3.15. /api/v2/pan-eligibility

Introduction

PAN Eligibility is initiated through HTTPS POST request by using URLs and the parameters specified below. Use OAuth HMAC-SHA1 for authentication. See Statuses.

PAN Eligibility API URLs

Method

Integration

Production

Sending-only

https://sandbox.payneteasy.eu/paynet/api/v2/pan-eligibility/send/ENDPOINTID

https://gate.payneteasy.eu/paynet/api/v2/pan-eligibility/send/ENDPOINTID

Receiving-only

https://sandbox.payneteasy.eu/paynet/api/v2/pan-eligibility/receive/ENDPOINTID

https://gate.payneteasy.eu/paynet/api/v2/pan-eligibility/receive/ENDPOINTID

Both

https://sandbox.payneteasy.eu/paynet/api/v2/pan-eligibility/both/ENDPOINTID

https://gate.payneteasy.eu/paynet/api/v2/pan-eligibility/both/ENDPOINTID

Request Parameters

Note

Request must have content-type=application/x-www-form-urlencoded and Authorization headers.

Parameter Name

Description

Value

client_orderid

Connecting Party order ID.

Necessity: Required

Type: String

Length: 128

sending-card-number

Sender`s credit card number.

Necessity: Required (if sending-card-ref-id is not specified)

Type: Numeric

Length: 19

card-printed-name

Sender`s card printed name.

Necessity: Required (if sending-card-ref-id is not specified)

Type: String

Length: 128

expire_month

Sender credit card’s month of expiration.

Necessity: Required (if sending-card-ref-id is not specified)

Type: Numeric

Length: 2

expire_year

Sender credit card’s year of expiration.

Necessity: Required (if sending-card-ref-id is not specified)

Type: Numeric

Length: 4

sending-card-ref-id

Sender`s card ref ID.

Necessity: Required (if sending-card-number is not specified)

Type: Numeric

Length:

server_callback_url

URL, where the transaction status is sent to. Connecting Party may use server callback URL for custom processing of the transaction completion, e.g. to collect payment data in the Connecting Party’s information system. For the list of parameters which come along with server callback to server_callback_url

refer to Connecting Party callback parameters.

Necessity: Optional

Type: String

Length: 1024

Parameter Name

Description

Value

client_orderid

Connecting Party order ID.

Necessity: Required

Type: String

Length: 128

receiving-card-number

Receiver`s credit card number.

Necessity: Required (if receiving-card-ref-id is not specified)

Type: Numeric

Length: 19

receiving-card-ref-id

Receiver`s card ref ID.

Necessity: Required (if receiving-card-number is not specified)

Type: Numeric

Length:

server_callback_url

URL, where the transaction status is sent to. Connecting Party may use server callback URL for custom processing of the transaction completion, e.g. to collect payment data in the Connecting Party’s information system. For the list of parameters which come along with server callback to server_callback_url

refer to Connecting Party callback parameters.

Necessity: Optional

Type: String

Length: 1024

Parameter Name

Description

Value

client_orderid

Connecting Party order ID.

Necessity: Required

Type: String

Length: 128

sending-card-number

Sender`s card number.

Necessity: Required (if sending-card-ref-id is not specified)

Type: Numeric

Length: 19

card-printed-name

Sender`s card printed name.

Necessity: Required (if sending-card-ref-id is not specified)

Type: String

Length: 128

expire_month

Sender credit card’s month of expiration.

Necessity: Required (if sending-card-ref-id is not specified)

Type: Numeric

Length: 2

expire_year

Sender credit card’s year of expiration.

Necessity: Required (if sending-card-ref-id is not specified)

Type: Numeric

Length: 4

sending-card-ref-id

Sender`s card ref ID.

Necessity: Required (if sending-card-ref-id is not specified)

Type: Numeric

Length:

server_callback_url

URL, where the transaction status is sent to. Connecting Party may use server callback URL for custom processing of the transaction completion, e.g. to collect payment data in the Connecting Party’s information system. For the list of parameters which come along with server callback to server_callback_url

refer to Connecting Party callback parameters.

Necessity: Optional

Type: String

Length: 1024

receiving-card-number

Receiver`s card number.

Necessity: Required (if receiving-card-ref-id is not specified)

Type: Numeric

Length: 19

receiving-card-ref-id

Receiver`s card ref ID.

Necessity: Required (if receiving-card-number is not specified)

Type: Numeric

Length:

Response Parameters

Note

Response has Content-Type: text/html;charset=utf-8 header. All fields are x-www-form-urlencoded, with (0xA) character at the end of each parameter’s value.

Response Parameters

Description

type

The type of response. May be async-response, validation-error, error etc.
If type equals validation-error or error, error-message and error-code parameters contain error details.

paynet-order-id

Order id assigned to the order by Payneteasy.

merchant-order-id

Connecting Party order id.

serial-number

Unique number assigned by Payneteasy server to particular request from the Connecting Party.

error-message

If status is error this parameter contains the reason for decline or error details.

error-code

The error code is case of error status.

Send Request Example

POST /paynet/api/v2/pan-eligibility/send/39907 HTTP/1.1
Host: sandbox.payneteasy.eu
User-Agent: curl/7.83.0
Accept: */*
Authorization: OAuth realm="",oauth_version="1.0",oauth_consumer_key="test_merch",oauth_timestamp="1687507082",oauth_nonce="XQkXQgLxhCE",oauth_signature_method="HMAC-SHA1",oauth_signature="lLTiOEyUY%2FwibmGVA%2F5rY6qIS9I%3D"
Content-Length: 192
Content-Type: application/x-www-form-urlencoded
Connection: close

client-order-id=1234567890
&oauth_consumer_key=test_merch
&oauth_nonce=XQkXQgLxhCE
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1687507082
&oauth_version=1.0
&sending-card-ref-id=1461790

Send Success Response Example

HTTP/1.1 200
Server: server
Date: Wed, 21 Jun 2023 11:19:20 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 147

type=async-response
&serial-number=00000000-0000-0000-0000-000002ecbcba
&merchant-order-id=1234567890
&paynet-order-id=7216063
&end-point-id=39907

Send Fail Response Example

HTTP/1.1 200 OK
Server: server
Date: Mon, 22 Aug 2022 11:19:20 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 154

...
<body>
    <p>Access is denied</p>
</body>

Receive Request Example

POST /paynet/api/v2/pan-eligibility/receive/39907 HTTP/1.1
Host: sandbox.payneteasy.eu
User-Agent: curl/7.83.0
Accept: */*
Authorization: OAuth realm="",oauth_version="1.0",oauth_consumer_key="test_merch",oauth_timestamp="1687507082",oauth_nonce="XQkXQgLxhCE",oauth_signature_method="HMAC-SHA1",oauth_signature="lLTiOEyUY%2FwibmGVA%2F5rY6qIS9I%3D"
Content-Length: 192
Content-Type: application/x-www-form-urlencoded
Connection: close

client-order-id=1234567890
&oauth_consumer_key=test_merch
&oauth_nonce=XQkXQgLxhCE
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1687507082
&oauth_version=1.0
&receiving-card-number=4444555566661111

Receive Success Response Example

HTTP/1.1 200
Server: server
Date: Wed, 21 Jun 2023 12:19:20 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 147

type=async-response
&serial-number=00000000-0000-0000-0000-000002ecbcba
&merchant-order-id=1234567890
&paynet-order-id=7216063
&end-point-id=39907

Receive Fail Response Example

HTTP/1.1 200 OK
Server: server
Date: Mon, 22 Aug 2022 12:19:29 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 154

...
<body>
    <p>Access is denied</p>
</body>

Both Request Example

POST /paynet/api/v2/pan-eligibility/both/39907 HTTP/1.1
Host: sandbox.payneteasy.eu
User-Agent: curl/7.83.0
Accept: */*
Authorization: OAuth realm="",oauth_version="1.0",oauth_consumer_key="test_merch",oauth_timestamp="1687513856",oauth_nonce="T0z9qml2rDZ",oauth_signature_method="HMAC-SHA1",oauth_signature="rsHewN7TRIxzPQAtd99z5eoSyJY%3D"
Content-Length: 231
Content-Type: application/x-www-form-urlencoded
Connection: close

client_orderid=1234567890
&oauth_consumer_key=test_merch
&oauth_nonce=T0z9qml2rDZ
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1687513856
&oauth_version=1.0
&receiving-card-number=4444555566661111
&sending-card-ref-id=1461790

Both Success Response Example

HTTP/1.1 200
Server: server
Date: Fri, 23 Jun 2023 09:51:15 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 146

type=async-response
&serial-number=00000000-0000-0000-0000-000002ecbcc2
&merchant-order-id=1234567890
&paynet-order-id=7216068
&end-point-id=39907

Both Fail Response Example

HTTP/1.1 200 OK
Server: server
Date: Mon, 22 Aug 2022 13:19:29 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 154

...
<body>
    <p>Access is denied</p>
</body>

Postman Collection

Request Builder

HTTP method
URL
client order id
sending card ref id
receiving card number
receiving card ref id
version
consumer key
consumer secret
card printed name
sending card number
expire month
expire year
server callback url
timestamp

nonce

signature method

normalized parameters
signature base string
signature
authorization header