🛒Checkout API

Getting started

Ottu provides a collection of APIs, which is a quick way to test the payment and enables you to process and manage payments.

Ottu APIs accept and return JSON in the HTTP body, and return standard HTTP response codes. You can create/update/get operations.

Base URLs

POST:

https://mch.com/b/checkout/v1/pymt-txn/{session_id}

These data is for showcasing!

mch: merchant

Creating Transaction (request-response)

Request required data

{
   "pg_codes":[
      "knet-test"
   ],
   "amount":"45",
   "currency_code":"KWD"
}

Response will include the below information regarding the payment gateway

{
   "code":"knet-test",
   "name":"KNET",
   "pg":"KPay",
   "type":"sandbox",
   "amount":"47.250",
   "currency_code":"KWD",
   "fee":"2.25",
   "icon":"https://mch.com/media/knet.jpg",
   "flow":"redirect",
   "redirect_url":"https://mch.com/?session_id=ac2e***"
}

Authentication

API supported methods

Basic authentication API key

Permission

The applied permissions are only those which are related to PG codes the user is allowed to use

Create payment transaction

The payment transaction should be created automatically, when the merchant knows the due amount.

Request parameters

type string optional

Defines under which plugin the transaction will be created. Default to e-commerce. Available choices: _payment_request, commerce

amount string required

The amount of the transaction. The number of decimals must correlate with the currency. Must be positive

currency_code string required

The currency code has to be added in Currency ➡️ Currencies More details https://en.wikipedia.org/wiki/ISO_4217 3 letters code

mode string optional

The default mode is "payment"

pg_codes list required

The pg code is a list of PG setting's codes. Users provide only one PG code. For Basic authentication: User can use the PG code that has permission to access to. For Api Secret Key: User can use all the PG code.

webhook_url URL optional

Where the payment result has to be sent.

redirect_url URL optional

Where the user is being redirected after the payment process gets completed. Redirect url can be set in the administration panel.

customer_id string optional

Customer id is created by a merchant. If the customer ID is presented in the Ottu checkout SDK, regardless of the mobile app being used, the customer will be prompted to save the card. This will be a checkbox for the customer to choose whether to save the card.

customer_first_name string required

For the customer's first name. Max length 64

customer_last_name string required

For the customer's first name. Max length 64

customer_email string required

Where to pass the customer’s email address. Have to be a valid email address. Max length 128

customer_phone string required

Where to pass the customer’s phone number. Max length 12

billing_address dict optional

The billing address is the customer’s registered address.

1️ line1 string required

One of the billing address parameters and should be fielded by street, house, app data.Max character Number: 128

2️ line2 string optional

For accuracy purpose, Additional address data for the line1. Max character Number: 128

3️ city string required

The city where the customer is leaving and registered. Max character Number: 40

4️ state string required

State of the customer’s city (sometimes the same as the city). Max character Number: 40

5️ countrystring required

Customer’s country ISO 3166-1 Alpha-2 code. will be validated against existing countries. Max character Number: 2

6️ postal_code string required

Postal code (maybe has different length for different countries). Max character Number: 12.

order_no string optional

Merchant unique identifier for the transaction. ABC123_1, ABC123_2. Max length: 128.

notifications dict optional

Notification events are triggered by specific states, and it can be sent in various ways, such like SMS and email.

1️ email list optional

Will be triggered at the following notification events: [“Created”, "Paid", "Canceled", "Failed", "Expired", "Authorized", "Voided", "Refunded", "Captured"] For Failed, in case payment transitions to ERROR state and FAILED state was asked to send an email for, then the customer will get an email

2️ SMS list optional

Will be triggered at the following notification events: [“Created”, "Paid", "Canceled", "Failed", "Expired", "Authorized", "Voided", "Refunded", "Captured"] For Failed, in case payment transitions to ERROR state and FAILED state was asked to send an SMS for, then the customer will get an SMS

vendor_name string optional

To pass the vendor’s name.

expiration_time date optional

Expiration time is for the payment cycle. The default value is one hour. Should be In format (HH:MM:SS). Should be consistency with order_no expiration time. In order to automatically change the state to EXPIRED, Expire Payment Transactions? field should be enabled.

from Ottu dashboard ➡️ administration panel ➡️ config ➡️ configuration page then enable field Expire Payment Transactions? , otherwise the transaction will be marked as expiry when the customer attempts to pay past expiration time.

email_recipients list optional

When the merchant wants to send email to more people.

extra dict optional

The merchant can send anything in key value form. For example,the merchant can define a validation field in extra parameters, then apply the validation. rules.

product_type string optional

Product information. Max length: 128.

language string optional

ISO 639-2 language code https://www.loc.gov/standards/iso639-2/php/code_list.php. Default language is en. Max length: 2.

Response parameters

These parameters will be returned for all the response status.

session_id string read only

Ottu unique identifier which gets generated when the transaction is created. It can be used to perform subsequent operations, like retrieve, acknowledge, refund, capture and cancelation.

operation string

Choice from ("purchase","authorize"). Depending on how the PG is being selected.

amount string

The merchant should always check if the amount he received from Ottu is the amount of the order, to avoid user changing the cart amount in between.

payment_methods list

List of dicts.

dict Dict generated according to specific pg_code from pg_codes list from request.

1️ code string

Code of the Gateway Settings instance

2️ name string

Name of the Gateway Settings instance.

3️ pg string

Name of the gateway, settings are applied to.

4️ is_sandbox bool

It is environment used for this PG settings or not

5️ icon string:URL

URL to default icon of the current gateway.

6️ flow string

Choice from ("redirect", ...).

7️ payment_url string:URL

This URL redirect to the payment page

Example of full response

 {
   "amount":"55.000",
   "checkout_url":"https://mch.com/?session_id=ac2e***",
   "currency_code":"KWD",
   "customer_id":"hazem",
   "expiration_time":"20 20:00:01",
   "language":"en",
   "mode":"payment",
   "operation":"purchase",
   "payment_methods":[
      {
    "code":"knet-test",
    "name":"KNET",
    "pg":"KPay",
    "type":"sandbox",
    "amount":"57.750",
    "currency_code":"KWD",
    "fee":"2.75",
    "icon":"https://mch.com/knet.jpg",
    "flow":"redirect",
    "redirect_url":"https://mch.com/?session_id=ac2e***"
      }
   ],
   "pg_codes":[
      "knet-test"
   ],
   "session_id":"ac2e***",
   "state":"created",
   "type":"e_commerce"
}

Update

Using a patch function is a good method of increasing trustability whenever any change gets made to the payment transaction, such as updating the amount on the card or removing items from the cart.

URL

PATCH:

https://mch.com/b/checkout/v1/pymt-txn/{session_id}

These data is for showcasing!

mch: merchant

Authentication

API supported methods

Basic authentication API key

Parameters

All the same fields from create request can be used. The type of update is partial. But some fields can be cross-validated and require other fields to be provided.

Retrieve

Get method to get information of payment transaction

URL

GET:

https://mch.com/b/checkout/v1/pymt-txn/{session_id}

These data is for showcasing!

mch: merchant

Authentication

This endpoint is public.

PreviousAuthenticationNextOperations

Last updated