Documente Academic
Documente Profesional
Documente Cultură
ePayments Merchant
Web Service
Version 0.3
1
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
TABLE OF CONTENTS
4. APPENDIX .................................................................................................................................... 22
2
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
1. GENERAL INFORMATION
1.1 Glossary
Term Definition
Merchant Web Services is an interface that allows accepting payments to a merchant’s
MWS
e-Wallet at ePayments
IS Information System
A company or an individual who has verified account at ePayments and uses MWS for
Merchant
its activities
Operator ePayments Information System
A unique number assigned to a merchant by the support team via tickets system when
Partner’s ID (partner_id)
connecting to API
Partner’s secret key A partner’s secret key (partner_secret) assigned to a merchant when connecting to API.
(partner_secret) The key is assigned by the support team together with the partner’s ID via tickets system
A one-time access key to API methods that is valid for one authentication only. The
Token (token) token has 20 minutes timeframe. Upon its expiry it is required to receive a new token
or to refresh the existing one
3
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
NOTE
A Merchant’s account must be verified. In order to verify the account you should submit the list of documents, which
can be accessed in the ePayments account or received from the support team.
The request to access ePayments MWS will be reviewed within 2 business days. The decision to
provide a user with the access will be sent as a reply to the ticket.
The partner’s identifier (partner_id) as well as the partner’s secret key (partner_secret) will be
sent provided that the request has been approved.
4
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
3. INTERACTION PROCESS
This section describes the general interaction process of the following participants:
User – a Merchant IS user who has an account at the Operator IS.
Payment page – a webpage of the Operator IS used to authorise a user, confirm operations
and receive information about the results of the operation.
Merchant server – a web server of the Merchant IS.
Operator server – a web server of the Operator IS.
The interaction process of all the MWS participants is shown on Picture 1.
User Payment Page Merchant’s Server Operator’s Server
0. Redirect link
4. Authorisation request
6. Invoice
7. Confirm payment
8. Payment process
9. Payment notification
5
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
6
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
7
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
POST-request example:
A Merchant should redirect a user to the ePayments payment gateway via POST-request, which
should contain order details and will look as follows:
POST /Merchant/Prepare HTTP/1.1
Content-Type: application/x-www-form-urlencoded
partnerid=16&sign=bb55a4a47971e92ffd4257d786a83067&orderid=98788&amount=9.99¤cy=usd&details=Some orde
r details&nickname=MyAwesomeMerchant&extraid=12RT34&lifetime=1500&successurl=http://pay.fufs.ru/pay/succe
ss/&declineurl=http://pay.fufs.ru/pay/decline/
In case there is a need to indicate the user’s language settings (the user’s preferred language)
Accept-Language HTTP heading is allowed in the request heading (follow this link to find the
description, section 14.4 "Accept-Language").
POST-request example with language settings indication:
POST /Merchant/Prepare HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Accept-Language: en
partnerid=16&sign=bb55a4a47971e92ffd4257d786a83067&orderid=98788&amount=9.99¤cy=usd&details=Some orde
r details&nickname=MyAwesomeMerchant&extraid=12RT34&lifetime=1500&successurl=http://pay.fufs.ru/pay/succe
ss/&declineurl=http://pay.fufs.ru/pay/decline/
The correct POST-request will redirect to the Operator IS authorisation form, which is shown
on Picture 2. The user should enter the login (email or phone) and password to his account at Operator
IS on this page and click “Next”.
8
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
9
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
MD5-hash should be taken from the string received, which will be the request signature.
NOTE
The payment amount should be indicated in the following format "0.00" (the amount should always contain 2 decimal
places)
OrderId 98788
Amount 9.99
Currency usd
In this case the following string will be received for the Merchant with 16 identifier and
Pass@word1 secret key:
16;Pass@word1;98788;9.99;usd
By subtracting MD5-hash from this string we receive the request signature (Sign) with the
value:
bb55a4a47971e92ffd4257d786a83067
Where:
orderId – order identifier at Merchant System, which has been paid by the user.
transactionId – identifier of the payment transaction at ePayments, which corresponds to the
order payment.
sign – reply signature from the Merchant, which is sent to him.
The signature calculation is based on the order and payment transaction identifiers as well as
the partner’s secret key. Thus, the Merchant can verify whether the reply from the Merchant service
is valid by comparing it with the signature indicated in the reply and by calculating the same value
through the following algorithm:
sign = md5(orderId;transactionId;partner_secret)
If the operation is successful the user is redirected to the successful result page at first (see
Picture 4). After clicking “Back to Merchant” button the user is redirected to SuccessURL.
11
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
Where:
orderId – order identifier at Merchant System, which has been paid for by the user.
code – error code (see Appendixes).
msg – error message description.
sign – reply signature from the Merchant, which is sent to him.
In case of an error the signature calculation is based on the order identifier, error code and
partner’s secret key. Thus, the Merchant can verify whether the reply from the Merchant service is
12
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
valid by comparing it with the signature indicated in the reply and by calculating the same value
through the following algorithm
sign = md5(orderId;errorCode;partner_secret)
If the operation is unsuccessful the user is redirected to the unsuccessful result page at first (see
Picture 5). After the user clicks “Back to Merchant” button he is redirected to DeclineURL.
NOTE
In order to make a request to the indicated MWS types authorisation for partners is required
NOTE
This method to receive a token is only available from the IP addresses indicated in the whitelist. If the Merchant’s
account at the Operator system does not have the whitelist with IP addresses or the IP addresses verification has been
deactivated, it will not be possible to receive the token.
If the details sent to TokenEndpoint are correct, the following parameters will be sent in reply:
Parameter Description
access_token Token to access API
token_type Token type. It will always have the bearer value
expires_in access_token / refresh_token timeframe. Indicated in seconds
refresh_token A token to receive a new token (RFC-6748#1.5)
In case the token is denied the following parameters will be received in reply:
Parameter Description
error Error type
error_desctiption Detailed description of the error. The parameter will not always have the value
14
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
A token has its timeframe. That is why it is necessary to refresh the token or to request the new
one from time to time. To refresh the token refresh_token should be used, which has been received
together with access_token.
To refresh the token POST request should be sent to TokenEndpoint. The request should
contain the heading:
Authorization: Basic GENERATED_STRING
Content-Type: application/x-www-form-urlencoded
NOTE
You can find more detailed description on how to refresh at RFC-6749:10.4.
The token refreshment function is only available if the ePayments support has been contacted by a user
beforehand
Accept-Language: ru-RU
The language code is used in accordance with ISO639. It is allowed to just indicate "ru" as well.
15
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
Request parameters:
Parameter Type Description M/O Field Exaple
Order number in the records of the
orderId string М 666
Merchant IS
Request example:
https://api.epayments.com/v1/merchant/orders/666
16
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
Reply Example (json):
{
"orders": [
{
"orderId": "sample string 1",
"extraId": "sample string 2",
"state": "Open",
"creationDate": "2015-07-24T19:02:19.6925212+01:00",
"payDate": "2015-07-24T19:02:19.6925212+01:00",
"purse": "sample string 4",
"amount": 5.0,
"currency": "sample string 6",
"details": "sample string 7",
"errorCode": 1,
"errorText": "sample string 8",
"paymentTransactionId": 1
},
{
"orderId": "sample string 1",
"extraId": "sample string 2",
"state": "Open",
"creationDate": "2015-07-24T19:02:19.6925212+01:00",
"payDate": "2015-07-24T19:02:19.6925212+01:00",
"purse": "sample string 4",
"amount": 5.0,
"currency": "sample string 6",
"details": "sample string 7",
"errorCode": 1,
"errorText": "sample string 8",
"paymentTransactionId": 1
}
],
"errorCode": 1,
"errorMsgs": [
"sample string 1",
"sample string 2"
]
}
Request parameters:
Parameter Type Description M/O Field Example
The number of last orders. Minimum value:
take integer М 15
1. Maximum value: 20
Request example:
17
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
https://api.epayments.com/v1/merchant/orders/last/15
NOTE
Maximum period of time you can receive the information about is 60 days. In order to receive information for the
longer period of time you need to send several requests.
Request parameters:
Parameter Type Description M/O Field Example
from date Start of sampling. Format: MM.DD.YYYY М 12.31.2015
till date End of sampling. Format: MM.DD.YYYY М 10.02.2016
Request example:
https://api.epayments.com/v1/merchant/orders/12.31.2015/10.02.2016
19
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
21
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
4. APPENDIX
1.5 Error codes
Code Description
-1 System error
-2 Incorrect request. The invoice amount should be more than 0
400 Incorrect request. It is returned in case there are mistakes in the details transferred. The error text will contain
the error description.
403 Access has been prohibited. It is returned when a user or a merchant does not have the required permission to
pay for the order.
404 Account has not been found or does not exist
500 System error
12008 Card service has not been paid for (when paying for the account with a user’s card)
13009 Exchange rate has expired
13011 The indicated exchange rate does not exist
13012 Exchange rate is not valid
18002 Account with the indicated OrderId already exists
18004 Payment has been cancelled by a user
18011 The indicated payment source is not supported by the system
18013 The payment for the account cannot be executed because a merchant and user paying for the account are the
same person.
18014 The account has expired and cannot be paid for
18015 The account has been closed
18016 The invoice cannot be submitted because the order amount is less than the partner’s fee for merchant’s
services
19008 The user has not been verified to execute this operation
19022 The e-Wallet section for the indicated account currency has not been found or the indicated e-Wallet of the
recipient does not belong to the partner
20091 The operation cannot be executed because the user does not have payment password required to confirm the
payment
21002 The user does not have a fee schedule
21003 ePayments card limit has been exceeded
21004 e-Wallet limit has been exceeded
21005 Card operation amount is less than minimum limit allowed
21006 e-Wallet operation amount is less than minimum limit allowed
21007 ePayments card operation amount limit has been exceeded
21008 e-Wallet operation amount limit has been exceeded
21009 ePayments card maximum limit on the number of operations has been reached
21010 e-Wallet maximum limit on the number of operations has been reached
29011 User’s account has been suspended (the payment password has been entered incorrectly 3 times in a row)
40002 The indicated source of payment for the account does not have enough funds (ePayments card/user’s e-Wallet)
22
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
23
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
24
ePayments
91 Wimpole Street, London W1G 0EF, United Kingdom
Company No. 07637944, VAT Number: GB 168 0010 38
5. CHANGES HISTORY
Version Date Description
0.1 2015-03-26 First draft
Sign element has been added to URL for the redirect from Operator IS to
0.2 2015-04-20
Merchant IS in section 3.1.3
In the result of processing the request of function "MWS_ordersOrderId"
0.3 2015-07-24
added the number of incoming transactions to Merchant e-Wallet
25