PWI Sample Imp.
Last updated
Last updated
Here at the page, we are going to look closer on of PWI comprehensively while providing sample requests, responses and best practices from fast, ease and secure implementation point of view.
Before proceeding, please ensure that you have the following pre-requisites in place:
Pair of API & Secret keys
A software tool to manage API calls; Postman, Insonmina, Github clients
If so, keep going.
Implementation requires two subsequent POST
requests orchestrate one by one.
In short;
First, we will illustrate a PWI-Initialize POST
request.
Then, we will cover up with PWI-Retrieve POST
section.
PWI implementation begins with PWI-Initialize POST
request.
This step involves sending a POST request to initialize the PWI payment. The request body contains various parameters such as locale, conversationId, price, basketId, paymentGroup, callbackUrl, currency, paidPrice, enabledInstallments, buyer details, shipping address, billing address, and basket items.
The following object is a sample PWI-Initialize request body.
Sample PWI-Initialize Request;
Once you have triggered above request, there are 3(three) scenarios you will monitor mostly.
Happy path includes a variable called, payWithIyzicoPageUrl
.
Hereby, token
and payWithIyzicoPageUrl
are essential knots of for the rest of payment journey.
In this step, you need to extract the token and payWithIyzicoPageUrl from the response obtained in the previous step. The token should be saved for later validation, and the payWithIyzicoPageUrl is used to redirect the user to the payment page.
token; Its expected that merchants saves token
parameter to confront and validate payment at the very end of payment journey.
payWithIyzicoPageUrl; where payment page appears briefly. Redirection to payWithIyzicoPageUrl
provides an interface to accomplish checkouts safely for end-users.
Redirection phase ties PWI-Initialize and PWI-Retrieve steps overall.
Following up end user interact on PWI payment page, iyzico will automatically redirect the page to the address given in the "callbackUrl" parameter. Redirection POST
includes;
status
String
Service response result (success / failure)
iyziPaymentId
String
If verification is successful, iyzico will return a paymentid. It must be set in Auth request
merchantId
String
ID of your merchant identification.
paymentConversationId
Long
If set, conversation ID to match request and response
token
String
Unique value created for each checkout form request. This token is used to access the payment result
iyziReferenceCode
String
A unique reference code for the notification
iyziEventType
String
Shows the request type. Exepcted value is CHECKOUT_FORM_AUTH
PWI-Retrieve is the last step of PWI chain.
Basically, we have just accepted a payment on the previous step. It is now time to legalize the transaction in this step. The following example is a sample PWI-Retrieve request body.
Sample PWI-Retrieve Request;
Once you have triggered above request, there are 2(two) scenarios you will monitor mostly.
Happy path includes SUCCESS
parameter in the paymentStatus
variable.
Sample PWI-Retrieve Response;
Webhooks are tail subject of our implementation streamline.
Receiving real-time payment notifications leverages overall PWI experience while ensuring that the notifications are coming from trusted sources, preventing any potential tampering or unauthorized access to sensitive data.
Each payment event triggers webhooks;
In 15
seconds.
Until your server responds with 200
.
For every 10
minutes.
Max 3
times.
Sample PWI Webhook
iyziEventTime
long
Unix timestamp value of first notification.
iyziEventType
string
Shows the request type. Values: API_AUTH, THREE_DS_AUTH, BKM_AUTH
iyziReferenceCode
string
A unique reference code for the notification
paymentId
long
Unique iyzico reference code of related payment
paymentConversationId
string
Merchant's reference id for the related payment
status
string
Payment status. Values: SUCCESS, FAILURE
Happy path includes success
parameter in the status
variable.
To finalize payment operations successfully, correlation of certain variables plays significant role;
paymentId
status
price
Other Idempotency parameters optionally
PWI-Retrieve response and Webhook notification have to authenticate each other.
It is crucial to cross-verify the response received from PWI-Retrieve and the data received in the Webhook notification. Match the paymentId, status, price, and other relevant parameters to ensure the authenticity and correctness of the transaction.
paymentId
on PWI-Retrieve response should be equal to paymentId
from Webhook
Both of the status
parameters should be success
price
parameter amounts should be the same
And lastly, Idempotency parameters should be the same as well.
If so, congratulations! Just finished PWI implementation.
Transaction details could get from merchant panel.