About Pay-Jet Mobile SDK Authentication

General information about Pay-Jet Mobile SDK Authentication

This document describes the Pay-Jet SDK authentication method and the corresponding parameters for the request and the responses passed back. If a merchant develops an app of its own, this method is necessary so that secure authentication takes place via the Pay-Jet interface, independently of the app. The authentication is based on a one-off token that is exchanged between Pay-Jet and the merchant.

Further information about integration of the SDK can be found within GitHub repository at https://github.com/Computop.

Process flow chart

Process flow Mobile SDK Authentication

Cockpit interface

Definitions

Data formats

Format	Description
a	alphabetical
as	alphabetical with special characters
n	numeric
an	alphanumeric
ans	alphanumeric with special characters
ns	numeric with special characters
bool	boolean expression (true or false)
3	fixed length with 3 digits/characters
..3	variable length with maximum 3 digits/characters
enum	enumeration of allowed values
dttm	ISODateTime (YYYY-MM-DDThh:mm:ss)

Abbreviations

Abbreviation	Description	Comment
CND	condition
M	mandatory	If a parameter is mandatory, then it must be present
O	optional	If a parameter is optional, then it can be present, but it is not required
C	conditional	If a parameter is conditional, then there is a conditional rule which specifies whether it is mandatory or optional

Notice: Please note that the names of parameters can be returned in upper or lower case.

Mobile SDK authentication process

High level process overview:

Mobile SDK creates authentication request to merchant’s URL endpoint
Merchant’s URL endpoint generates AuthToken and AuthLabel
Merchant’s URL endpoint calls Pay-Jet interface with below defined parameters
Merchant’s URL endpoint receives Pay-Jet response
Merchant’s URL endpoint responds to Mobile SDK authentication request

For the authentication request, the merchant’s endpoint should accept a POST request with Content-Type: application/json and a JSON body like this:

{

"merchantID" : <Pay-Jet_MerchantID>

}

The Mobile SDK expects a JSON object as response from merchant’s endpoint, so merchant’s endpoint needs to create a JSON object with attributes from the response and also the generated AuthToken and AuthLabel like this:

{

"AuthToken“: <generated_token>,

"AuthLabel": <generated_label>,

“ExpiryDate”: <expiry_date_of_token>

"Description": <description_from_Pay-Jet_response>,

"Status": <status_from_Pay-Jet_response>,

"Code": <code_from_Pay-Jet_response>

}

Calling the interface

In order to register a one-off token for encryption on Pay-Jet Cockpit the merchant must transmit the following parameters to Pay-Jet via a server-to-server connection. Enter the following URL to do this:

https://www.payjet-cockpit.de/authtoken.aspx

Notice: For security reasons, Pay-Jet Cockpit rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

Oops, it seems that you need to place a table or a macro generating a table within the Table Filter macro.

Key	Format	CND	Description	Beschreibung
MerchantID	ans..30	M	MerchantID, assigned by Pay-Jet. Additionally this parameter has to be passed in plain language too.	HändlerID, die von Pay-Jet vergeben wird. Dieser Parameter ist zusätzlich auch unverschlüsselt zu übergeben.

Key	Format	CND	Description	Beschreibung
AuthToken	an16..56	M	Unique token generated by merchant which is used to decrypt the payment request	Eindeutiges von Händler generiertes Token, dass zur Entschlüsselung der Zahlungsanfrage verwendet wird
AuthLabel	an32..64	M	Identifier for the AuthToken used to decrypt the payment request	Bezeichner für das verwendete AuthToken zur Entschlüsselung der Zahlungsanfrage
ExpiryDate	dttm	O	End time of token validity. The maximum period of validity amounts 24 hours. If the value is not specified the token expires after 15 minutes by default.	Endzeitpunkt der Gültigkeit des Tokens. Die maximale Gültigkeitsdauer beträgt 24 Stunden. Wenn der Wert nicht angegeben ist, läuft das Token standardmäßig nach 15 Minuten ab.

Parameters for authentication request

The following table describes the result parameters with which the Pay-Jet Cockpit responds to your system

pls. be prepared to receive additional parameters at any time and do not check the order of parameters

the key (e.g. MerchantId, RefNr) should not be checked case-sentive

Oops, it seems that you need to place a table or a macro generating a table within the Table Filter macro.

Key	Format	CND	Description	Beschreibung
MID	ans..30	M	MerchantID, assigned by Pay-Jet	HändlerID, die von Pay-Jet vergeben wird

Key	Format	CND	Description	Beschreibung
Status	a..50	M	OK (URLSuccess) or FAILED (URLFailure)	OK (URLSuccess) oder FAILED (URLFailure)

Key	Format	CND	Description	Beschreibung
Description	ans..1024	M	Further details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!	Nähere Beschreibung bei Ablehnung der Zahlung. Bitte nutzen Sie nicht den Parameter Description, sondern Code für die Auswertung des Transaktionsstatus!

Key	Format	CND	Description	Beschreibung
Code	n8	M	Error code according to Cockpit Response Codes (A4 Error codes)	Fehlercode gemäß Cockpit Antwort-Codes (A4 Fehlercodes)

Key	Format	CND	Description	Beschreibung
ExpiryDate	dttm	O	End time of token validity. The maximum period of validity amounts 24 hours. If the value is not specified the token expires after 15 minutes by default.	Endzeitpunkt der Gültigkeit des Tokens. Die maximale Gültigkeitsdauer beträgt 24 Stunden. Wenn der Wert nicht angegeben ist, läuft das Token standardmäßig nach 15 Minuten ab.

Response parameters for authentication request

Page tree