Developer Docs
Search
K
Comment on page
4⃣

Handle Payment Response

After payment for an order has occurred, Optty performs the necessary confirmations and redirects to the merchant.
The following data is returned in the redirect back to the merchant, as url parameters.
Parameter
Type
Description
hash*
string
The hash being returned to the merchant for verification
reference*
string
The reference provided by the merchant; can be used for lookups
status*
string
The state of the transaction Possible values are: SUCCESSFUL, CANCELLED, DECLINED, ERROR
providerReference
string
The reference provided by the APM provider; can be used for lookups directly with the APM provider

Example Redirect URL

http://example.com?hash=coqCmt%2FIZ4E3CzPvMY8zTjQVL5hYJUiBRg8UU%2BiCWo0&reference=1234&status=SUCCESSFUL&providerReference=c4dbe976f7
To protect your server from unauthorised redirects, we strongly recommend that you verify the HMAC signature by hashing with the merchant secret to recreate the signature, and only honour the redirect if it matches.
To calculate the hash value, concatenate the 'status' and 'reference' parameters (using a pipe "|" to delimit the values) and generate a hash using the SHA512 algorithm.
Current hashed string contents - {status}|{reference}

Dynamic URL

The Payment Response will be sent to the default URL setup in your Optty account. However, to override the return URL you can send dynamicRedirectUrl