When a successful payment is made on the payment link you have created, the result of the transaction is notified to the callbak_url you sent for that link in the Create Service.
NOTICE: If you have not set or do not want to specify callbak_url in the Create service, you do not need to do this integration.
NOTICE: PayTR just sends a request to the callback_url you created in the Create Service. This process has no relation with the Notification URL part in your store.
Values to be sent in POST REQUEST to your Notification URL defined for the link by the PayTR system:
Field Name | Description |
---|---|
hash | The hash value created for security purposes to check the accuracy of the values sent from the PayTR system. ( See the sample codes for the calculation.) |
merchant_oid | Order reference number generated by PayTR. |
status | If the payment is successful, it gets value as success. (In Link API, there is no callback for unsuccessful payments). |
total_amount | Total amount charged from customer (The total amount multiplied by 100 is sent. 34.56 =>3456) (Not: For example, if the payment is made in installments, the amount will be different from payment_amount.) |
payment_amount | It is the "payment_amount" value that you send in the 1st step.(The total amount multiplied by 100 is sent. 34.56 => 3456) |
payment_type | This value indicates which payment method the customer used to pay. ( card, bex etc. ) |
currency | It indicates which currency is used for payment. (‘TL’, ‘USD’, ‘EUR’, ‘GBP’, ‘RUB’) |
callback_id | Callback_id from create service |
merchant_id | Your PayTR merchant number. |
test_mode | If your merchant is in test mode, it returns as 1 |
When PayTR sends a request to your notification URL, you only need to return an OK response in plain text format.
Example: (PHP): echo "OK";
Example: (.NET): Response.Write("OK");
IMPORTANT WARNINGS:
You should not restrict access to your Callback URL by any means such as session control, etc. This is vital for the PayTR system to reach the page.
You should not display HTML or any other content before or after the “OK” response.
Callback URL is not a page which users see during payment process, thus there will be no user SESSION at this page and no SESSION values can be used. PayTR system submits a POST which contains relevant information such as callback_id.
For payments which the PayTR system does not receive an OK response from the Callback URL, the status will be displayed as "In Progress" (Devam Ediyor) on the Transactions (İşlemler) page on the Merchant Panel.
When the PayTR system can not connect to the Callback URL or does not receive the OK response from the Callback URL, PayTR system will try again after a minute. This may happen due to network issues, instant overloads on merchant stystems, etc. Thus, multiple notifications for the same payment transaction can be received on Callback URL. For this reason, in such cases, it is very important that recurring notifications should be handled correctly on Callback URL. Only the first notification should be taken into account to approve/cancel the order and the recurring ones should only be responded to by displaying OK. Recurring notifications should be checked based on callback value.
6.It is crucial for security reasons to check that the hash value in POST is the same as the hash value that will be created using the related values in POST. This is necessary to ensure that the POST request comes from the PayTR system and the values do not change during transport. Be warned that if you do not check hash value, you may face financial losses.
If the status of test payment is displayed as "Successful" (Başarılı) on the Transactions (İşlemler) page on PayTR Merchant Panel (Mağaza Paneli), the PayTR integration is complete.
If the status of test payment is displayed as "In Progress" (Devam Ediyor), it means that the PayTR system has not received "OK" response from the Callback URL. Click on the "Detail" (Detay) link of the test payment on the Transactions page and check what response PayTR system receives from the Callback URL to debug.
IMPORTANT NOTICE: Your notification URL is in the Paytr Merchant Panel > Settings > Notification URL settings section, if your site has SSL, you must set the notification URL protocol to HTTPS. If you do not have an SSL certificate, never use HTTPS links. If you have installed SSL on your site after Paytr integration, go to the Notification URL Settings section and change the protocol to HTTPS and save it. If you revoke the SSL certificate on your site after installation, go to the Notification URL Settings section and change the protocol to HTTP and save it.
<?php
$post = $_POST;
$merchant_key = 'XXXXXXXXXXXXXXXX';
$merchant_salt = 'XXXXXXXXXXXXXXXX';
$hash = base64_encode( hash_hmac('sha256', $post['callback_id'].$post['merchant_oid'].$merchant_salt.$post['status'].$post['total_amount'], $merchant_key, true) );
if( $hash != $post['hash'] )
die('PAYTR notification failed: bad hash');
if( $post['status'] == 'success' ) {
} else {
}
echo "OK";
exit;
For Link API Callback service sample codes Click to download.