Description of the flow process
Authentication
Please note that accessToken-based authentication is used to interact with the system. Each token has a limited lifetime, for its reissue it is necessary to use refreshToken as described in the sequence diagram below.
Note that if you attempt to execute a request with an expired token, you will receive an error 5004. It is a signal to initiate the reissue of the token.
sequenceDiagram
participant Merchant's Server
participant PSP
Merchant's Server->>PSP: 1. Request {e.g. PUT /orders/orders_id} with Header Authorization: Bearer {accessToken}
rect rgb(191, 223, 255)
note right of Merchant's Server: Base Api usage flow
end
PSP->>PSP: 2. Creating order
PSP->>Merchant's Server: 3. Some response
rect rgb(191, 223, 255)
note right of Merchant's Server: In case of error 5004 {HTTP 403} you should receive a new token(refresh token)
endsequenceDiagram
participant Merchant's Server
participant PSP
Merchant's Server->>PSP: 1. Request { POST /oauth/tokens/refresh}. Body will contain refreshToken = {refreshToken}
rect rgb(191, 223, 255)
note right of Merchant's Server: Refresh tokens
end
PSP->>PSP: 2. Revoking current {accessToken} and {refreshToken}
PSP->>PSP: 3. Creating new {accessToken} and {refreshToken}
PSP->>Merchant's Server: 4. Response with new {accessToken} and {refreshToken}
Payments via payment form
sequenceDiagram
participant Customer
participant Merchant
participant PSP
rect rgb(191, 223, 255)
note right of Merchant: Payment
end
Merchant ->> PSP: 1. PUT /orders/{order_id}
PSP ->> PSP: 2. Creating order with {order_id}
PSP ->> Merchant:3. Return order object with payUrl
Merchant ->> Customer:4. Redirect customer to payUrl
Customer ->> PSP:5. Go to payment form on payUrl
PSP -->> PSP: 6. Some payment actions
PSP ->> Customer: 7. Redirect customer on success or decline page
Customer ->> Merchant: 8. Return back on page
PSP ->> Merchant: 9. POST send callback on callbackUrl
Merchant ->> PSP: 10. 200 OK
sequenceDiagram
participant Customer
participant Merchant
participant PSP
participant AccessControlServer as "Access Control Server"
Merchant ->> PSP: 1. PUT /payment/{payment_id}
rect rgb(191, 223, 255)
note right of Merchant: Payment
end
PSP ->> PSP: 2. Creating transaction with {payment_id}
PSP ->> PSP: 3. Some payment actions
alt with additional verification
PSP ->> Merchant: 4. Return payment object additionalAction redirect
Merchant ->> Customer: 5. Redirect customer to redirect URL
Customer ->> AccessControlServer: 6. Go to ACS form on redirect URL
AccessControlServer -->> AccessControlServer: 7. Some verification actions
AccessControlServer ->> Customer: 8. Redirect customer to Merchant's returnUrl
Customer ->> Merchant: 9. Return back on page
PSP ->> Merchant: 10. POST send callback on callbackUrl
Merchant ->> PSP: 11. 200 OK
Merchant ->> Customer: 12. Show status page with payment result
else without additional verification
PSP ->> Merchant: 10. Return status of payment
Merchant ->> Customer: 11. Show status page with payment result
end
opt
PSP ->> Merchant: 12. POST send callback on callbackUrl
Merchant ->> PSP: 13. 200 OK
end
rect rgb(191, 223, 255)
note right of Merchant: Usage saved payment credentials
end
Customer ->> Merchant: 14. Go to checkout page
Merchant ->> PSP:15. GET /tokens/accountId = {accountId}
PSP ->> PSP: 16. Find all saved credentials for customer with {accountId}
PSP ->> Merchant: 17. Response with saved credentials for {accountId}
Merchant ->> Customer: 18. Show saved payment credentials
Customer ->> Merchant: 19. Select saved credentials or select new payment
Refunds
sequenceDiagram
participant Merchant
participant PSP
Merchant ->> PSP: 1. PUT /refunds/{refund_id}
rect rgb(191, 223, 255)
note left of PSP: Refund
end
PSP ->> PSP: 2. Creating refund with {refund_id}
PSP -->> PSP: 3. Some refund actions
PSP ->> Merchant: 4. Response with refund result
opt
PSP ->> Merchant: 5. POST send callback on callbackUrl
Merchant ->> PSP: 6. 200 OK
end
sequenceDiagram
participant Merchant
participant PSP
rect rgb(191, 223, 255)
note left of PSP: Payout
end
Merchant ->> PSP: 1. PUT /payouts/{payout_id}
PSP ->> PSP: 2. Creating payout with {payout_id}
PSP -->> PSP: 3. Some payout actions
PSP ->> Merchant: 4. Response with payout result
opt
PSP ->> Merchant: 5. POST send callback on callbackUrl
Merchant ->> PSP: 6. 200 OK
end
Timeouts The waiting time for a response from our system in case of API requests must be at least 60 seconds .