Skip to main content

ConvertPlus Buy-Links Signature for Dynamic Products

ConvertPlus Buy-Links Signature for Dynamic Products

Last updated: 29-Feb-2024
Rate this article:

Overview

You can generate links for dynamic products outside the Merchant Control Panel, using the ConvertPlus parameters explained in this article. Some of the ConvertPlus buy-link parameters require a signature, to prevent any interference in the ordering process. Optional parameters also require a signature if they are included in the generated buy-link.

 

ConvertPlus parameters that require a signature

Parameter Description
return-url URL to which customers are redirected after their finalized purchase. Learn more about Redirect URL on this article.

return-type

The return method used for redirecting your customers after a successful sale. Possible values:

  • Link in the Thank You page
  • Header Redirect
expiration

Buy link expiry date. The link becomes invalid after the date from this parameter. Send as a UTC timestamp.

Example: 

1537549421 

order-ext-ref Use this parameter to set an external reference to the order.
item-ext-ref Set product identifier for your dynamic products. You can send multiple values separated by semicolon ;. 
customer-ref The 2Checkout system generates default customer numerical (integer) IDs automatically for all orders of products that feature subscriptions. Can be used for new acquisitions aggregating new subscriptions under an existing Customer account.
customer-ext-ref The external customer reference.
currency Preselected billing currency 2Checkout uses to charge your customers.
prod

The name of the dynamic product. For multiple products, send them separated by a semicolon.

Example: name1;name2;name3.

price

For dynamic products, enter the product price.

For multiple dynamic items, send the values separated by a semicolon.

Example: price1;price2;price3.

qty

The number of units (quantity) for each product in checkout, separated by a semicolon;. Do not use spaces or blanks. Example: qty=2;1.

qty works in conjunction with prod, based on their respective order. The first value of the qty parameter controls the number of units for the products whose identifier is in the first position of the prod parameter. 

Example: https://secure.2checkout.com/checkou...rchant=2COLNC&prod=6FD08E61B5;E2932D0DE2&qty=4;3

type

The type of dynamic product. Possible values:

  • digital
  • physical
  • shipping
  • tax

If type is empty or not send, the default line item is considered product.

For multiple dynamic items, send the values separated by a semicolon.

opt Defines the product pricing options.

 

URL formating rules:

 

":" is considered a pair separator

  • 1 product with 1 price option with 1 value (includes scale option type)
    • prod=code1&opt=gr1:val1
  • 1 product with 1 price option with multiple values
    • prod=code1&opt=gr1:val1:val2

 

"," is considered a value separator

  • 1 product with 2 price options with 1 value each
    • prod=code1&opt=gr1:val1,gr2:val2
  • 1 product with 2 price options with multiple values each
    • prod=code1&opt=gr1:val1:val2,gr2:val3:val4

 

";" is considered a parameter separator between products

  • 2 products with 1 price option containing 1 value
    • prod=code1;code2&opt=gr1:val1;gr2:val2
  • 2 products with 1 price option containing multiple values
    • prod=code1;code2&opt=gr1:val1:val2;gr2:val3:val4
  • 2 products with 2 price options containing 1 value each
    • prod=code1;code2&opt=gr1:val1,gr2:val2;gr3:val3,gr4:val4
  • 2 products with 2 price options containing multiple values each
    • prod=code1;code2&opt=gr1:val1:val2,gr2:val3:val4;gr3:val5:val6,gr4:val7:val8
description For dynamic products, set a description that is displayed in the checkout page. The description field is displayed only for the 'One column with payment buttons' template. The description will not be visible in the default template.
recurrence

For dynamic products, set product recurring options.

Send multiple dynamic items separated by a semicolon.

Example: period1:unit1;period2:unit2;

 

Possible values for units:

  • DAY
  • WEEK
  • MONTH
  • YEAR
  • FOREVER

*This parameter is conditioned by two other parameters: duration and renewal-price.

duration For dynamic products, set the duration of the recurrence.
renewal-price For dynamic products, set the price that should be applied to the renewal order.

ConvertPlus parameters to be included in the signature - general rules

  1. General parameters included in the signature, regardless of the type of checkout (catalog products, dynamic products, renewal, unfinished payment): return-urlreturn-typeexpirationorder-ext-refcustomer-refcustomer-ext-ref.
  2. Parameters to be included in the signature for dynamic products buy-links: currencyprod, priceqtytypeoptdescriptionrecurrencedurationrenewal-price,  item-ext-ref.
  3. Parameters to be included in the signature for manual renewal buy-links: prodqtyopt.
  4. Parameters to be included for on-the-fly pricing for catalog products: prodpriceqtyopt, coupon.
  5. The parameter to be included in order to lock the cart for catalog products: lock.
  6. Parameters to be included when an approved URL is set: in this case, all parameters will be included in the signature, when redirected after successful completion of a sale.

Build the ConvertPlus signature

To sign a ConvertPlus buy-link, you need to follow these steps:

  1. Sort the parameters that require a signature alphabetically.
  2. Serialize the parameters and append to them the length of their values.
  3. Concatenate the resulting values.
  4. The serialized value is then encrypted with your Buy Link Secret Word using the HMAC method (algorithm sha256).
  5. The resulting value is added to the buy link under the signature parameter

Example

Let's consider the following parameters:

  •     merchant = 'MCODE'
  •     dynamic = '1'
  •     prod = 'Software'
  •     price = 10
  •     currency = 'USD'
  •     qty = 1
  •     type = 'digital'
  •     expiration = 1893456000

The regular buy-link will have the following structure:

https://www.2checkout.com/checkout/buy?merchant=2COLRNC&dynamic=1&prod=Software&price=10currency=USD&qty=1&type=digital&expiration=1893456000 

This link is missing one last parameter, a signature.

Let's take a look at the list of parameters that require a signature:

  •     merchant = '2COLRNC'
  •     dynamic = '1'
  •     prod = 'Software' <-- SIGNATURE REQUIRED
  •     price = 10        <-- SIGNATURE REQUIRED
  •     currency = 'USD'        <-- SIGNATURE REQUIRED
  •     qty = 1             <-- SIGNATURE REQUIRED
  •     type = 'digital'         <-- SIGNATURE REQUIRED
  •     expiration = '1893456000' <-- SIGNATURE REQUIRED

We extract only those parameters:

  •     prod = 'Software'
  •     price = 10
  •     currency = 'USD'
  •     qty = 1
  •     type = 'digital'
  •     expiration = 1893456000

Sort the parameters alphabetically

  •     currency = 'USD'
  •     expiration = 1893456000
  •     price = 10
  •     prod = 'Software'
  •     qty = 1
  •     type = 'digital'

Serialize the values

To serialize a value, you need to prepend to it the number of letters or digits a value has. For example, the currency parameter has the 'USD' value that will be serialized as '3USD', where 3 is the number of letters that make up the value. The value of the price parameter is '10', so the serialized value will be '210', where 2 is the number of digits that make up the value.

In case a value uses special characters, to serialize it, you need to prepend to it the number of bytes in the string, also known as the UTF-8 string length. To count the bytes in the string, you can use an online bytes counter. For example, if the prod parameter has the 'ελληνικά' value, this will be serialized as '16ελληνικά' and not as '8ελληνικά', due to the use of special characters, where '16' is the number of bytes in the string.

  •     currency = '3USD'
  •     expiration = 101893456000  
  •     price = 210
  •     prod = '8Software'
  •     qty = 11
  •     type = '7digital'

Concatenate the values

    '3USD1018934560002108Software117digital'

Encrypt using your Secret Word

The serialized value is then encrypted using the HMAC method.
    - the algorithm used is sha256
    - the key used when encrypting is the merchant secret word (in this example, the secret word is 'secret_wordbuylink')

This outputs a 64 character string:

c2225743f22e3b698b2f31052e35ec7602b787c804eaac1e0cd127a9a06b5762

Add the string in the buy-link

https://secure.2checkout.com/checkout/buy?merchant=2COLRNC&dynamic=1&prod=Software&price=10&currency=USD&qty=1&type=digital&expiration=1893456000&signature=c2225743f22e3b698b2f31052e35ec7602b787c804eaac1e0cd127a9a06b5762
Rate this article:

Need help?

Do you have a question? If you didn’t find the answer you are looking for in our documentation, you can contact our Support teams for more information. If you have a technical issue or question, please contact us. We are happy to help.

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business, wherever you want to sell, in-person or online. Our team of experts will happily discuss your needs.

Verifone logo