Callback

Unlike other methods, which are initiated by the business, the callback method is triggered by the payment system. The logic for receiving and processing this callback must be implemented on the business side. This method allows the business to receive real-time updates on the payment status when:

• The payment is completed successfully.
• The payment is completed unsuccessfully.
• The amount is fully or partially returned to the customer.

Payment details are sent to the callback URL, provided when the order was requested, using the POST method. To confirm successful receipt of the callback, the business should return HTTP CODE 200. If callback was not received successfully, business must use the Get Payment Details method to verify the payment status and correctly update the order status in its system.

note

Callback and Redirect URL serve distinct purposes:

Redirect URL - Redirects the customer from the online payment page back to the business’s website after payment, enhancing the user experience. However, it does not guarantee the final payment status, as redirection may fail due to user actions or other circumstances, making it essential to verify payment completion through a server-to-server callback.

Callbacks - Ensure payment status confirmation and the secure delivery of payment information from the online payment system’s server to the business’s server. Unlike Redirect URLs, callbacks are independent of user actions and serve as a reliable source for verifying payment status.

Header

Callback-Signatureoptionalstring

Signature generated by encrypting callback's request body with a private key using SHA256withRSA algorithm. In order to ensure integrity of callback data, business should verify signature using request body and public key. It is essential to execute this verification before the deserialization of the request body, ensuring that the order of fields remains unchanged.

PUBLIC KEY

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4RUyAw3+CdkS3ZNILQh
zHI9Hemo+vKB9U2BSabppkKjzjjkf+0Sm76hSMiu/HFtYhqWOESryoCDJoqffY0Q
1VNt25aTxbj068QNUtnxQ7KQVLA+pG0smf+EBWlS1vBEAFbIas9d8c9b9sSEkTrr
TYQ90WIM8bGB6S/KLVoT1a7SnzabjoLc5Qf/SLDG5fu8dH8zckyeYKdRKSBJKvhx
tcBuHV4f7qsynQT+f2UYbESX/TLHwT5qFWZDHZ0YUOUIvb8n7JujVSGZO9/+ll/g
4ZIWhC1MlJgPObDwRkRd8NFOopgxMcMsDIZIoLbWKhHVq67hdbwpAq9K9WMmEhPn
PwIDAQAB
-----END PUBLIC KEY-----

Response

eventstring

Callback type. The meaning is always order_payment.

zoned_request_timestring

Date of sending a callback in Coordinated Universal Time (UTC). It follows the format "YYYY-MM-DDTHH:MM:SS.ssssssZ".

bodyobject

Order data. Involves the payment detail containing fields.

RESPONSE

{
    "event": "order_payment",
    "zoned_request_time": "2022-11-23T18:06:37.240559Z",
    "body": {
        "order_id": "a767a276-cddd-43ec-9db3-9f9b39eee02d",
        "industry": "ecommerce",
        ...
    }
}