UAPAY - національний платіжний сервіс
3DS payment confirmation (3-D Secure)
After responding to the POST method /api/invoicer/payments/checkStatus was received data.status=NEEDS_CONFIRMATION and data.confirmation.type=3DS, it is necessary to redirect the user to the ACS-page of the issuer's bank to confirm the payment.
To do this, you need to perform a query using the POST method on URL data.confirmation.url. If there are parameters in the object data.confirmation.form - they must be passed in the request (they are not all required). Be sure to pass the parameter TermUrl, it must be formed on the principle URL + query string parameters: id, redirect, key (not required)::
${redirectUrl}?id=${redirectParamsId}&key=${key}&redirect=${redirect}
where:
${redirectUrl} - value of the field data.redirect.url from the response to the request to receive the payment status;
${redirectParamsId} - field value data.redirect.params.id in response to a request for payment status;
${key} - the value of the data.key field in response to the payment request;
${redirect} - URL, to be redirected to after completion of ACS page verification (usually Merchant page URL)
Example of response to the POST method api/invoicer/payments/checkStatus:
{
"status": 1,
"data": {
"id": "d00c4a4e-30e6-499c-8dba-9fae2816094c",
"externalId": "ab527192-0f81-423d-a192-d6d270d3a9d2.1611586242200",
"receiptId": "8SRY8F4AK95E",
"status": "NEEDS_CONFIRMATION",
"amount": 1200,
"pluginId": 38,
"key": "7qAux1wS9QrEjMutPcahmtHvUBECmXuiyYu6AhQrCgZu.kkcou74107632189319",
"confirmation": {
"type": "3DS",
"url": "https://api.demo.uapay.ua/api/acs/virtual/form",
"form": {
"PaReq": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmRlcklkIjoiMjc5MTZjODEtOTIwYi00YWFlLTkxNWYtZjEwNjBiZDdkOGYxIiwiYW1vdW50IjoxMzI0LCJwYW5NYXNrZWQiOiI1NDU0NTQ1NDU0IiwiaWF0IjoxNjExNTg2MjQzfQ.Wof7YYGOed6AJdeuPGzQZ8T6sZEz_i9zq1o84CjAgEM",
"MD": "27916c81-920b-4aae-915f-f1060bd7d8f1"
}
},
"redirect": {
"url": "https://api.demo.uapay.ua/api/payments/ecom/confirm",
"params": {
"id": "d00c4a4e-30e6-499c-8dba-9fae2816094c"
},
"directAcs": null
},
"paymentStatus": "NEW"
}
}
An example of the formed TermUrl:
https://api.demo.uapay.ua/api/payments/ecom/confirm?id=d00c4a4e-30e6-499c-8dba-9fae2816094c&redirect=https://uapay.ua/
To make a POST request to the issuer's bank, you need to create and call an HTML form. Example using JavaScript:
<!DOCTYPE html>
<html>
<head>
<title>Example call ACS</title>
</head>
<body>
<script type="text/javascript">
var form = document.createElement('form');
form.setAttribute('method', 'POST');
form.setAttribute('action', data.confirmation.url);
var paReq = document.createElement('input');
paReq.setAttribute('type', 'hidden');
paReq.setAttribute('name', 'PaReq');
paReq.setAttribute('value', data.confirmation.form.PaReq);
form.appendChild(paReq);
var md = document.createElement('input');
md.setAttribute('type', 'hidden');
md.setAttribute('name', 'MD');
md.setAttribute('value', data.confirmation.form.MD);
form.appendChild(md);
var termUrl = document.createElement('input');
termUrl.setAttribute('type', 'hidden');
termUrl.setAttribute('name', 'TermUrl');
termUrl.setAttribute('value', termUrl);
form.appendChild(termUrl);
document.body.append(form);
form.submit();
</script>
</body>
</html>
After the user returns to the page, it is necessary to continue sending the show request, until the final payment status is received.
Related pages
UAPAY - національний платіжний сервіс
pay@uapay.ua