" to delimit the values) and generate a hash using the SHA512 algorithm.
Current hashed string contents - {status}|{reference}
The Payment Response will be sent to the default URL setup in your Optty account. However, to override the return URL you can send dynamicRedirectUrl
Last modified 5mo ago