Hosted Payment Page
Available: Pre-Authorization and Purchase
The YabandPay Form Hosted Payment Page (HPP) is a ready-to-use payment page fully maintained by YabandPay. It enables eCommerce merchants to securely accept payments by hosting sensitive PCI data on YabandPay systems. The form can be embedded in the merchant’s checkout flow as an iframe or as a redirect page.
[!TIP|style:flat]
The pre-authorization is valid for 30 days. After 30 days, the pre-authorization order will automatically expire.
API URL:https://mapi.yabandpay.com/Payments
Method:POST
POST data type:Json
| Parameter | Type | Description | Required |
|---|---|---|---|
| user | String | the UID of cashier account | Required |
| sign | String | signature | Required |
| method | String | v3.CreateCardPayments | Required |
| time | Long | timestamp | Required |
- Parameter
| Parameter | Type | Description | Required |
|---|---|---|---|
| pay_method | String | online | Required |
| sub_pay_method | String | Cards HPP | Required |
| operation | String | 1.Sales 2.Authorisation; | Required |
| order_id | String | order id from Merchant | Required |
| 3ds_initiate | String | 01. Enable 3DS verification; 02. Disable 3DS verification | Required |
| amount | String | format in cents: € 24.99 should be 24.99 | Required |
| currency | String | ISO 4217, For example EUR, CHF | Required |
| description | String | order description | Required |
| form_type | String | The returned URL type, default is 01. 01.completed, 02.iframe | Optional |
| demo | String | custom field | Optional |
| timeout | String | value 0 means 1440 minutes | Required |
| redirect_url | String | the redirect URL after payment is completed | Required |
| notify_url | String | asynchronous notification url | Required |
| request_id | String | The request ID must be unique. It is recommended to use a combination of at least 24 digits and letters. | Required |
Signature:
Lexicographical sequence and URL key-value format new string
"3ds_initiate=01&amount=1¤cy=EUR&description=test&form_type=01&method=v3.CreateCardPayments¬ify_url=https://www.yabandpay.com/notify&operation=1&order_id=203040950640690239603690&pay_method=online&redirect_url=https://www.yabandpay.com/redirect_url&request_id=x7f6dketj52aq5809w5t0rjhp56vmwnz&sub_pay_method=Cards HPP&time=1720683857&timeout=0&user=016683"
Use stringA and secret_key to get stringSign
Get Signature:
"a5491dcc4b3e0a5edce808074486ffff2fea479054a2f56d8e2a76a4f9808d5f"
Example Request:
{
"user": "016683",
"sign": "a5491dcc4b3e0a5edce808074486ffff2fea479054a2f56d8e2a76a4f9808d5f",
"method": "v3.CreateCardPayments",
"time": 1720680417,
"data": {
"description": "test",
"form_type": "01",
"3ds_initiate": "01",
"timeout": "0",
"pay_method": "online",
"sub_pay_method": "Cards HPP",
"operation": "1",
"order_id": "203040950640690239603690",
"amount": "1",
"currency": "EUR",
"redirect_url": "https://www.yabandpay.com/redirect_url",
"notify_url": "https://www.yabandpay.com/notify",
"request_id": "tscqf7ki76o7aem4z1yl1xs72f89fptl"
}
}
Example Response:
{
"status": true,
"code": "200",
"data": {
"order_id": "203040950640690239603690",
"trade_id": "160899f3-f6d9-a8d8-ab5b-82eacdab9c5b",
"amount": "1.00",
"currency": "EUR",
"settlement_currency": "EUR",
"exchange_rate": "1",
"url": "https://pay.yabandpay.com/payments/callback/order/MTYwODk5ZjMtZjZkOS1hOGQ4LWFiNWItODJlYWNkYWI5YzVi",
"state": "processing"
},
"message": "",
"response_id": "202407111544200649155078"
}
More Information:
Return results:
On a successful API call, the response will be
"status": true.On a failed API call, the response will be
"status": false.
You need to redirect to the returned url. After the user enters their card information and completes the payment at this url, they will be redirected back to the redirect_url.
We strongly recommend using both Order Query and Asynchronous Notification simultaneously to synchronize and update payment status, ensuring real-time accuracy of payment information.
If the order status state is paid, the payment is successful. If the order status state is authorized, the authorisation is successful.
Result/Error codes:
| Status | Code | Message |
|---|---|---|
| true | 200 | |
| fales | -1000 | Internal error |
| fales | -403 | The signature Error |
| fales | -2001 | The user not exist |
| fales | -3001 | Required field is missing |
| fales | -4118 | Incorrect request ID |