Payment with GarantiPay

To get paid with GarantiPay, the first step is to initiate a payment on Craftgate. Afterwards, the payment process is completed by the user through BonusFlaş mobile application. Later, the merchant is triggered with the payment status information who has been given callback URL address in the payment initiation request.

Payment initiation with GarantiPay

URL

The endpoint and http method information to make a payment with GarantiPay are stated below.

HTTP Method	URL
`POST`	`/payment/v1/garanti-pay-payments`

Payment initiation request parameters

Parameter Name	Type	Required	Description
`conversationId`	`string`	No	"boomerang" value that can be sent with the request and received with the response. It can be used to associate different requests with each other. Usually, the order number is used that is stored in merchant own system.
`externalId`	`string`	No	It is generally used as a payment order number or basket number on the merchant side. You can search with this value later by using reporting services.
`price`	`decimal`	Yes	Total basket price. The sum of the item prices in the basket must be equal to total basket price.
`paidPrice`	`decimal`	Yes	The final amount to be paid from the card by calculating differences such as commissions and discounts. The amount to be collected from the wallet is also included in this amount. If there is an interest in the transaction, the amount with the interest added should be entered in this parameter.
`installments`	`GarantiPayInstallment[]`	No	See: GarantiPay Installment Information Installment options that is shown to the user. If not sent, payment processed as cash.
`buyerMemberId`	`number`	No	ID of the buyer that is returned from member creation.
`currency`	`Currency`	Yes	See: Currencies
`paymentGroup`	`PaymentGroup`	No	See: Payment Groups
`paymentChannel`	`string`	No	It is generally used to keep information specific to the payment channel on the merchant side. You can search with this value later by using reporting services.
`callbackUrl`	`string`	Yes	The URL to be used to send the result returned from the bank to the merchant
`bankOrderId`	`string`	No	Order id parameter to be transmitted to the bank when receiving the payment. Since it is optional, it is recommended not to send it and the orderId value is generated by Craftgate.
`clientIp`	`string`	No	IP of the buyer.
`posAlias`	`string`	No	Represents the POS that payment will be collected.
`items`	`PaymentItem[]`	Yes	(See. Payment Item Information) Payment items related to payment. You must send at least one payment item and the sum of prices must be equal to the `price` field.

GarantiPay Installment Information

Value	Description
`number`	Installment number
`totalPrice`	Total amount to be collected

Response Parameters

The parameters returned as a result of the payment transaction with GarantiPay are subject to the rules specified in the Response Formats section of the API documentation home page. In the absence of a systematic or fictional error, the sub-parameters of the object returned in the data parameter are as follows:

Parameter Name	Type	Always Exist	Description
`htmlContent`	`string`	Yes	GarantiPay HTML that will be shown to user. Return value must be base64-decoded.

Parameters Forwarded to Callback URL

The following parameters are forwarded as form variables using the HTTP POST method. The parameters included in the request to callbackUrl by Craftgate after validation are as follows:

Parameter Name	Type	Always Exist	Description
`status`	`string`	Yes	Represents GarantiPay verification status. Returns `SUCCESS` or `FAILURE`.
`conversationId`	`string`	No	Value of the`conversationId` parameter sent in the 3DSecure payment initiation
`paymentId`	`number`	No	ID of the payment which is sent when the verification is successful.
`callbackStatus`	`string`	No	Sent as a parameter, n case the bank or end user triggers the 3DS verification step again and the payment has been verified before. Status parameter will be `FAILURE` and callbackStatus parameter will be `ALREADY_RETURNED`. In case this field comes with the value of `ALREADY_RETURNED`, the status of the payment should be checked in your system and no action should be taken if it is completed.
`conversationData`	`string`	No	Returns this security parameter when response status success. Need to send this value in complete step.
`hash`	`string`	Yes	Response parameters hash value with Sha-256 Hex algorithm. You can find details below on "Creating Hash Value".

Creating Hash Value

You can make hash validation response with your hash value. You need to use Sha-256 Hex Algorithm to create hash value.

You can reach 32 characters key value from following: Merchant Panel -> Yönetim -> Üye İşyeri Ayarları -> "Üye İşyeri 3DSecure Callback Key"
You need to prepare input value as in order. Also you need to put "###" as delimiter between parameters.
For null values please put empty string ("").

threedSecureCallbackKey###status###completeStatus###paymentId###conversationData###conversationId###callbackStatus

Example of hashing procedure for following response is below. Assume that Üye İşyeri 3DSecure Callback Key value as "merchantThreeDsCallbackKeySndbox".

{
    "status": "SUCCESS",
    "conversationId": "456d1297-908e-4bd6-a13b-4be31a6e47d5",
    "paymentId": 1,
    "callbackStatus": null,
    "conversationData": null
    "hash": "e0d434155be00b99dda2c6175e3f66b7853ef352338f2f7077161700d9da262a"
}

Input value for hashing should be like:

merchantThreeDsCallbackKeySndbox###SUCCESS###1######456d1297-908e-4bd6-a13b-4be31a6e47d5###

You can hash this value via Sha-256 Hex algorithm with Üye İşyeri 3DSecure Callback Key value. Result must be equal with hash value which contains in response.

Sample Codes

You can review the sample codes in the open source Craftgate API clients.