POLi
Learn how to accept POLi payments.
POLi is a real-time online payment service. It integrates with major banks throughout Australia and enables consumers to pay easily online, directly from their internet banking accounts. The automated payment process uses cleared funds from a debit account to pay for consumer purchases, without accessing any sensitive personal data. Once a transaction is successful, POLi provides both the consumer and merchant with real-time receipts.
Supported banks include ANZ, Bank of Melbourne, BOQ, BankSA, Bankwest, Bendigo Bank, Citibank, Commonwealth Bank, CUA, IMB Building Society, ME Bank, NAB, Newcastle Permanent, People's Choice Credit Union, St. George Bank, Suncorp, Westpac.
Payment type | Online banking |
Market | Australia, New Zealand |
Customer currencies | AUD, NZD |
Processing currencies | AUD, NZD |
Refunds | No |
General flow:
POST Request -> to /payment_preauthorize
<- Response (direct, synchronous) with status=0&errormessage=pending and redirect_url
Customer is redirected to redirect_url to complete payment
<- Response (direct, synchronous) with status=0 (or decline) to return_url
<- Callback (asynchronous) with errorcode=0 to notification_url
Step 1. Make a transaction request
From your server, make a POST /payment_preauthorize request.
POST https://sandbox.payabl.com/pay/backoffice/payment_preauthorize
Include in request:
Parameter | Format | Description |
---|---|---|
merchantid | 40 characters | Merchant identification number assigned during account creation |
orderid | max. 30 characters | The field orderid is optional and exclusively for the merchants' convenience |
amount | digits only, either no decimals or two decimal places (e.g. 8 or 8.50) | Transaction’s total amount that will be deducted from the customer |
currency | 3 characters. ISO 4217 | The currency field contains the alpha-3 currency code for the transaction. Links to ISO. Supported currencies: AUD, NZD |
payment_method | 5 | payabl. Payment methods IDs |
signature | 40 characters | Signature Calculation2 |
bankcountry | 2 characters. ISO 3166-1 | Customer country. Supported countries: CN |
custom2 | poli | The name of payment method |
accountname | 3-100 characters | Customer account name |
email | max. 50 characters | Customer email. An RFC 822 compliant email address |
firstname | max. 50 characters | First name of the customer |
lastname | max. 50 characters | Last name of the customer |
url_return | max. 255 characters starting with http or https | URL for customer redirection |
You can see a full list of parameters in Pre-Authorization.
Request example:
merchantid=gateway_test&orderid=Payabl-Test&amount=19.99¤cy=AUD&payment_method=5&language=en&customerip=2.22.75.244&[email protected]&
firstname=John&lastname=Doe&zip=4702&street=Walder Crescent&house=95&city=Alton Downs&country=AUS&accountname=John Doe&bankcountry=AU&custom2=poli&
url_return=http://dev-sim-ng.inatec.local/~simdad/InatecResponse/redirect_response.php¬ification_url=https://api.powercash.de/simulation/billing_response.php&
signature=d3d1731c52fdb5ca6d52ac85ba535f53be63ec9d
Public Sandbox information
Do not use your personal email address, Order ID with sensitive information, real customer details and credit card data in the public Sandbox. For email field you may use [email protected].
Redirection to
url_return
does not confirm that the transaction is successful. Always check the transaction vianotification_url
or use the diagnose interface to get the final status of the transaction.
Step 2. Handle the redirect
To complete the payment, you need to redirect the customer to the URL provided in the response.
Response example:
transactionid=104582141&transid=104582141&status=0&errormessage=pending&errmsg=pending&amount=19.99&price=19.99¤cy=AUD&
orderid=Payabl-Test&payment_method=5&fail_reason=&redirect_secret=GFUFPbxIoHK7O8Dad1kO8Qzu9AkWAPqe&ppro_id=877698470&
payment_guarantee=&redirect_url=https%3A%2F%2Fr3.girogate.de%2Fti%2Fsimideal%3Ftx%3D877698470%26rs%3DQjAoDRjCYKJ5kdcubbO0
j59KnZwZ47Em%26cs%3Deac6b9d3a19918d3fcc28ee9397a6bd939a7eddc6940699de89e50731f0a52eb&user_id=506801
Response fields reference:
Parameter | Description |
---|---|
transactionid | payabl. internal transaction id. Please use this transaction id when referring to the transaction in communications with the payabl. team |
transid | The same as transactionid |
status | Transaction error code |
errormessage | Brief explanation of transaction decline reason (empty on success) |
errmsg | The same as errormessage |
amount | Transaction amount |
price | The same as amount |
currency | Transaction currency |
orderid | Optional transaction identifier given by the merchant |
ppro_id | Payment system's transaction id |
fail_reason | Payment system's explanation of fail reason |
redirect_secret | Signature for redirection to the payment system's iframe (no actions needed) |
redirect_url | URL for customer redirection to finalize the payment (URL encoded) |
payment_guarantee | Payment system technical field |
user_id | Payment system user identifier |
Step 3. Receive the final status
Once the customer completes the payment, we will send a notification with the transaction's final status to the notification_url
specified by you.
Payment methods that are connected through PPRO have a callback structure different from other payment methods. Please note that payabl. transaction ID is not passed in them, so you will need to identify the transaction in question by the Order ID (which is passed in the TXID field). Also, notification signature for PPRO is calculated in the same way as signature for requests.
Notification example:
TAG=poli&TXID=Payabl-Test&PAYMENTGUARANTEE=NONE&REQUESTSTATUS=SUCCEEDED&HASH=f057cb4f37ef03e60f461bcfaf6c3ff40eb4ce2d&
STATUS=SUCCEEDED&ERRMSG=
Notification fields reference:
Parameter | Description |
---|---|
TAG | PPRO payment method identifier |
PAYMENTGUARANTEE | Payment system technical field |
REQUESTSTATUS | Request status (technical field) |
STATUS | Transaction status (SUCCEEDED for success) |
ERRMSG | Brief explanation of transaction decline reason (empty on success) |
TXID | payabl. order ID - optional transaction identifier given by the merchant |
HASH | Signature to verify the authenticity of the notification. You can find more information here |
url_return
andnotification_url
should be passed by you in the Pre-authorization request.Alternatively, you can communicate a
notification_url
to be used by default to payabl. technical team. By doing so, you won't need to send it in every request.
Updated over 1 year ago