3.16. /api/v2/pan-eligibility/form

Introduction

PAN Eligibility form is initiated through HTTPS POST request by using URLs and the parameters specified below. Use OAuth HMAC-SHA1 for authentication. See Statuses.

PAN Eligibility API URLs

Method

Integration

Production

Sending-only

https://sandbox.payneteasy.eu/paynet/api/v2/pan-eligibility/send-form/ENDPOINTID

https://gate.payneteasy.eu/paynet/api/v2/pan-eligibility/send-form/ENDPOINTID

Receiving-only

https://sandbox.payneteasy.eu/paynet/api/v2/pan-eligibility/receive-form/ENDPOINTID

https://gate.payneteasy.eu/paynet/api/v2/pan-eligibility/receive-form/ENDPOINTID

Both

https://sandbox.payneteasy.eu/paynet/api/v2/pan-eligibility/both-form/ENDPOINTID

https://gate.payneteasy.eu/paynet/api/v2/pan-eligibility/both-form/ENDPOINTID

Request Parameters

Note

Request must have content-type=application/x-www-form-urlencoded and Authorization headers.

Parameter Name

Description

Value

client_orderid

Unique order identifier assigned by Connecting Party.

Necessity: Required
Type: String
Length: 128

redirect_url

URL, where the Payer is redirected to upon completion of the transaction. Please note that redirection is performed in any case, no matter whether transaction is approved, declined in any other final status.
Connecting Party must not use the parameters come along with the redirect HTTP Request to treat the status of the transaction. Instead Connecting Party can utilize server_callback_url or status API command. Pass https://doc.payneteasy.eu if you have no need to return payer anywhere. Use either redirect_url or combination of redirect_success_url and redirect_fail_url, not both.
Necessity: Optional
Type: String
Length: 128

server_callback_url

URL, where the transaction status is sent to.
Connecting Party may use server callback URL for custom processing of the transaction completion, e.g. to collect payment data in the Connecting Party’s information system. For the list of parameters which come along with server callback to server_callback_url refer to Connecting Party callback parameters.
Necessity: Optional
Type: String
Length: 128

Response Parameters

Note

Response has Content-Type: text/html;charset=utf-8 header. All fields are x-www-form-urlencoded, with (0xA) character at the end of each parameter’s value.

Response Parameters

Description

type

The type of response. May be async-response, validation-error, error etc.
If type equals validation-error or error, error-message and error-code parameters contain error details.

paynet-order-id

Order id assigned to the order by Payneteasy.

merchant-order-id

Connecting Party order id.

serial-number

Unique number assigned by Payneteasy server to particular request from the Connecting Party.

error-message

If status is error this parameter contains the reason for decline or error details.

error-code

The error code is case of error status.

Send-form Request Example

POST /paynet/api/v2/pan-eligibility/send-form/39907 HTTP/1.1
Host: sandbox.payneteasy.eu
User-Agent: curl/7.83.0
Accept: */*
Authorization: OAuth realm="",oauth_version="1.0",oauth_consumer_key="javid_test_merch",oauth_timestamp="1687507473",oauth_nonce="Gs2vcwIXv6H",oauth_signature_method="HMAC-SHA1",oauth_signature="sMQWXIUY0OTgBzt2OavSFhT3Q3s%3D"
Content-Length: 192
Content-Type: application/x-www-form-urlencoded
Connection: close

client-order-id=1234567890
&oauth_consumer_key=test_merch
&oauth_nonce=Gs2vcwIXv6H
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1687507473
&oauth_version=1.0
&redirect-url=http%3A%2F%2Fsandbox.payneteasy.eu%2Fdoc%2Fdummy.htm

Send-form Success Response Example

HTTP/1.1 200
Server: server
Date: Wed, 21 Jun 2023 11:19:20 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 147

type=async-response
&serial-number=00000000-0000-0000-0000-000002ec863e
&merchant-order-id=1234567890
&paynet-order-id=7211136
&redirect-url=https%3A%2F%2Fsandbox.payneteasy.eu%2Fpaynet%2Fform%2Fpan-eligibility%2Finit%2FBB3757784F4A53585143535A554E2F4D6A3264715A616E744C6C31667043414962654534575039376E636F343D

Send-form Fail Response Example

HTTP/1.1 200 OK
Server: server
Date: Mon, 22 Aug 2022 12:59:09 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 154

...
<body>
    <p>Access is denied</p>
</body>

Receive-form Request Example

POST /paynet/api/v2/pan-eligibility/receive-form/39907 HTTP/1.1
Host: sandbox.payneteasy.eu
User-Agent: curl/7.83.0
Accept: */*
Authorization: OAuth realm="",oauth_version="1.0",oauth_consumer_key="javid_test_merch",oauth_timestamp="1687511712",oauth_nonce="cRmRev3FdaP",oauth_signature_method="HMAC-SHA1",oauth_signature="6zWG0Sli0dehdFikhoGdoEqhcQA%3D"
Content-Length: 226
Content-Type: application/x-www-form-urlencoded
Connection: close

client-order-id=1234567890
&oauth_consumer_key=test_merch
&oauth_nonce=cRmRev3FdaP
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1687511712
&oauth_version=1.0
&redirect-url=http%3A%2F%2Fsandbox.payneteasy.eu%2Fdoc%2Fdummy.htm

Receive-form Success Response Example

HTTP/1.1 200
Server: server
Date: Wed, 21 Jun 2023 12:19:20 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 147

type=async-response
&serial-number=00000000-0000-0000-0000-000002ec863e
&merchant-order-id=1234567890
&paynet-order-id=7211136
&redirect-url=https%3A%2F%2Fsandbox.payneteasy.eu%2Fpaynet%2Fform%2Fpan-eligibility%2Finit%2FBB3757784F4A53585143535A554E2F4D6A3264715A616E744C6C316670434149626545436159574254497A4D3D

Receive-form Fail Response Example

HTTP/1.1 200 OK
Server: server
Date: Mon, 22 Aug 2022 12:59:09 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 154

...
<body>
    <p>Access is denied</p>
</body>

Both-form Request Example

POST /paynet/api/v2/pan-eligibility/both-form/39907 HTTP/1.1
Host: sandbox.payneteasy.eu
User-Agent: curl/7.83.0
Accept: */*
Authorization: OAuth realm="",oauth_version="1.0",oauth_consumer_key="javid_test_merch",oauth_timestamp="1687512444",oauth_nonce="Nu8SL8l70H2",oauth_signature_method="HMAC-SHA1",oauth_signature="wypHgzYjxmKrdshhj1CabwPGnnA%3D"
Content-Length: 226
Content-Type: application/x-www-form-urlencoded
Connection: close

client-order-id=1234567890
&oauth_consumer_key=test_merch
&oauth_nonce=Gs2vcwIXv6H
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1687507765
&oauth_version=1.0
&redirect-url=http%3A%2F%2Fsandbox.payneteasy.eu%2Fdoc%2Fdummy.htm

Both-form Success Response Example

HTTP/1.1 200
Server: server
Date: Wed, 21 Jun 2023 13:19:20 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 147

type=async-response
&serial-number=00000000-0000-0000-0000-000002ec863e
&merchant-order-id=1234567890
&paynet-order-id=7211136
&redirect-url=https%3A%2F%2Fsandbox.payneteasy.eu%2Fpaynet%2Fform%2Fpan-eligibility%2Finit%2FBB3757784F4A53585143535A554E2F4D6A3264715A616E744C6C31667043414962654534575039376E636F343D

Both-form Fail Response Example

HTTP/1.1 200 OK
Server: server
Date: Mon, 22 Aug 2022 13:19:09 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 154

...
<body>
    <p>Access is denied</p>
</body>

Postman Collection

Request Builder

HTTP method
URL
client order id
version
consumer key
consumer secret
timestamp

nonce

signature method

normalized parameters
signature base string
signature
authorization header