Discussions

Ask a Question
ANSWERED

Authentication failing

Hello, I have some issues with authentication. Getting 403 Forbidden. First of all: I checked with the online tools and both the digest and the signed string are correct. Below the data: Body: {"flow": "MATCH_CODE", "amount_unit": 100, "currency": "EUR"} Digest: SHA-256=RiExudeAkbTd4TtW4nDkpDH+z1iCMOYDzlGkeikTkV4= Signed String: lA3dzYCSpwwsRC/e/nhA84jVMGGdlRcu1wXboSvE1/fGJQORxdYVcEEKIMYmqeTT4Iczid31h/X2lN3TRk7VhCJC5QHyv5U5SHRku2LfUR/ltAk+p+7EtNlkm4OR69BMirUrYNhtn+U/mdKClBz3CE61Q1w48dHnTpdqUSX05u60ql1nDP1ojxn+P+qJK9+NFAPF2AgMkXO13GTpStDiXP0C+z8AXw73A6u36tRh+cqZluYs6zqZHL7dJVgigD0hMuFYQSmcWWWpKYf+uIZqKNSILFS6fhGA07g0hymEeE6NIMg3FKW1ZdRHwiAVm19eUHLMqsnHGgaY1OL33h2dddrhJJmmGpws16tPsD8v3apRy5aw6p/RvYIbbT4yBj9j20MrAdS6AxOkpqSNI+NmI9lMKjWD9tuJymtC0GXsIftj58c1Y/uaXoIeCJeSYVibbsdWRguUnjW+8QgBIeSs2j33CpPc6S0QDROHZVgOH+b/r7zumoC5W2FyzsiDNzdTkw2bzJ20JmrCMEWQvHh3GWmfoW13I6Wqjseo8XJBiS63bc6oDwprZWJIWfiEzCSq3p0uTlz8Aw7EOEmW/2p8rYyQLsegqT4NRImMsH1xn5xAmfRGl8rtPBg2n5KNZ1jF+IBZJd2ogwFA+9gS7+iTc4I9NX6JHOm5n7SWgpCMD8M= Authorization header: Signature keyId="il8khqr7rr56ic7r7e9kcp23jof3fmrhdd8o6irjpj0gkt4302c9n37c96d0kudm9ukjrg9sd3b8ou507rg689d6i0evi4o9a0dk5apcelsntb31am2jlh9d7uirau82kjhv9putuk7of1csgta9ff9p0fjj64q3m35vli59p6kn69tuh6pjucskulslpcr8nr017ejv", algorithm="rsa-sha256", headers="(request-target) host date digest", signature="lA3dzYCSpwwsRC/e/nhA84jVMGGdlRcu1wXboSvE1/fGJQORxdYVcEEKIMYmqeTT4Iczid31h/X2lN3TRk7VhCJC5QHyv5U5SHRku2LfUR/ltAk+p+7EtNlkm4OR69BMirUrYNhtn+U/mdKClBz3CE61Q1w48dHnTpdqUSX05u60ql1nDP1ojxn+P+qJK9+NFAPF2AgMkXO13GTpStDiXP0C+z8AXw73A6u36tRh+cqZluYs6zqZHL7dJVgigD0hMuFYQSmcWWWpKYf+uIZqKNSILFS6fhGA07g0hymEeE6NIMg3FKW1ZdRHwiAVm19eUHLMqsnHGgaY1OL33h2dddrhJJmmGpws16tPsD8v3apRy5aw6p/RvYIbbT4yBj9j20MrAdS6AxOkpqSNI+NmI9lMKjWD9tuJymtC0GXsIftj58c1Y/uaXoIeCJeSYVibbsdWRguUnjW+8QgBIeSs2j33CpPc6S0QDROHZVgOH+b/r7zumoC5W2FyzsiDNzdTkw2bzJ20JmrCMEWQvHh3GWmfoW13I6Wqjseo8XJBiS63bc6oDwprZWJIWfiEzCSq3p0uTlz8Aw7EOEmW/2p8rYyQLsegqT4NRImMsH1xn5xAmfRGl8rtPBg2n5KNZ1jF+IBZJd2ogwFA+9gS7+iTc4I9NX6JHOm5n7SWgpCMD8M=" I am using .NET Core 3.1 libraries, so I cannot take the ready-made PHP SDK. I managed to capture the request data using Postman as a proxy, and here is what I am sending to your servers: content-length:63 content-type:application/json; charset=utf-8 host:authservices.satispay.com date:lun, 04 mag 2020 16:36:57 +0000 digest:SHA-256=RiExudeAkbTd4TtW4nDkpDH+z1iCMOYDzlGkeikTkV4= authorization:Signature keyId="il8khqr7rr56ic7r7e9kcp23jof3fmrhdd8o6irjpj0gkt4302c9n37c96d0kudm9ukjrg9sd3b8ou507rg689d6i0evi4o9a0dk5apcelsntb31am2jlh9d7uirau82kjhv9putuk7of1csgta9ff9p0fjj64q3m35vli59p6kn69tuh6pjucskulslpcr8nr017ejv", algorithm="rsa-sha256", headers="(request-target) host date digest", signature="lA3dzYCSpwwsRC/e/nhA84jVMGGdlRcu1wXboSvE1/fGJQORxdYVcEEKIMYmqeTT4Iczid31h/X2lN3TRk7VhCJC5QHyv5U5SHRku2LfUR/ltAk+p+7EtNlkm4OR69BMirUrYNhtn+U/mdKClBz3CE61Q1w48dHnTpdqUSX05u60ql1nDP1ojxn+P+qJK9+NFAPF2AgMkXO13GTpStDiXP0C+z8AXw73A6u36tRh+cqZluYs6zqZHL7dJVgigD0hMuFYQSmcWWWpKYf+uIZqKNSILFS6fhGA07g0hymEeE6NIMg3FKW1ZdRHwiAVm19eUHLMqsnHGgaY1OL33h2dddrhJJmmGpws16tPsD8v3apRy5aw6p/RvYIbbT4yBj9j20MrAdS6AxOkpqSNI+NmI9lMKjWD9tuJymtC0GXsIftj58c1Y/uaXoIeCJeSYVibbsdWRguUnjW+8QgBIeSs2j33CpPc6S0QDROHZVgOH+b/r7zumoC5W2FyzsiDNzdTkw2bzJ20JmrCMEWQvHh3GWmfoW13I6Wqjseo8XJBiS63bc6oDwprZWJIWfiEzCSq3p0uTlz8Aw7EOEmW/2p8rYyQLsegqT4NRImMsH1xn5xAmfRGl8rtPBg2n5KNZ1jF+IBZJd2ogwFA+9gS7+iTc4I9NX6JHOm5n7SWgpCMD8M=" Any clues as where the issue could be? I already (successfully) got 5 or 6 Key_Ids, but changing them seems to bring no luck. Any additional help would be appreciated. Thanks Stefano
ANSWERED

Authorization HEADER

good morning, I'm unsuccessfully trying the pre_authorized_payment_tokens call. I continue to answer 403. I'm generating the keys directly from your site, linking one like body: { "reason": "Monthly payment", "Callback_url": "https://mysite.com/callbacks/{uuid }" }. The result is 4p4IkKXsOziHP5bWNdh / e73499HvYhcQFUnWZ / WbJC4 =. And this string for the signature (request-target): post /g_business/v1/pre_authorized_payment_tokens host: staging.authservices.satispay.com date: ven, 18 ott 2019 14:43:51 +0000 digest: 4p4IkKXsOziHP5bWNdh/e73499HvYhcQFUnWZ/WbJC4=. Both of them generate links provided by you. But the answer is always Forbidden. I use a sandbox account.
ANSWERED

difficolta di programmazione

Buongiorno. E' richiesta del nostro committente integrare anche il pagamento con Satispay con la modalità QRCode dinamico, ossia al momento del pagamento vorremmo esporre un QRCode ed il cliente acquirente poi potrà cosi pagare attraverso l'app che ha già sul suo smatphone. Ho provato ad approfondire le vostre API (https://developers.satispay.com/docs/payment-dynamic-code) ma senza risultato. La nostra applicazione è scritta in DotNet in ambiente Windows (Windows Form). Abbiamo inteso dalle API che occorre "chiamare" un indirizzo web a cui passare dei parametri, e questa operazione la svolgiamo attraverso un oggetto proprio di DotNet (WebClient Client), ma quello che non è chiaro è: 1) Come creare la stringa URL da chiamare ed i suoi valori per il "Create paymentn" tra le tante fattibili:cURL - MATCH_CODE PHP - MATCH_CODE cURL - REFUND PHP - REFUNDcURL - PRE_AUTHORIZED PHP - PRE_AUTHORIZED cURL - MATCH_USERPHP - MATCH_USER 2) Le informazioni poi ricevute (in caso di httpCode = 200) come potranno essere convertite in QRCode al fine di essere poi interpretate dall'APP del cliente finale. Potreste, per favore, fornirmi qualche informazione in merito, se aveste qualche scheck di codice sarebbe il massimo. Nello specifico mi occorrerebbe step by step la procedura da adottare al fine di generare il QRCode dinamico.
ANSWERED

Error code 45 Forbidden

Dear support, I'm trying to perform a call for create a payment. Following the documentation and the other tools I've this request: METHOD : POST URL : https://staging.authservices.satispay.com/g_business/v1/payments HEADERS : Content-Type : application/json host : staging.authservices.satispay.com date : Wen, 19 Mar 2020 16:10:24 +0000 digest : H5BnW9D/API6OC7g3LWjGeXyLg43uKT8ZG15YCPuQpM= Authorization : Signature keyId="r95udmo9oo2tbt9q9j3gm5gekao2tbo0ph5pjpd686dp5dcrtb61d7hn0tm7jh3l1r5si4oqh1t31sbeo1urgt893v5063eningek5eird7fc9c30iqq7ai878f5o1bha6u8bso5p5i009b0dqnkeclt5grng17mfv5032h4nus2jib2oe3qluc4nkahr5m71fl1bp3e", algorithm="rsa-sha256", headers="(request-target) host date digest", signature="Yosf2ekIXU7GWpK88jWstJuLp1xTmVSA9toIAYPGydYjgKDY3U9LnLzQc6UoerevUmY8O+nSawp/38HunFag+fHOff+NI8A6VVJLCcFSlgL9Ja4JQerue8UQ4+gOfRrWqA918U9/6ERrUWX6ezeqnuci2EnET5L0hM3N7GWlvmWO5mm3S1dSC0wueKRqWn3gU+XH9tEb5wsk/Zltrj/H2PY/Mf0h7V2RkH3XBJcZMhPVcLC/5+mcKTFbjtbG9hotq8lksiPnj0eCKvXrLfNeZlgVLcdDDSfwcz7MC168inScmQKP7OpvRklxl92/buPFEVbAMGpGXk6JnKYWZzujz2EIHQlQtwPE7Xv8fQogdBPBeTegasADzeCYvGIJpcN+2NJoqnCzUTky+Um73rvJwP0cL5mSySZi2qMwhtnWZnq+SWB+QVCuICi23F6P2+n36/CkuHde72q4f5hL0XA77duYR7PXajbNyM39CsC6mLzzLr5CGYsXz23LKv1U9GqT4uuqxg3jKm08YINhu6XBYod4LkeJjB1bbaShrZoqOE5UODhySwtwTWJjG/6Pagyeijr27sRyhsYlS0mb9UmAjT2HG66/K79EHtt40lIAuZYJMiItsj/hbOV76fCoGVBVfmB25utG3S8kEHW39i9fcEcp3Xi0nVfLHfeNPi1es38=" The digest was generated from the following body: { "flow": "MATCH_CODE", "amount_unit": 100, "currency": "EUR", "description": "my_description", "callback_url": "https://myServer.com/myCallbackUrl?payment_id={uuid}", "metadata": { "order_id": "my_order_id", "user":"my_user_id", "payment_id":"my_payment", "session_id":"my_session", "key": "value" } } With the tool. Also the signature was generated with the tool from the following (and the generated private key): (request-target): post /wally-services/protocol/tests/signature host: staging.authservices.satispay.com date: Mon, 18 Mar 2019 15:10:24 +0000 digest: SHA-256=H5BnW9D/API6OC7g3LWjGeXyLg43uKT8ZG15YCPuQpM= But the response is : { "code": 45, "message": "Forbidden", "wlt": "iZt3QxnY" } Can you help me? Thanks
ANSWERED

How to obtain key_id

Hello, i created a business Sandbox account, created an app with associated account, made the rest api with clientId and secret and obtained the access_token. The problem is: - is it necessary? - why https://authservices.satispay.com/g_business/v1/authentication_keys doesn't work?
ANSWERED

How to download staging app

How can I download the staging app for testing purposes?
ANSWERED

Prestashop module v1.5.0 doesn't show both the Order Confirmation and the Payment Error screens

Hi, I write to you because the module, that I have installed on PS v1.6 platform, doesn't show the Order Confirmation message in the last page of the checkout. When the customer is redirected on the website (after the payment with Satispay), the module shows him an empty page, that seems broken. I've checked the module files (specially, the return.php) and these is what I've found: 1) When payment is closed successfully the redirect to order confirmation page happens, but as the module hasn't got neither the HOOK_ORDER_CONFIRMATION nor the HOOK_PAYMENT_RETURN, the page appears blank. 2) When an error payment occurs, instead, the module brings the customer to the Order History page, without any error message. This doesn't help the customer to understand the payment isn't close successfully. Perhaps, it would be more correct if the order confirmation page tells the customer both when the payment is closed successfully, and when an error occurs. Could you help me to solve this problem? Let me know.
ANSWERED

callback_url on Payment - Mobile App

Hello, I would like to ask about the callback_url on the Mobile App use case. #Environment The satispay deeplink is invoked with IAB (ionic plug-in) via a PWA that is run on a docker container and tested through a mobile device with chrome. On the mobile, the satispay dev apk is installed and set up with a developer account. The link I use to open the satispay app and charge is: `satispay-stag://external/generic/charge?token=${this.paymentId}&callback_url=${this.callbackUrl}` and the paymentId is the id I get by calling the endpoint `g_business/v1/payments` with the appropriate parameters, again in staging. I have tried both using the callback_url on the `g_business/v1/payments` POST call and in the url scheme as shown above in the url scheme, but neither open the url I pass to the callback_url after the payment is completed on the satispay app. The callback_urls I tried passing were an https url and a localhost url. #What happens Satispay app is launched via the browser from the PWA and the payment is made, then satispay app minimizes and displays an overlay showing that the payment has been sent. However after that I am still on the payment page of my PWA and not redirected to the page assigned to (e.g: a success page on my PWA) #Expected Behaviour Satispay app is launched via the browser from the PWA and the payment is made, then satispay app minimizes and displays an overlay showing that the payment has been sent and redirects to the url provided in the callback_url (e.g: to a success page on my PWA). --- Is there something that I am missing? Perhaps some limitations on how it is used or should be used?
ANSWERED

Callback url not invoked

Hi, I'm implementing this workflow: https://developers.satispay.com/docs/mobile-app-auth After getting the tokenId we call the Sandbox App from our App passing the tokenId and the callback url. The Sandbox App asks me to authorize the automatic payments, but when I confirm the callback url it is not called by the Satispay server. The callback url is a web service like this: http://<myserver>/payment/satispayMethodCallback It answers to all GET requests without authentication. Which could be the problem? Thank you cld
ANSWERED

Use with React

Hi, I have a React web project and I want to add Satispay. What's the best way to import it in my website? Thanks