Инструменты страницы
Request for order registration and payment (as a single request)
In this document, the following data type conventions are used when describing request and response parameters:
- string – string;
- array – data array;
- object – data object;
- data – date;
- boolean – boolean (logical) data type;
- int. (integer) – integer data type;
- amount – a numeric data type (amount).
Request parameters:
| Parameter | Type | Description | Value example |
|---|---|---|---|
|
|
string |
The merchant's public key. | 8u144674veh8u9b8gnhdm5ua89 |
|
| string |
Data object to specify the URL for the customer to return to. | https%3A%2F%2Fya.ru |
|
| string |
Data object about the amount of payment. Passed as a string and in major units. Template xxxx, xx – i.e. the amount is transferred in the form of rubles + kopecks; For example, 100.20 – 100 rubles 20 kopecks. | 10001 |
|
| string |
Parameter that defines the necessity of a pre-authorization (putting the amount on hold on the customer's account until its debiting). The following values are available:
If the parameter is not specified in the request, the debiting occurs immediately; if it is specified, you must send a separate request for completion. | false |
|
| string |
Sbersafe binding identifier. |
|
|
| string |
Payment card number. | 4276010013296064 |
|
| string |
The validity of the card. | 202412 |
|
| string |
Name of the cardholder. | Integration+Tester |
|
| string |
CVC/CVV2 code on the back of the card. | 555 |
|
| string |
Customer's phone number without a leading «7». | 9886496412 |
|
| string |
Customer's email address. | test@test.ru |
|
| string |
Delivery address. |
|
|
| string |
Loyalty program identifier. | sbrf_spasibo |
|
| string |
Amount of «Spasibo» bonuses (in units of bonuses). When you specify bonuses in the order registration request, they are deducted from the amount in | 100 |
|
| string |
A block containing information about the loyalty program identifier and the amount of points. | «loyaltyId»:«sbrf_spasibo», «loyaltyPointAmount»:«200000» |
|
| string |
Gateway Binding (External). |
|
|
| string |
Flag for importing bindings. |
|
|
| string |
Extra options. It is forbidden to pass reserved names in the parameter (if they are passed, the order may be rejected):
|
|
|
| string |
Google Pay payment token. |
|
|
| string |
Samsung Pay payment token. |
|
|
| string |
Apple Pay payment token. |
|
|
| string |
Transaction identifier created on the 3DS server. This parameter is used for Customer authentication using the 3DS Protocol version 2.0. |
|
Request example:
POST /order/instantPayment?merchantOpenTokenId=8u144674veh8u9b8gnhdm5ua89&returnUrl=https%3A%2F%2Fya.ru&amount=10001&preAuth=false&pan=4276010013296064&expiry=202412&cardholder=Integration+Tester&cvc=555&phone=9886496412&email=test@test.com&loyaltyPayments=[{%22loyaltyId%22:%22sbrf_spasibo%22,%20%22loyaltyPointAmount%22:%22100%22},%20{%22loyaltyId%22:%22sbrf_sbermiles%22,%20%22loyaltyPointAmount%22:%22100%22}] HTTP/1.1
Host: 3dsec.sberbank.ru/sbersafe
Content-Length: <content-lenght>
Response parameters:
| Parameter | Type | Description | Value example |
|---|---|---|---|
|
| int |
Error code. | 0 |
|
| string | Error description. | «Invalid operation for the current order status» |
|
| string |
Order number in the payment gateway. Unique within the payment gateway. | de2ad073-79f5-7877-b600-69d00008e652 |
|
| string |
Order status in the payment system. | DEPOSITED |
|
| string |
Redirect address to the address of the ACS server. | "https://test.paymentgate.ru/acs/auth/start.do" |
|
| string |
Parameter to pass to ACS for authentication. | eJxVUk1zgjAQ/SsM95KEr1pnjUOLnXqgYxUvvVHYAVQ+DFDUX99EUeshM/t2N2/3vQSmXCV5mU70dfj+N |
|
| string |
URL to redirect the payer to after authentication. | "https://server/context/rest/finish3ds.do" |
|
| string | Return address after the payment. | "http://ya.ru?orderId=eb49300c-95b7-4dcd-9739-eee6c61f2ac4" |
|
| boolean |
Flag indicating that the payment/transfer will be made using the 3DS Protocol version 2.0. The following values are available:
This parameter is used for Customer authentication using the 3DS Protocol version 2.0. |
|
|
| string |
Packed data of challenge request. This value should be used as the value of the |
|
|
| string |
Indication of the status of the request processing result | SUCCESS |
|
| string |
Transaction identifier created on the 3DS server. This parameter is used for Customer authentication using the 3DS Protocol version 2.0. |
|
|
| string |
The URL address of the ACS to collect data about the browser. This parameter is used for Customer authentication using the 3DS Protocol version 2.0. |
|
|
| string |
URL address of the 3DS server for connecting browser data to include in the AReq (Authentication Request) request from the 3DS server to the ACS server. This parameter is used for Customer authentication using the 3DS Protocol version 2.0. |
|
|
| string |
Base64-encoded CReq (Challenge Response) data to send to the ACS server. This parameter is used for Customer authentication using the 3DS Protocol version 2.0. |
|
Response example:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-cache
{"errorCode":0,"mdOrder":"b8419699-7f19-744d-800f-e8b00008e652","orderStatus":"DEPOSITED","redirect":"https://test.com/release/merchants/sbersafe/finish.html?orderId=b8419699-7f19-744d-800f-e8b00008e652&lang=ru","status":"SUCCESS"}