IPCPreAuthorizationCancel
Purpose
This method is used by myPOS Checkout API to notify the merchant that the customer has canceled the payment. myPOS Checkout API will redirect with this method when the customer chooses to cancel the pre-authorization. The call will be made on the previously supplied URL_Cancel.
Parameters Sent to URL_Cancel
All parameters are transmitted via HTTP POST in the body of the request, URL-encoded and in UTF-8 format.
| Parameter | Example | Type | Description |
|---|---|---|---|
| Amount | 23.45 | Double | Echo from IPCPreAuthorization. |
| Currency | EUR | A(3) | Echo from IPCPreAuthorization. |
| OrderID | 201203319999999 | String | Echo from IPCPreAuthorization. |
| Signature | BASE64-encoded hash | BASE64 | SHA-256 hash of all parameters (excluding Signature itself); used for verification. |
The Signature parameter is crucial for verifying the integrity and origin of the request. It is always the last parameter in the POST data and should be validated using the merchant's public key.
Implementation Notes
- Signature Verification: Upon receiving the POST request at
URL_Cancel, the merchant's system should verify theSignatureto confirm the request's authenticity. This involves concatenating the received parameters (excludingSignature), computing the SHA-256 hash, and comparing it against the providedSignature. - Response Handling: It's good practice for the merchant's server to respond with an HTTP 200 OK status to acknowledge receipt.
- Order Management: After processing the cancellation notification, the merchant should update the order status accordingly, ensuring that any reserved funds or pending actions related to the pre-authorization are appropriately handled.
Example HTTP POST
POST /preauth-cancel-handler.php HTTP/1.1
Host: www.yoursite.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 200
Amount=23.45&
Currency=EUR&
OrderID=201203319999999&
Signature=BASe64EnCRypt3dSignATurE==