Webhook (IPN Notification)
You can find how to handle webhooks here.
What is this webhook for?
When you want to create a Pallapay API you need to provide a Webhook URL
.
The reason is when you create a payment request for a user we will notify you about the payment status by sending payment information to your Webhook URL.
Information you will receive in your webhook URL
{
"data": {
"payment_request_id": "fd423e12ff9d4a33a14fcba6a4df54e2",
"payment_amount": "10.00000000000000",
"payment_currency": "AED",
"receiving_amount": "10.00000000000000",
"paid_cryptocurrency": "TRX",
"fee_amount": "2.40000000000000",
"fee_paid_by": "BUYER",
"payer_email_address": "[email protected]",
"payer_first_name": "John",
"payer_last_name": "Doe",
"ref_id": "49f70172ef8e48189bb3",
"merchant_id": "d6b5g6cw0gc3ui6ad3wf",
"merchant_name": "My Merchant Name",
"status": "UNPAID",
"paid_at": null,
"note": "My Note"
},
"approval_hash": "49f70172ef49f70172ef8e48189bb38e48189bb349f70172ef8e48189bb349f70172ef8e48189bb349f70172ef8e48189bb3"
}
Response Body:
Name | Example Value | Description |
---|---|---|
payment_request_id | String | Unique ID of created payment |
payment_amount | String | Payment amount in selected currency |
payment_currency | String | Selected fiat currency to pay |
receiving_amount | String (Nullable) | The amount that you will receive in your Pallapay balance (After fees, if applicable) |
paid_cryptocurrency | String (Nullable) | The cryptocurrency your user selected to pay with |
fee_amount | String (Nullable) | Payment fee in selected fiat currency |
fee_paid_by | String (Nullable) | Who paid the fees on this payment (You can choose who pay for fees in dashboard -> merchants ) |
payer_email_address | String | Payer email address |
payer_first_name | String (Nullable) | Payer first name |
payer_last_name | String (Nullable) | Payer last name |
ref_id | String (Nullable) | User payment reference ID |
merchant_id | String | Your merchant ID |
merchant_name | String | Your merchant name |
status | String ("PAID", "UNPAID" or "PENDING") | Payment status |
paid_at | String (Nullable) | Payment was done at (date/time) |
note | String (Nullable) | Custom note that you pass in creation time |
approval_hash | String | A hash to validate the request and make sure it is legit (You can see how to validated the request in next section) |
Validate the webhook call
$secretKey = "YOUR_SECRET_KEY";
$inputJson = file_get_contents('php://input');
$input = json_decode($inputJson, TRUE);
$data = $input["data"];
ksort($data);
$approvalString = implode('', $data);
$approvalHash = hash_hmac('sha256', $approvalString, $secretKey);
if ($input["approval_hash"] == $approvalHash) {
echo "Payment Request ID: " . $data["payment_request_id"] . "\n";
echo "Payment Amount: {$data["payment_amount"]} {$data["payment_currency"]}\n";
echo "Status: " . $data["status"] . "\n";
} else {
echo "Invalid Request";
}
Note: In Pallapay SDKs you can find a method to validate the webhook request easier.