4️⃣Handle Payment Response
After payment for an order has occurred, Optty performs the necessary confirmations and redirects to the merchant.
Last updated
After payment for an order has occurred, Optty performs the necessary confirmations and redirects to the merchant.
Last updated
Merchant URL
https://api.qa.optty.com
Merchant URL
https://api.optty.com
The following data is returned in the redirect back to the merchant, as url parameters.
hash*
string
The hash being returned to the merchant for verification
reference*
string
The reference provided by the merchant; can be used for lookups
status*
string
The state of the transaction Possible values are: SUCCESSFUL, CANCELLED, DECLINED, ERROR
providerReference
string
The reference provided by the APM provider; can be used for lookups directly with the APM provider
To protect your server from unauthorised redirects, we strongly recommend that you verify the HMAC signature by hashing with the merchant "payment secret" to recreate the signature, and only honour the redirect if it matches.
The "payment secret" can be found on the "view profile" page under "view credentials" on the UPP.
To calculate the hash value, concatenate the 'status' and 'reference' parameters (using a pipe "|" to delimit the values) and generate a hash using the SHA512 algorithm.
Current hashed string contents - {status}|{reference}
The Payment Response will be sent to the default URL setup in your Optty account. However, to override the return URL you can send dynamicRedirectUrl
