| Verifone Developer Portal

Retrieve subscriptions

Overview

Extract information on your account’s subscriptions.

Use the searchSubscriptions method to retrieve details about your account’s subscriptions, based on a set of filters. Subscriptions can be retrieved starting with 5 minutes after their orders are generated in the 2Checkout system.

Parameters

Parameters	Type/Description
sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. Avangate throws an exception if the values are incorrect. The sessionID expires in 10 minutes.
SearchBy	Optional (Object)
	Unique, system-generated subscription identifier.

SubscriptionSearchOptions parameters	Type/Description
CustomerEmail	Optional (string)
	Customer email address. Can be NULL. Note: The CustomerEmail parameter must be paired always with another reference pointing to the correct customer, such as the AvangateCustomerReference parameter or the ExternalCustomerReference parameter. Otherwise, the search call will return partial hits on the customer email address.
ExactMatchEmail	Optional (Boolean)
	Force search by email to perform exact match; recommended to keep this option set to true in order to avoid matching similar email addresses from multiple customers.
DeliveredCode	Optional (string)
	Activation key/code. Can be NULL.
AvangateCustomerReference	Optional (int)
	System-generated customer reference. Can be NULL.
ExternalCustomerReference	Optional (string)
	External customer reference that you control. Can be NULL.
Aggregate	Optional (boolean)
	true - search will work across all your aggregated Avangate accounts. false - default value. You limit the search to the account whose details you used for authentication. Can be NULL.
SubscriptionEnabled	Optional (boolean)
	true for enabled subscriptions. false for disabled subscriptions. Can be NULL.
RecurringEnabled	Optional (StringArray)
	true – Avangate charges customers using recurring billing for subscriptions. false – customers need to make manual payments to renew their subscriptions. Can be NULL.
ProductCodes	Optional (StringArray)
	Product identifier that you control. Can be NULL.
CountryCodes	Optional (string)
	Country code (ISO 3166 two-letter code). Can be NULL.
PurchasedAfter	Optional (string)
	YYYY-MM-DD. Subscription search interval start. You can search for subscriptions purchased between the dates you set using PurchasedAfter and PurchasedBefore. Note: The default Avangate API time zone is GMT+02:00. Can be NULL.
PurchasedBefore	Optional (string)
	YYYY-MM-DD. Subscription search interval end. You can search for subscriptions purchased between the dates you set using PurchasedAfter and PurchasedBefore. Note: The default Avangate API time zone is GMT+02:00. Can be NULL.
ExpireAfter	Optional (string)
	YYYY-MM-DD. Search subscriptions set to expire after a specific date. *Note:* The default Avangate API time zone is GMT+02:00. Can be NULL.
ExpireBefore	Optional (string)
	YYYY-MM-DD. Search subscriptions set to expire before a specific date. *Note:* The default Avangate API time zone is GMT+02:00. Can be NULL.
RenewedAfter	Optional (string)
	YYYY-MM-DD. Search subscriptions renewed after a specific date. *Note:* The default Avangate API time zone is GMT+02:00. Can be NULL.
RenewedBefore	Optional (string)
	YYYY-MM-DD. Search subscriptions renewed before a specific date. *Note:* The default Avangate API time zone is GMT+02:00. Can be NULL.
NotificationAfter	Optional (string)
	YYYY-MM-DD. Search subscriptions for which the Avangate system sent out notifications after a specific date. *Note:* The default Avangate API time zone is GMT+02:00. Can be NULL.
NotificationBefore	Optional (string)
	YYYY-MM-DD. Search subscriptions for which the Avangate system sent out notifications before a specific date Note: The default Avangate API time zone is GMT+02:00. Can be NULL.
Type	Optional (string)
	trial - trial subscriptions. regular - all generated subscriptions that are not trials. regularfromtrial - subscriptions generated from a trial conversion. Can be NULL.
TestSubscription	Optional (boolean)
	true false, depending on whether you want to include test subscriptions in the search or not. Can be NULL.
LifetimeSubscription	Optional (boolean)
	true – evergreen subscriptions. false - subscriptions with a limited recurring billing cycle, typically no larger than 36 months. Can be NULL.
Page	Optional (int)
	A specific page of search results. Default value is 1. Can be NULL.
Limit	Optional (int)
	Number of results (subscriptions) displayed per page. Default value is 10. Can be NULL.

Response

Subscription

Array of objects

Request


<?php
 
 
function callRPC($Request, $hostUrl, $Debug = true) {
    $curl = curl_init($hostUrl);
    curl_setopt($curl, CURLOPT_POST, 1);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($curl, CURLOPT_SSLVERSION, 0);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json'));
    $RequestString = json_encode($Request);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $RequestString);
 
 
    if ($Debug) {
        $RequestString;
    }
    $ResponseString = curl_exec($curl);
    if ($Debug) {
        $ResponseString;
    }
 
    if (!empty($ResponseString)) {
        $Response = json_decode($ResponseString);
        if (isset($Response->result)) {
            return $Response->result;
        }
        if (!is_null($Response->error)) {
            var_dump($Request->method, $Response->error);
        }
    } else {
        return null;
    }
}
 
$host = 'https://api.avangate.com/rpc/3.0/';
 
$merchantCode = "YOUR_MERCHANT_CODE";// your account's merchant code available in the 'System settings' area of the cPanel: https://secure.avangate.com/cpanel/account_settings.php
$key = "YOUR_SECRET_KEY";// your account's secret key available in the 'System settings' area of the cPanel: https://secure.avangate.com/cpanel/account_settings.php
 
$string = strlen($merchantCode) . $merchantCode . strlen(gmdate('Y-m-d H:i:s')) . gmdate('Y-m-d H:i:s');
$hash = hash_hmac('md5', $string, $key);
 
$i = 1; // counter for api calls
// call login
$jsonRpcRequest = new stdClass();
$jsonRpcRequest->jsonrpc = '2.0';
$jsonRpcRequest->method = 'login';
$jsonRpcRequest->params = array($merchantCode, gmdate('Y-m-d H:i:s'), $hash);
$jsonRpcRequest->id = $i++;
 
$sessionID = callRPC($jsonRpcRequest, $host);
 
var_dump($sessionID);
$SubscriptionSearch = new stdClass();
$SubscriptionSearch->CustomerEmail  = 'example@email.com';
$SubscriptionSearch->DeliveredCode = null;
$SubscriptionSearch->AvangateCustomerReference = null;
$SubscriptionSearch->ExternalCustomerReference = null;
$SubscriptionSearch->Aggregate = false;
$SubscriptionSearch->SubscriptionEnabled = null; //true false null
$SubscriptionSearch->RecurringEnabled = null; // true - autorenewal, false - manual renewal, null = both(default) 
$SubscriptionSearch->ProductCodes = null; //array('Product_Code1', 'Product_Code2');
$SubscriptionSearch->CountryCodes = null;//array ('au')
$SubscriptionSearch->PurchasedAfter = null;
$SubscriptionSearch->PurchasedBefore = null;
$SubscriptionSearch->ExpireAfter = null;
$SubscriptionSearch->ExpireBefore = null;
$SubscriptionSearch->LifetimeSubscription = null;
$SubscriptionSearch->Type = 'regular'; //'trial', 'regular', 'regularfromtrial'
$SubscriptionSearch->TestSubscription = null; // true, false, null = both(default) $SubscriptionSearch->Page = 1;$SubscriptionSearch->Limit = 25;
$SubscriptionSearch->Page = 1;
$SubscriptionSearch->Limit = 10;

$jsonRpcRequest = array (
'method' => 'searchSubscriptions',
'params' => array($sessionID, $SubscriptionSearch),
'id' => $i++,
'jsonrpc' => '2.0');

var_dump (callRPC((Object)$jsonRpcRequest, $host, true));

Retrieve product groups

Overview

Use the getProductGroups method to extract information about the product groups you created for your account.

Parameters

Parameters	Type/Description
sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. Avangate throws an exception if the values are incorrect. The sessionID expires in 10 minutes.

Response

ProductGroup

Array of objects

Request

<?php
 
function callRPC($Request, $hostUrl, $Debug = true) {
    $curl = curl_init($hostUrl);
    curl_setopt($curl, CURLOPT_POST, 1);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($curl, CURLOPT_SSLVERSION, 0);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json'));
    $RequestString = json_encode($Request);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $RequestString);
 
    if ($Debug) {
        $RequestString;
    }
    $ResponseString = curl_exec($curl);
    if ($Debug) {
        $ResponseString;
    }
 
    if (!empty($ResponseString)) {
//        var_dump($ResponseString);
        $Response = json_decode($ResponseString);
        if (isset($Response->result)) {
            return $Response->result;
        }
        if (!is_null($Response->error)) {
            var_dump($Request->method, $Response->error);
        }
    } else {
        return null;
    }
}
 
$host = 'https://api.avangate.com/rpc/3.0/';
 
$merchantCode = "YOURCODE12345";//your account's merchant code available in the 'System settings' area of the cPanel: https://secure.avangate.com/cpanel/account_settings.php
$key = "SECRET_KEY";//your account's secret key available in the 'System settings' area of the cPanel: https://secure.avangate.com/cpanel/account_settings.php
 
$string = strlen($merchantCode) . $merchantCode . strlen(gmdate('Y-m-d H:i:s')) . gmdate('Y-m-d H:i:s');
$hash = hash_hmac('md5', $string, $key);
 
$i = 1; // counter for api calls
 
// Call the login method for authentication
 
$jsonRpcRequest = new stdClass();
$jsonRpcRequest->jsonrpc = '2.0';
$jsonRpcRequest->method = 'login';
$jsonRpcRequest->params = array($merchantCode, gmdate('Y-m-d H:i:s'), $hash);
$jsonRpcRequest->id = $i++;
 
$sessionID = callRPC($jsonRpcRequest, $host);
 
$jsonRpcRequest = array (
'jsonrpc' => '2.0',
'id' => $i++,
'method' => 'getProductGroups',
'params' => array($sessionID)
);
var_dump (callRPC((Object)$jsonRpcRequest, $host));
 
 
?>

Disable a subscription

Overview

Use the cancelSubscription method to disable an active subscription. Avangate disabled the subscription immediately and no longer performs any recurring billing actions.

Parameters

Parameters	Type/Description
sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. Avangate throws an exception if the values are incorrect. The sessionID expires in 10 minutes.
SubscriptionReference	Required (string)
	Unique, system-generated subscription identifier.

Response

Boolean

true or false depending on whether the call resulted in success or not.

Request


<?php
 
 
function callRPC($Request, $hostUrl, $Debug = true) {
    $curl = curl_init($hostUrl);
    curl_setopt($curl, CURLOPT_POST, 1);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($curl, CURLOPT_SSLVERSION, 0);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Accept: application/json'));
    $RequestString = json_encode($Request);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $RequestString);
 
 
    if ($Debug) {
        $RequestString;
    }
    $ResponseString = curl_exec($curl);
    if ($Debug) {
        $ResponseString;
    }
 
    if (!empty($ResponseString)) {
        $Response = json_decode($ResponseString);
        if (isset($Response->result)) {
            return $Response->result;
        }
        if (!is_null($Response->error)) {
            var_dump($Request->method, $Response->error);
        }
    } else {
        return null;
    }
}
 
$host = 'https://api.avangate.com/rpc/3.0/';
 
$merchantCode = "YOUR_MERCHANT_CODE";// your account's merchant code available in the 'System settings' area of the cPanel: https://secure.avangate.com/cpanel/account_settings.php
$key = "YOUR_SECRET_KEY";// your account's secret key available in the 'System settings' area of the cPanel: https://secure.avangate.com/cpanel/account_settings.php
 
$string = strlen($merchantCode) . $merchantCode . strlen(gmdate('Y-m-d H:i:s')) . gmdate('Y-m-d H:i:s');
$hash = hash_hmac('md5', $string, $key);
 
$i = 1; // counter for api calls
// call login
$jsonRpcRequest = new stdClass();
$jsonRpcRequest->jsonrpc = '2.0';
$jsonRpcRequest->method = 'login';
$jsonRpcRequest->params = array($merchantCode, gmdate('Y-m-d H:i:s'), $hash);
$jsonRpcRequest->id = $i++;
 
$sessionID = callRPC($jsonRpcRequest, $host);
 
var_dump($sessionID);
$subscriptionReference = '351D8F557E';

$jsonRpcRequest = array (
'method' => 'cancelSubscription',
'params' => array($sessionID, $subscriptionReference),
'id' => $i++,
'jsonrpc' => '2.0');

var_dump (callRPC((Object)$jsonRpcRequest, $host, true));

Retrieve a subscription

Overview

Extract information on a single subscription. Use the getSubscription method to retrieve details about a subscription.

Subscriptions can be retrieved starting with 5 minutes after their orders are generated in the 2Checkout system.

Parameters

Parameters	Type/Description
sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. 2Checkout throws an exception if the values are incorrect. The sessionID expires in 10 minutes.
SubscriptionReference	Required (string)
	Unique, system-generated subscription identifier.

Response

Subscription

Object

Request


<?php
$host   = "https://api.2checkout.com";
$client = new SoapClient($host . "/soap/4.0/?wsdl", array(
    'location' => $host . "/soap/4.0/",
    "stream_context" => stream_context_create(array(
        'ssl' => array(
            'verify_peer' => false,
            'verify_peer_name' => false
        )
    ))
));

function hmac($key, $data)
{
    $b = 64; // byte length for md5
    if (strlen($key) > $b) {
        $key = pack("H*", md5($key));
    }
    
    $key    = str_pad($key, $b, chr(0x00));
    $ipad   = str_pad('', $b, chr(0x36));
    $opad   = str_pad('', $b, chr(0x5c));
    $k_ipad = $key ^ $ipad;
    $k_opad = $key ^ $opad;
    return md5($k_opad . pack("H*", md5($k_ipad . $data)));
}
$merchantCode = "YOUR_MERCHANT_CODE";// your account's merchant code available in the 'System settings' area of the cPanel: https://secure.2checkout.com/cpanel/account_settings.php
$key = "YOUR_SECRET_KEY";// your account's secret key available in the 'System settings' area of the cPanel: https://secure.2checkout.com/cpanel/account_settings.php
$now          = gmdate('Y-m-d H:i:s'); //date_default_timezone_set('UTC')
$string = strlen($merchantCode) . $merchantCode . strlen($now) . $now;
$hash   = hmac($key, $string);
try {
    $sessionID = $client->login($merchantCode, $now, $hash);
}
catch (SoapFault $e) {
    echo "Authentication: " . $e->getMessage();
    exit;
}
$subscriptionReference = 'F27CFE06ED';
try {
    $subscriptionInfo = $client->getSubscription($sessionID, $subscriptionReference);
}
catch (SoapFault $e) {
    echo "subscriptionInfo: " . $e->getMessage();
    exit;
}
var_dump("subscriptionInfo", $subscriptionInfo);

Subscription end user update

Overview

Use the updateSubscriptionEndUser method to update the details of a subscription’s end user. This method changes per-subscription end user data and not customer details.

Parameters

Parameters	Type/Description
sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. 2Checkout throws an exception if the values are incorrect. The sessionID expires in 10 minutes.
SubscriptionReference	Required (string)
	Unique, system-generated subscription identifier.
EndUser	Required (Object)
	Use this object to update end user information.

Response

Parameter	Type/Description
Boolean	true or false depending on whether the changes were successful or not.

Request


<?php
 
require('PATH_TO_AUTH');

$subscriptionReference = '8F749B63E7';
$EndUser = new stdClass ();
$EndUser->Address1 = 'Address line 1';
$EndUser->Address2 = 'Address line 2';
$EndUser->City = 'LA';
$EndUser->Company = 'Company Name';
$EndUser->CountryCode = "US";
$EndUser->Email = 'customerAPI@avangate.com';
$EndUser->FirstName = 'New Customer 2.0';
$EndUser->Language = 'en';
$EndUser->LastName = 'Avangate';
$EndUser->Phone = '1234567890';
$EndUser->State = 'California';
$EndUser->Zip = '90210';
$EndUser->Fax = null;

$jsonRpcRequest = array (
'method' => 'updateSubscriptionEndUser',
'params' => array($sessionID, $subscriptionReference, $EndUser),
'id' => $i++,
'jsonrpc' => '2.0');

var_dump (callRPC((Object)$jsonRpcRequest, $host, true));

Renew a subscription

Overview

Renew a subscription in the 2Checkout system on-demand, controlling the number of days, price, and currency of the extension. Use the renewSubscription method to renew a subscription.

Parameters

Parameters	Type/Description
sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. 2Checkout throws an exception if the values are incorrect. The sessionID expires in 10 minutes.
SubscriptionReference	Required (string)
	Unique, system-generated subscription identifier. 2Checkout charges customers using the payment data attached to subscriptions. In the case of credit/debit cards, if customers update their payment information in myAccount or if you update these details on behalf of your subscribers, the 2Checkout system uses the latest card info provided to charge subscription renewals.
Days	Required (int)
	The number of days the 2Checkout system extends the lifetime of the subscription.
Price	Required (double)
	The price that 2Checkout charges the customer for the renewal. The type of price, Gross or Net, is decided by the product setting in the Merchant Control Panel.
Currency	Required (string)
	The currency associated to the renewal price - ISO 4217 code.

Response

Boolean

true or false depending on whether or not the operation succeeded.

Update a product group

Overview

Use the updateProductGroup method to update a product group for your account.

Parameters

sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. 2Checkout throws an exception if the values are incorrect. The sessionID expires in 10 minutes.
ProductGroup	Required (object)
	The product group name is used to identify the product group and cannot be changed in API v2.0. Use API 2.5 and above to change additional characteristics of product groups.

Response

bool(true)

Request

<?php

$host   = "https://api.2checkout.com";
$client = new SoapClient($host . "/soap/4.0/?wsdl", array(
    'location' => $host . "/soap/4.0/",
    "stream_context" => stream_context_create(array(
        'ssl' => array(
            'verify_peer' => false,
            'verify_peer_name' => false
        )
    ))
));


function hmac($key, $data)
{
    $b = 64; // byte length for md5
    if (strlen($key) > $b) {
        $key = pack("H*", md5($key));
    }
    
    $key    = str_pad($key, $b, chr(0x00));
    $ipad   = str_pad('', $b, chr(0x36));
    $opad   = str_pad('', $b, chr(0x5c));
    $k_ipad = $key ^ $ipad;
    $k_opad = $key ^ $opad;
    return md5($k_opad . pack("H*", md5($k_ipad . $data)));
}

$merchantCode = "YOURCODE123"; //your account's merchant code available in the 'System settings' area of the cPanel: https://secure.2checkout.com/cpanel/account_settings.php
$key          = "SECRET_KEY"; //your account's secret key available in the 'System settings' area of the cPanel: https://secure.2checkout.com/cpanel/account_settings.php
$now          = gmdate('Y-m-d H:i:s'); //date_default_timezone_set('UTC')

$string = strlen($merchantCode) . $merchantCode . strlen($now) . $now;
$hash   = hmac($key, $string);

try {
    $sessionID = $client->login($merchantCode, $now, $hash);
}

catch (SoapFault $e) {
    echo "Authentication: " . $e->getMessage();
    exit;
}


$ProductGroup = new stdClass();
$ProductGroup->Name = 'New Product Group from API';
$ProductGroup->Code = 'DBA13A4268';
$ProductGroup->TemplateName = 'Default Template';//'001 - Two Column Billing'; //the name of the cart template you want to associate with the product group
$ProductGroup->Description = 'This is a generic description';
$ProductGroup->Enabled = false;


try {
    $UpdatedProductGroup = $client->updateProductGroup($sessionID, $ProductGroup);
}

catch (SoapFault $e) {
    echo "UpdatedProductGroup: " . $e->getMessage();
    exit;
}

var_dump("UpdatedProductGroup", $UpdatedProductGroup);


?>

Retrieve price option groups

Overview

Use the searchPriceOptionGroups to extract information on the price option groups you configured.

Parameters

sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. 2Checkout throws an exception if the values are incorrect. The sessionID expires in 10 minutes.
PriceOptionGroupSearch	Optional (object)
	Details below.

PriceOptionGroupSearch	Object
Name	Optional (string)
	The name of the pricing options groups configured in the 2Checkout system. Can be NULL.
Types	Optional (array)
	Possible values: · RADIO · CHECKBOX · INTERVAL · COMBO Can be NULL.
Limit	Optional (int)
	Number of results displayed per page. Default maximum value is 10. Can be NULL.
Page	Optional (int)
	A specific page of search results. Default value is 1. Can be NULL.

Response

PriceOptionGroup

Array of objects

Request

<?php

$host   = "https://api.avangate.com";
$client = new SoapClient($host . "/soap/3.0/?wsdl", array(
    'location' => $host . "/soap/3.0/",
    "stream_context" => stream_context_create(array(
        'ssl' => array(
            'verify_peer' => false,
            'verify_peer_name' => false
        )
    ))
));


function hmac($key, $data)
{
    $b = 64; // byte length for md5
    if (strlen($key) > $b) {
        $key = pack("H*", md5($key));
    }
    
    $key    = str_pad($key, $b, chr(0x00));
    $ipad   = str_pad('', $b, chr(0x36));
    $opad   = str_pad('', $b, chr(0x5c));
    $k_ipad = $key ^ $ipad;
    $k_opad = $key ^ $opad;
    return md5($k_opad . pack("H*", md5($k_ipad . $data)));
}

$merchantCode = "YOURCODE123"; //your account's merchant code available in the 'System settings' area of the cPanel: https://secure.2checkout.com/cpanel/account_settings.php
$key          = "SECRET_KEY"; //your account's secret key available in the 'System settings' area of the cPanel: https://secure.2checkout.com/cpanel/account_settings.php
$now          = gmdate('Y-m-d H:i:s'); //date_default_timezone_set('UTC')

$string = strlen($merchantCode) . $merchantCode . strlen($now) . $now;
$hash   = hmac($key, $string);

try {
    $sessionID = $client->login($merchantCode, $now, $hash);
}

catch (SoapFault $e) {
    echo "Authentication: " . $e->getMessage();
    exit;
}

$SearchOptions       = new stdClass();
$SearchOptions->Name = 'New Users from API';

$SearchOptions->Types = array(
    'INTERVAL',
    'RADIO',
    'COMBO',
    'CHECKBOX'
); //RADIO, CHECKBOX, INTERVAL, COMBO, INTERVAL

$SearchOptions->Limit = 10;
$SearchOptions->Page  = 1;

try {
    $existentPriceOptions = $client->searchPriceOptionGroups($sessionID, $SearchOptions);
}

catch (SoapFault $e) {
    echo "existentPriceOptions: " . $e->getMessage();
    exit;
}

var_dump("existentPriceOptionst", $existentPriceOptions);

?>

Payment flow with 2Pay Token

Overview

The 2Pay tokens generated using the 2Pay.js library can be used to place orders by following the same general flow as credit card orders (including the need and handling for the 3DS authorization process).

Availability

Available to all 2Checkout accounts.

Requirements

Using the 2Pay.js library requires a mandatory SAQ-A questionnaire to be filled in by merchants that have over 20,000 transactions per year. Below this threshold, the SAQ-A questionnaire is not mandatory but recommended.

Payment method Object structure

Field name	Type	Required/Optional	Description
EesToken	String	Required	The 2Pay token obtained by integrating the 2Pay.js library.
Vendor3DSReturnURL	String	Required	The URL address to which customers are redirected after the 3DS details get validated by the bank and the order is successfully authorized.
Vendor3DSCancelURL	String	Required	The URL address to which customers are redirected if the 3DS details were not validated or the order could not be authorized.

2Pay Token Validity

The security limitations imposed on the 2Pay token are:

10 minutes time limit - orders can only be placed within 10 minutes after the token has been generated
one order per token - once a token has been used to place an order (be it successful or not), then this is flagged as used and cannot be used again to place an order (a new token needs to be generated).

2Pay Payment Flow

The sensitive information that otherwise would have to be passed in the PaymentDetails node:

 "PaymentDetails": {
    "Type": "CC",
    "Currency": "USD",
    "PaymentMethod": {
      "CardNumber": "4111111111111111",
      "CardType": "VISA",
      "ExpirationYear": "2023",
      "ExpirationMonth": "12",
      "HolderName": "Red Doe",
      "CCID": "123",
      "Vendor3DSReturnURL": "http://yoursuccessurl.com",
      "Vendor3DSCancelURL": "http://yourcancelurl.com"
    }

are now replaced by a token generated by the 2Pay.js library.

"PaymentDetails":{
      "Type":"EES_TOKEN_PAYMENT",
      "Currency":"USD",
      "PaymentMethod":{
         "EesToken":"0cd06e64-ea85-4240-88f1-ab0edc298f08",
         "Vendor3DSReturnURL":"https:\/\/example.com",
         "Vendor3DSCancelURL":"https:\/\/example.com"
      }

By replacing the sensitive information like the credit card details with a 2Pay token, the overhead generated by handling this sensitive information and the PCI compliance requirements are greatly reduced.

Request example

The full JSON used to place an order with credit cards would look like:

{
   "Language":"en",
   "Country":"US",
   "CustomerIP":"10.10.10.10",
   "Source":"Website",
   "ExternalCustomerReference":"externalCustomerId",
   "Currency":"USD",
   "MachineId":"123456789",
   "Items":[
      {
         "Code": "5DCB30C6B0",
         "Quantity":1
      }
   ],
   "BillingDetails":{
      "FirstName":"Customer First Name",
      "LastName":"Customer Last Name",
      "CountryCode":"US",
      "State":"California",
      "City":"San Francisco",
      "Address1":"Example Street",
      "Zip":"90210",
      "Email":"example@email.com"
   },
   "PaymentDetails":{
      "Type":"EES_TOKEN_PAYMENT",
      "Currency":"USD",
      "PaymentMethod":{
         "EesToken":"0cd06e64-ea85-4240-88f1-ab0edc298f08",
         "Vendor3DSReturnURL":"https:\/\/example.com",
         "Vendor3DSCancelURL":"https:\/\/example.com"
      }
   }
}

3D Secure Flow

For more information on the 3DS flow please refer to this article.

Integration test cases

Using the test credit cards available here, follow the next steps:

Build a request in order to place a new order, with all the relevant information. Make sure that when the order is sent in the API the response contains an order object (order was placed successfully)
Handle the 3DS flows, both when 3DS is mandatory (and the shopper needs to be redirected to authorize the transaction), as well as where this is not needed (order is created with status AUTHRECEIVED or COMPLETE)
If you have any additional webhook integrations, make sure that the webhooks are correctly configured and that the notifications are received and processed successfully.

Single Sign On by subscription reference

Overview

Use the getSingleSignOn method to redirect and login shoppers automatically from your user portal into their Avangate myAccount based on subscription information. This method connects third-party user hubs with the Avangate myAccount, and allows your shoppers to seamlessly sign in to manage their information and perform tasks such as updating/changing credit card details.

Parameters

Parameter	Type/Description
sessionID	Required (string)
	Session identifier, the output of the Login method. Include sessionID into all your requests. Avangate throws an exception if the values are incorrect. The sessionID expires in 10 minutes.
subscriptionReference	Required (string)
	Unique, system-generated subscription identifier.
email	Optional (string)
	End user email address belonging to the customers associated with the subscription.
validityTime	Optional (int)
	The time, in seconds, before the single sign-on URL expires. By default, the URL expires after 10 seconds. (optional)
accessPage	Optional (string)
	The specific myAccount page you want the user to be redirected to. Possible values: view_order, my_license, change_card, my_products, user_data, order_lookup, faq - default: index page view_order - based on the SubscriptionReference, redirects shoppers to the myAccount page for the initial order that served to purchase the subscription. The Avangate system will match the subscription to the order automatically, displaying its associated myAccount view_order page. my_license - redirect shoppers to the subscription's page of myAccount based on the SubscriptionReference you provide. change_card - redirects shoppers to the subscription page of myAccount and opens up the change credit card pop-up window designed to update the payment details associated with a subscription. my_products - redirects shoppers to the myAccount page designed to list all products purchased from Avangate. https://store.YourCustomDomain.com/m...t/my_products/? user_data - redirects shoppers to the Personal Information page in myAccount https://store.YourCustomDomain.com/m...unt/user_data/? order_lookup - redirects shoppers to the Order Lookup page of myAccount. https://store.YourCustomDomain.com/m.../order_lookup/? faq - redirects shoppers to the Support page of myAccount `https://store.YourCustomDomain.com/support/` default: index page - redirects shoppers to myAccount homepage `https://store.YourCustomDomain.com/myaccount/?`
validationIp	Optional (string)
	The IP address of the shopper, necessary for security purposes. Can be an empty string or a valid IP, or null.

Response

Parameter	Type/Description
Single sign-on URL	String
	The string generated is the complete single sign-on URL pointing to Avangate myAccount, containing the unique URL. Shoppers using it log into their Avangate myAccount automatically.

Request

<?php

require ('PATH_TO_AUTH');

$subscriptionReference = 'YOUR_SUBSCRIPTION_REFERENCE';
$email = 'EMAIL@EXAMPLE.COM';
$validityTime = 50;
$accessPage = 'my_license';
$validationIp = null;

$jsonRpcRequest = array (
'method' => 'getSingleSignOn',
'params' => array($sessionID, $subscriptionReference, $email, $validityTime, $accessPage, $validationIp),
'id' => $i++,
'jsonrpc' => '2.0');

var_dump (callRPC((Object)$jsonRpcRequest, $host, true));

Overview

Parameters

Response

Request

Overview

Parameters

Response

Request

Overview

Parameters

Response

Request

Overview

Parameters

Response

Request

Overview

Parameters

Response

Request

Overview

Parameters

Response

Overview

Parameters

Response

Request

Overview

Parameters

Response

Request

Overview

Availability

Requirements

Payment method Object structure

2Pay Token Validity

2Pay Payment Flow

Request example

3D Secure Flow

Integration test cases

Overview

Parameters

Response

Request

Need help?

Not yet a Verifone customer?