DocumentationAPI Reference
Documentation

Get Session ID

Follow these steps to calculate a signature and retrieve a session is from payment gateway.

Suggest Edits

Signature

A Signature is a security mechanism used to verify the authenticity of payment requests with our gateway. It ensures that the request originates from your server and has not been tampered with.

📘

Signature

The Signature is a SHA-1 hash of all the parameter values, sorted alphabetically by parameter name, and appended with your secret key. This hash must be calculated dynamically for each request to the payment gateway.

Parameter Values - are parameters of your payment request, constructed based on Payment Data fields and Customer Data fields.

Quick Steps to Calculate the Signature

merchantid=gateway_test&amount=1.23&currency=EUR&orderid=1234-123456789-4321&language=de&
gender=&lastname=Mustermann&street=Hanauer+Landstrasse&zip=60322&city=Frankfurt&country=DEU
&firstname=Max&company=Powerpay21&email=tech.support%40powerpay21.com&customerip=127.1.1.1
&payment_method=1&ccn=4242424242424242&cvc_code=123&cardholder_name=Max+Mustermann&exp_month=01&exp_year=2015
  1. Sort Parameters: Arrange all parameter names in alphabetical order:
   amount=1.23
   cardholder_name=Max Mustermann
   ccn=4242424242424242
   city=Frankfurt
   company=Powerpay21
   country=DEU
   currency=EUR
   customerip=127.1.1.1
   cvc_code=123
   [email protected]
   exp_month=01
   exp_year=2015
   firstname=Max
   language=de
   lastname=Mustermann
   merchantid=gateway_test
   orderid=1234-123456789-4321
   payment_method=1
   street=Hanauer Landstrasse
   zip=60322
  1. Concatenate Parameters Values: Combine the parameter values in the sorted order:
   1.23Max Mustermann4242424242424242FrankfurtPowerpay21DEUEUR127.1.1.1123tech.support@powerpay21.com012015MaxdeMustermanngateway_test1234-123456789-43211Hanauer Landstrasse60322
  1. Append Secret: Add your secret key to the end of the concatenated string. Ensure that the secret value in the string does not include any symbols such as parentheses, apostrophes, quotation marks, or any other punctuation marks:
   1.23Max Mustermann4242424242424242FrankfurtPowerpay21DEUEUR127.1.1.1123tech.support@powerpay21.com012015MaxdeMustermanngateway_test1234-123456789-43211Hanauer Landstrasse60322[YourSecretValueHere]

📘

The “secret "is known only by you and the payment gateway. It will be sent to you by email when your onboarding complete.

  1. Calculate a SHA-1 Hex Value of the String: This hash value must be in lowercase letters:
   1.23Max Mustermann4242424242424242FrankfurtPowerpay21DEUEUR127.1.1.1123tech.support@powerpay21.com012015MaxdeMustermanngateway_test1234-123456789-43211Hanauer Landstrasse60322[YourSecretValueHere]

3b8d5f7b8d5f7b8d5f7b8d5f7b8d5f7b8d5f7b8d
  1. Combine Original Request with the Calculated Signature

Example:

   merchantid=gateway_test&amount=1.23&currency=EUR&orderid=1234-123456789-4321&language=de&gender=&lastname=Mustermann&street=Hanauer+Landstrasse&zip=60322&city=Frankfurt&country=DEU&firstname=Max&company=Powerpay21&email=tech.support%40powerpay21.com&customerip=127.1.1.1&payment_method=1&ccn=4242424242424242&cvc_code=123&cardholder_name=Max+Mustermann&exp_month=01&exp_year=2015&signature=00f05286b075aecf621b5c3db67eb5d4f612e855
  1. Perform a Server-To-Server POST Request to get a unique session_id. Check what the required request parameters are to send the POST Request:

POST https://sandbox.payabl.com/pay/payment/get_payment_widget_session

   merchantid=gateway_test&amount=1.23&currency=EUR&orderid=1234-123456789-4321&language=de&gender=&lastname=Mustermann&street=Hanauer+Landstrasse&zip=60322&city=Frankfurt&country=DEU&firstname=Max&company=Powerpay21&email=tech.support%40powerpay21.com&customerip=127.1.1.1&payment_method=1&ccn=4242424242424242&cvc_code=123&cardholder_name=Max+Mustermann&exp_month=01&exp_year=2015&signature=00f05286b075aecf621b5c3db67eb5d4f612e855
  1. Get session_id from the Successful Response

As a response, if all the steps above are done correctly, you will receive a response string with errorcode=0 (successful) and your session_id:

errorcode=0&orderid=&session_id=9e1dfb08dc01c51bc7d77ad1ab821895a92fc6e6&signature=6416b95d88adb584b02feda662074929dc2f9434&transactionid=106000172

Example: Getting Session ID

Please refer to our API Reference Get Session ID request to see how it works. Additionally, the following Postman Collection Example also shows how a Web SDK session ID is retrieved by the server-to-server request.

Updated 5 days ago

What’s Next