Payment solution RU 4 HR (P2P)
Создание платежей по нашей форме
| URL | POST https://api-merchant.alikassa.com/v1/payment |
| HEADER | |
| Content-Type | application/json |
| Account | Your account uuid, you can find in Accounts https://merchant.alikassa.com/cabinet/resources/project-accounts |
| Sign | Request signature |
Link https://merchant.alikassa.com/cabinet/form/setting-api-certs generate "API certificate for payment", save the archive, unpack
- password.txt
- private.pem
- public.pem
We keep only public.pem for signature verification.
Wrap all POST data in json (in the same order) and sign
$data = json_encode($data);
$privateKey = openssl_pkey_get_private(
file_get_contents('private.pem'),
file_get_contents('password.txt')
);
if ($privateKey===false) {
throw new \Exception('Error cert.');
}
openssl_sign($data, $sign, $privateKey);
$sign = base64_encode($sign);Pass the received $sign in the Sign header. You can find a sample code at the end of the document.
* - Required fields| Name | Type | Description |
| amount* | decimal (11.2) | Amount |
| order_id* | string (128) | Your id must be unique |
| service* | string (100) | payment_card_number_hpp |
| customer_ip* | ip | Payer's IP address |
| customer_user_id* | string (100) | Id плательщика в вашей системе |
| success_redirect_id | int | Id of redirect upon successful payment |
| fail_redirect_id | int | Id of redirect in case of unsuccessful payment |
| notification_endpoint_id | int | Notification id |
| success_redirect_url | string|max:255 | Link to redirect after successful payment |
| fail_redirect_url | string|max:255 | Link to redirect after unsuccessful payment |
| notification_endpoint_url | string|max:255 | Link to send a callback after the statuses are finalized |
Response
| Name | Description |
| url | Link to payment |
| payment_status |
Payment status wait — in the process of payment |
| id | AliKassa payment id |
| uuid | AliKassa payment uuid |
| success_redirect_url | Ссылка на вашу страницу, для редирека клиента после успешной оплаты |
When creating, always wait, check the payment status via the API or wait for a notification!
Example of a successful HTTP CODE 200 response:
{
"url" => "https://pay-merchant.alikassa.com/bd291fe1-5c19-4113-ae62-a2d3c4d01d20"
"payment_status" => "wait"
"id" => 108465371
"uuid" => "bd291fe1-5c19-4113-ae62-a2d3c4d01d20"
"success_redirect_url" => null
}An example of an unsuccessful HTTP CODE 400 response:
{
"message": "The given data was invalid.",
"errors": {
...
}
}After receiving the url, redirect the client to the link.
Possible values of payment_status, see the documentation "Payment status".
Если вы передали notification_endpoint_id или notification_endpoint_url, то вы получите уведомление о смене статуса оплаты
Создание платежей по H2H (получение реквизитов по API)
| URL | POST https://api-merchant.alikassa.com/v1/payment |
| HEADER | |
| Content-Type | application/json |
| Account | Your account uuid, you can find in Accounts https://merchant.alikassa.com/cabinet/resources/project-accounts |
| Sign | Request signature |
Link https://merchant.alikassa.com/cabinet/form/setting-api-certs generate "API certificate for payment", save the archive, unpack
- password.txt
- private.pem
- public.pem
We keep only public.pem for signature verification.
Wrap all POST data in json (in the same order) and sign
$data = json_encode($data);
$privateKey = openssl_pkey_get_private(
file_get_contents('private.pem'),
file_get_contents('password.txt')
);
if ($privateKey===false) {
throw new \Exception('Error cert.');
}
openssl_sign($data, $sign, $privateKey);
$sign = base64_encode($sign);Pass the received $sign in the Sign header. You can find a sample code at the end of the document.
* - Required fields| Name | Type | Description |
| amount* | decimal (11.2) | Amount |
| order_id* | string (128) | Your id must be unique |
| service* | string (100) | payment_card_number_card |
| customer_ip* | ip | Payer's IP address |
| customer_user_id* | string (100) | Id плательщика в вашей системе |
| customer_code | string |
Предпочитаемый банк реквизитов sberbank — Сбербанк raiffeisen — Райффайзен по умалчанию "sberbank" |
| notification_endpoint_id | int | Notification id |
| notification_endpoint_url | string|max:255 | Link to send a callback after the statuses are finalized |
Response
| Name | Description |
| url | null |
| payment_status |
Payment status wait — in the process of payment |
| id | AliKassa payment id |
| uuid | AliKassa payment uuid |
| success_redirect_url | Ссылка на вашу страницу, для редирека клиента после успешной оплаты |
| cardNumber | Реквизиты карты в формате "1111111111110019" |
| cardHolderName | Данные владельца карты в формате "Имя Отчество Ф." |
When creating, always wait, check the payment status via the API or wait for a notification!
Example of a successful HTTP CODE 200 response:
{
"url" => null
"payment_status" => "wait"
"id" => 108465371
"uuid" => "bd291fe1-5c19-4113-ae62-a2d3c4d01d20"
"success_redirect_url" => null
"cardNumber" => "1111111111110019"
"cardHolderName" => "Имя Отчество Ф."
}An example of an unsuccessful HTTP CODE 400 response:
{
"message": "The given data was invalid.",
"errors": {
...
}
}После получения реквизитов, покажите их на своей форме.
Possible values of payment_status, see the documentation "Payment status".
Если вы передали notification_endpoint_id или notification_endpoint_url, то вы получите уведомление о смене статуса оплаты
Example
Unpack the downloaded archive into the folder "path to script/cert/payment /"
function requestPayment(string $method, string $account, array $data)
{
$data = json_encode($data);
$privateKey = openssl_pkey_get_private(
file_get_contents(__DIR__ . '/cert/payment/private.pem'),
file_get_contents(__DIR__ . '/cert/payment/password.txt')
);
if ($privateKey===false) {
throw new \Exception('Error cert.');
}
openssl_sign($data, $sign, $privateKey);
$sign = base64_encode($sign);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api-merchant.alikassa.com/' . $method);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'Account: ' . $account,
'Sign: ' . $sign,
]);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch,CURLOPT_USERAGENT, 'AliKassa2.0 API');
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$response = curl_exec($ch);
return json_decode($response, true);
}
$payment = requestPayment('v1/payment', '93d5df06-996c-48c3-9847-348d6b580b80', [
'order_id' => (string)time(),
'amount' => 500,
'customer_browser_user_agent' => 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0',
'customer_ip' => '18.191.80.10',
'success_redirect_id' => 1,
'fail_redirect_id' => 1,
'notification_endpoint_id' => 5,
'service' => 'payment_card_uah_hpp',
]);
var_dump($payment);