Authorization relay response

From Wiki Plati.Online

Payment Authorization Relay Response[edit]

On each transaction you can setup the relay response method:

Response method Comments
PTOR POST using JavaScript
POST_S2S_PO_PAGE POST server PO to merchant server, customer get the PO template
POST_S2S_MT_PAGE DEPRECATED - POST server PO to merchant server, customer get the Merchant template
SOAP_PO_PAGE POST SOAP server PO to merchant server, customer get the PO template
SOAP_MT_PAGE DEPRECATED POST SOAP server PO to merchant server, customer get the Merchant template
GET DISABLED - it is imposible to use it starting Plati Online 5.0

Also merchants can setup a parameter to instruct Plati Online system to send the transaction decline response to the merchant's server.

 

PlatiOnline Authorization relay response[edit]

PlatiOnline Authorization result is automatically sent when acquiring bank accepts or declines amount authorization.
PlatiOnline.ro system provides several methods that allow merchants to receive transaction response:

POST (JavaScript PlatiOnline Server - Client Internet Browser - Merchant Server)[edit]

This method creates a HTML form where « action » parameter has merchant's URL f_relay_response_url.

  • Upon automated onLoad event, a JavaScript code will « submit » the form.
  • By using this method SESSION variables related to HTTP communication between merchant server and customer's Browser can be used.

NOTE: this method is NOT recommended for websites that do not use SSL!


POST QueryString contain f_relay_message and f_crypt_message:

Parameter Data type Comments
f_relay_message text Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant fields text QueryString used on Authorization XML request on tags //merchants_fields//PostQueryString;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd

POST (Direct PlatiOnline Server - Merchant Server) - Merchant HTML Page[edit]

Using this method allows a direct communication between servers without involving customer's Browser.
  • PO Server will POST directly to merchant's URL;
  • Merchant server processes transaction result and responds to PO server with a HTML/JavaScript code;
  • PO Server saves HTML/JavaScript code and then sends it directly to customer's Browser.
  • The customer will view in Browser the merchant generated HTML/JavaScript response.

NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.

NOTE: this method is recommended for websites that do not use SSL!


SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure.plationline.eu/xml_validation/auth.soap.response.v5.xsd

 

Tag Data type Comments
f_relay_message string Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant_SoapTags complex SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd

POST (Direct PlatiOnline Server - Merchant Server) - PlatiOnline Template[edit]

It's similar to above method, but customer will view authorization result in a PlatiOnline HTML format.
Depending on the transaction result, we provide the following templates:
  • PO Template for Authorized transactions;
  • PO Template for Declined transactions. In this template we provide a decline message and also allow the customer to retry the transaction by pressing one button;
  • PO Template for Pending Verification transactions. In this template customer is informed s/he must wait for final transaction result since transaction will undergo a manual verification.
  • PO Template for Expired transactions (authorized transactions, but completed AFTER the time frame allowed by to merchant for authorization completion has passed - authorization DELTA T) - <f_auth_minutes> TAG from f_message

NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.

NOTE: this method is recommended for websites that do not use SSL!


POST QueryString contain f_relay_message and f_crypt_message:

Parameter Data type Comments
f_relay_message text Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant fields text QueryString used on Authorization XML request on tags //merchants_fields//PostQueryString;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd

GET (Redirect PlatiOnline Server - Client Internet Browser - Merchant Server)[edit]

DISABLED

SOAP (Direct PlatiOnline Server - Merchant Server) - PlatiOnline Template[edit]

Using this method allows a direct communication between servers without involving customer's Browser.
PO Server will post directly to merchant's URL by:
  • Content-Type="application/soap+xml; charset=utf-8";
  • SOAPAction=RelayResponse;
Merchant's server processes transaction result and response to PO Server with a XML code;
  • PO Template for Authorized transactions;
  • PO Template for Declined transactions. In this template we provide a decline message and also allow the customer to retry the transaction by pressing one button;
  • PO Template for Pending Verification transactions. In this template customer is informed s/he must wait for final transaction result since transaction will undergo a manual verification.
  • PO Template for Expired transactions (authorized transactions, but completed AFTER the time frame allowed by to merchant for authorization completion has passed - authorization DELTA T) - <f_auth_minutes> TAG from f_message

NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.

NOTE: this method is recommended for websites that do not use SSL!


SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure2.plationline.ro/xml_validation/auth.soap.response.v5.xsd

 

Tag Data type Comments
f_relay_message string Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant_SoapTags complex SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd

SOAP (Direct PlatiOnline Server - Merchant Server) - Merchants HTML Page[edit]

Using this method allows a direct communication between servers without involving customer's Browser.
PO Server will post directly to merchant's URL by:
  • Content-Type="application/soap+xml; charset=utf-8";
  • SOAPAction=RelayResponse;
Merchant's server processes transaction result and response to PO Server with a XML code;

NOTE: By using this method, SESSION variables related to HTTP communication between merchant server and customer's Browser CANNOT be used on the merchant's server.

NOTE: this method is recommended for websites that do not use SSL!


SOAP XML contain f_relay_message and f_crypt_message and merchant's soap tags. Use this schema to validate: http://secure.plationline.eu/xml_validation/auth.soap.response.v5.xsd

 

Tag Data type Comments
f_relay_message string Authorization XML relay response https://secure.plationline.eu/xml_validation/auth.response.v5.xsd encrypted with AES algorithm
f_crypt_message text AES Key (used for encrypting Authorization XML relay response) encrypted with RSA ITSN pair keys
merchant_SoapTags complex SoapTags used on Authorization XML request on tags //merchants_fields//SoapTags;XML schema https://secure.plationline.eu/xml_validation/f_message.auth.v5.xsd