IPCPreAuthorizationNotify
Reliable Pre-Authorization Notification (Server-to-Server)
Purpose
This method is used by myPOS Checkout API to notify the merchant for a successful pre-authorization and to pass all needed parameters for the payment on URL_Notify.
After successful response for this method, myPOS Checkout API will redirect the customer browser to URL_OK and will pass the same parameters with the IPCPreAuthorizationOK method.
Do not use IPCPreAuthorizationOK to authorize a payment because it is not a server-to-server connection and it is not always guaranteed to receive a response. In this case, you should use IPCPreAuthorizationNotify.
Method Properties
| Property | Typical value | Type | Description |
|---|---|---|---|
| Amount | 23.45 | Double | Echo from IPCIAPreAuthorization. |
| Currency | EUR | A(3) | Echo from IPCIAPreAuthorization. |
| OrderID | 201203319999999 | String | Echo from IPCIAPreAuthorization. |
| IPC_Trnref | 12345678923 | String | Used to uniquely identify a transaction in IPC. Used as a parameter for subsequent refund or reversal if needed. |
| RequestDateTime | 2012-03-31 23:59:59 | DateTime | Date/time of the request. |
| RequestSTAN | 123456 | N(6) | Consequent number from 1 to 999999. Used for request unique match. |
| PreAuthExpDate | 210612 | N(6) | The ExpDate of the preauthorization (YYMMDD). |
| BillingDescriptor | MYPOS *BillingDescriptor | String | Text that appears on a customer's card statement. |
| Signature | BASE64... | BASE64 | SHA-256 HASH for all properties in the command. Signature is ALWAYS THE LAST PARAMETER IN THE POST. |
Response Handling
Upon receiving the IPCPreAuthorizationNotify POST request, your server should respond with an HTTP 200 OK status and the body content:
OK
Any other response will be treated as a communication error, call error, server error or system malfunction.
Example POST Data
IPCmethod=IPCPreAuthorizationNotify&
SID=000000000000010&
Amount=50.00&
Currency=EUR&
OrderID=1440146333&
IPC_Trnref=813705&
RequestSTAN=000006&
RequestDateTime=2015-08-21 10:39:37&
PreAuthExpDate=210612&
BillingDescriptor=MYPOS *BillingDescriptor&
Signature=aPn96fYghN/hdLgP0oGbCglBACwJlG6TSlf7UJP9Qe9UMzBP9+B5r7enaLZNAWAHaws7iZH9INgQrHbnn/IaIKFYzjWLHqCQm2xYPF4IAbIn5MC9UjfUXyMxZ42ENVx/Poeq0ZH1Zd34j2qbFJ8tViawUjey5BZRIeJaEmQr3ww=
Security Considerations
- Signature Verification: Always validate the
Signatureusing your configured RSA keys to ensure the authenticity of the request. - Data Integrity: Treat the data received in IPCPreAuthorizationNotify as the definitive source for transaction details.