...
Code Block | ||
---|---|---|
| ||
{ "transactionReference": "MNFY|20190514172736|000001", "collectionChannel": "API_NOTIFICATION", "card": { "number": "4111111111111111", "expiryMonth": "10", "expiryYear": "2022", "pin": "1234", "cvv": "122" }, "deviceInformation": { "httpBrowserLanguage":"en-US", "httpBrowserJavaEnabled":false, "httpBrowserJavaScriptEnabled":true, "httpBrowserColorDepth":24, "httpBrowserScreenHeight":1203, "httpBrowserScreenWidth":2138, "httpBrowserTimeDifference":"", "userAgentBrowserValue":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" } } |
The response that will be gotten depends on the kind of card used for the transaction. There are cards charged with the use of an OTP, without an OTP, and also with 3DS Secure Authentication. See sample response for each scenario. An extra mandatory object parameter(deviceInformation) is required to capture the user’s device information.
Info |
---|
For test card details, you can use the following; Pan: 4111111111111111, cvv:1234, expiryYear:2024 and expiryMonth:10 |
...
Sample Response (with no OTP)
...
Code Block | ||
---|---|---|
| ||
{ "requestSuccessful": true, "responseMessage": "success", "responseCode": "0", "responseBody": { "status": "BANK_AUTHORIZATION_REQUIRED", "secure3dData": { "id": "769104908929852951", "redirectUrl": "https://0eafcentinelapi.cardinalcommerce.com/EAFServiceV2/jspCruise/v1/redirectStepUp", "callBackUrl": "https://webpay.interswitchng.com/collections/api/v1/pay/cardinalCallBack", "eciFlag": "07", "termUrl": "https://webpay.interswitchng.com/collections/api/v1/pay/cardinalCallBack", "acsUrl": "https://0eafcentinelapi.cardinalcommerce.com/EAFServiceV2/jspCruise/v1/redirectStepUp", "paReqtransactionId": "P.29bc9e4fb9c3cdd35c3cd6abf323a7544ed8da1a7b609462f2979c2c8cdf561736fbed57ed447ef69484556311fc0b08399a9b3a8f3ae94900d9e5cb443a1bf257541e1b931b67dfcb4c27ba64d06b53AUABZBg92SV1NvdaJH40", "transactionIdpaymentId": "gJKEbN5MmwlkjcKwYAD0929852951", "paymentIdmethod": "769104908POST", "methodjwt": "POSTeyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIxZDQwYjdlYi1kZTI4LTQzMmQtYTUyOS0zMmQxMWYwNjY5YmUiLCJpYXQiOjE2NzAzMDY5MzQsImlzcyI6IjYyZGI3ZTdkMDFjYWU2MzcxOWM2ZGEwYiIsIk9yZ1VuaXRJZCI6IjVkYzJhN2Q2NjY1NmMyMDU0MDllOTc4MiIsIlJldHVyblVybCI6Imh0dHBzOi8vd2VicGF5LmludGVyc3dpdGNobmcuY29tL2NvbGxlY3Rpb25zL2FwaS92MS9wYXkvY2FyZGluYWxDYWxsQmFjayIsIlJlZmVyZW5jZUlkIjoiTU5GWXw4MXwyMDIyMTIwNjA3MDgyOXwwNzg1NTciLCJQYXlsb2FkIjp7IkFDU1VybCI6Imh0dHBzOi8vYXV0aGVudGljYXRpb24uY2FyZGluYWxjb21tZXJjZS5jb20vVGhyZWVEU2VjdXJlL1YyXzFfMC9DUmVxIiwiUGF5bG9hZCI6ImV5SnRaWE56WVdkbFZIbHdaU0k2SWtOU1pYRWlMQ0p0WlhOellXZGxWbVZ5YzJsdmJpSTZJakl1TVM0d0lpd2lkR2h5WldWRVUxTmxjblpsY2xSeVlXNXpTVVFpT2lJMU9UQTFOemd4TmkwNU5qa3hMVFExTURNdE9EWXdOeTA1TURBNVl6YzNabVpoTkRFaUxDSmhZM05VY21GdWMwbEVJam9pTldKbE9HSTVNVFV0T1RWbFpTMDBPREU0TFdJd01tVXROVEF4TTJFMVlURmpZelkxSWl3aVkyaGhiR3hsYm1kbFYybHVaRzkzVTJsNlpTSTZJakF5SW4wIiwiVHJhbnNhY3Rpb25JZCI6IkFVQUJaQmc5MlNWMU52ZGFKSDQwIn0sIk9iamVjdGlmeVBheWxvYWQiOnRydWV9.P4Tw91_mzfwFtHnYZYjFT564j-K7E4iJVPUhaICFx3I", "md": "769104908929852951" }, "transactionReference": "MNFY|7920190514172736|20220328040030|001015000001", "paymentReference": "u0v3ysqjp809883uk--p9lloo99-jj00000000", "authorizedAmount": 20.0 } } |
Info |
---|
From the above response, the redirectUrl similar to the ascUrl is the url that takes the user to the VISA card website that has an input form to enter OTP sent to the user's phone number. For those using the API method, the backend sends the ascUrl, TermUrl,md and the PaReq jwt response parameters to the frontend which runs an onload html form that redirects the user to VISA website. |
Code Block | ||
---|---|---|
| ||
<body onload ='form1.submit()'> <form id="form1" action=ACSUrl method="post"> <input name="TermUrl" value={TermUrl}> <input name="MD" value={MD}> <input name="PaReqJWT" value={PaReqjwt}> </form> </body> |
Frontend posts an Html form that redirects to the VISA card website to collect OTP sent to the user’s phone. After the OTP verification is completed on the VISA card endpoint, it makes a post request to the callback URL, which is similar to what is given in the TermUrl(It’s also possible to replace the TermUrl with your own URL so as to know when OTP verification process ends).
...