Create Payment Page Session

Request to create a session identifier for the hosted payment. The session identifier when included in the payment page request allows you to return the payer to the merchant's website after completing the payment attempt.

POST https://test-nbkpayment.mtf.gateway.mastercard.com/api/nvp/version/17

Authentication Copied to clipboard

This operation requires authentication via one of the following methods:


  • Certificate authentication.
  • To authenticate to the API two additional NVP parameters must be supplied in the request. Provide 'merchant.<your gateway merchant ID>' in the apiUsername field and your API password in the apiPassword field.

Request Copied to clipboard

Fields Copied to clipboard

action Copied to clipboard OPTIONAL

Information about any actions which apply to this transaction.

Specify actions if you wish to change the default behaviour of the transaction.

action.bypassMerchantRiskRules Copied to clipboard Enumeration OPTIONAL

The risk rules you wish to bypass when performing risk assessment for an order.

Value must be a member of the following list. The values are case sensitive.

ALL
apiOperation Copied to clipboard String = CREATE_PAYMENT_PAGE_SESSION FIXED

Any sequence of zero or more unicode characters.

correlationId Copied to clipboard String OPTIONAL

A transient identifier for the request, that can be used to match the response to the request.

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.

Data can consist of any characters

Min length: 1 Max length: 100
merchant Copied to clipboard Alphanumeric + additional characters REQUIRED

The unique identifier issued to you by your payment provider.

This identifier can be up to 12 characters in length.

Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 40
order Copied to clipboard REQUIRED

Information about the order associated with this transaction.

order.amount Copied to clipboard Decimal REQUIRED

The total amount for the order.

If you provide both this value and any of the sub-total amounts (order.itemAmount, order.shippingAndHandlingAmount, order.taxAmount) then the sum of the sub-total amounts MUST equal the order.amount.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.currency Copied to clipboard Upper case alphabetic text REQUIRED

The currency of the transaction expressed as an ISO 4217 alpha code, e.g. USD.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
order.id Copied to clipboard String REQUIRED

A unique identifier for this order to distinguish it from any other order you create.

Use this identifier when referring to this order in subsequent transactions and in retrieval operations. This value must be unique for every order you create using your merchant profile.

Data can consist of any characters

Min length: 1 Max length: 40
paymentPage Copied to clipboard OPTIONAL

Container for fields that control the payer's interaction on the payment page.

paymentPage.cancelUrl Copied to clipboard URI OPTIONAL

The URL to which you want to redirect the payer's browser if they cancel their payment.

This could be a link to the payer's shopping cart, or the home page of your website.

Data must be an absolute URI conforming to the URI syntax published by IETF RFC 2396. The following schemes are forbidden : javascript

paymentPage.returnUrl Copied to clipboard URI OPTIONAL

The URL to which you want to return the payer after completing the payment attempt.

During the redirect, the gateway will append a resultIndicator parameter to this URL. This parameter determines the result of the payment. See Obtain the Payment Result section.

Data must be an absolute URI conforming to the URI syntax published by IETF RFC 2396. The following schemes are forbidden : javascript


Response Copied to clipboard

Fields Copied to clipboard

correlationId Copied to clipboard String CONDITIONAL

A transient identifier for the request, that can be used to match the response to the request.

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.

Data can consist of any characters

Min length: 1 Max length: 100
merchant Copied to clipboard Alphanumeric + additional characters ALWAYS PROVIDED

The unique identifier issued to you by your payment provider.

This identifier can be up to 12 characters in length.

Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 40
result Copied to clipboard Enumeration ALWAYS PROVIDED

A system-generated high level overall result of the transaction/operation.

Value must be a member of the following list. The values are case sensitive.

FAILURE

The operation was declined or rejected by the gateway, acquirer or issuer

PENDING

The operation is currently in progress or pending processing

SUCCESS

The operation was successfully processed

UNKNOWN

The result of the operation is unknown

session Copied to clipboard ASCII Text ALWAYS PROVIDED

The session identifier for the hosted payment.

Include this identifier in the payment page request if you wish to return the payer to the merchant's website after completing the payment attempt.

Data consists of ASCII characters

Min length: 31 Max length: 35
successIndicator Copied to clipboard ASCII Text ALWAYS PROVIDED

An identifier to determine the success of the hosted payment.

The gateway will return this value in the resultIndicator parameter (appended to the returnUrl) for successful payments only. See Obtain the Payment Result section.

Data consists of ASCII characters

Min length: 16 Max length: 32

Errors Copied to clipboard

error Copied to clipboard

Information on possible error conditions that may occur while processing an operation using the API.

error.cause Copied to clipboard Enumeration

Broadly categorizes the cause of the error.

For example, errors may occur due to invalid requests or internal system failures.

Value must be a member of the following list. The values are case sensitive.

INVALID_REQUEST

The request was rejected because it did not conform to the API protocol.

REQUEST_REJECTED

The request was rejected due to security reasons such as firewall rules, expired certificate, etc.

SERVER_BUSY

The server did not have enough resources to process the request at the moment.

SERVER_FAILED

There was an internal system failure.

error.explanation Copied to clipboard String

Textual description of the error based on the cause.

This field is returned only if the cause is INVALID_REQUEST or SERVER_BUSY.

Data can consist of any characters

Min length: 1 Max length: 1000
error.field Copied to clipboard String

Indicates the name of the field that failed validation.

This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.

Data can consist of any characters

Min length: 1 Max length: 100
error.supportCode Copied to clipboard String

Indicates the code that helps the support team to quickly identify the exact cause of the error.

This field is returned only if the cause is SERVER_FAILED or REQUEST_REJECTED.

Data can consist of any characters

Min length: 1 Max length: 100
error.validationType Copied to clipboard Enumeration

Indicates the type of field validation error.

This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.

Value must be a member of the following list. The values are case sensitive.

INVALID

The request contained a field with a value that did not pass validation.

MISSING

The request was missing a mandatory field.

UNSUPPORTED

The request contained a field that is unsupported.

result Copied to clipboard Enumeration

A system-generated high level overall result of the operation.

Value must be a member of the following list. The values are case sensitive.

ERROR

The operation resulted in an error and hence cannot be processed.