Setup the merchant profile

Each merchant can configure his/her profile by accessing the Gestpay Back Office environment at:

Authentication

REST api introduces ApiKey authentication, a random token generated via Gestpay Backoffice to be used in every call. This approch has been introduced to cope with the rise of cloud hostings, where it’s difficult to always have the same public API.

The first step is to create and activate your ApiKey in your backoffice.


Please understand that if the apiKey is stolen, anyone can pretend to be you from Gestpay’s standpoint. Keep the apiKey safe and never share with anyone.

The token must be attached as header to every call to Gestpay.

Authorization:apikey R0VTUEFZNjU5ODcjI0VzZXJjZW50ZSBUZX....

For more information on how to generate and manage the apikey, please refer to the online help available on each page.

Configuration of response URLs and e-mail

GestPay communicates the transaction result with a server-to-server call to a page specifically prepared by the merchant and by directing the buyer’s browser to the pages configured by the merchant (different pages for positive or negative results).

In the Configuration > Responses section in the Back Office environment, it is possible to specify the URLs used by the system to communicate the transaction result.

In this section it is also possible to specify the addresses that will be used for e-mail notifications.


The required urls are:

In all cases, Gestpay adds these parameters to the url:

It’s also possible to overwrite these URLs during the payment/submit call, in responseURLs object (check the documentation for more details).

The status of the transactions can be:

M.O.T.O. : what happens after a transaction

M.O.T.O. stands for Mail Order - Telephone Order. Long before internet, the only way to pay without having to show the credit card was by telephone, or by mail.

In Gestpay, M.O.T.O. means that a transaction is carried out without physically handling the credit card.

M.O.T.O. is intended as the way the system should behave when receiving transactions. There are two options:


If the transaction is not carried out within 25 days (configurable), Gestpay will automatically cancel the transaction and the money will be returned to the buyer. 25 days is the maximum number of days that a transaction can be authorized before being cancelled.

M.O.T.O. settings are valid for all credit card transactions, including MasterPass, ApplePay, Hype, or token transactions.

M.O.T.O. settings are valid for every Gestpay plan. Your settings will be used to determine the transaction next state, whether you’re using Gestpay payment page, or the iFrame solution, or server-to-server calls.

Fields & Parameters configuration

Mechants may want to display or hide some fields in the payment page, or in the email response, depending on their needs; think of the buyer’s email or name. In Configuration > Fields & Parameters you can decide which parameters to show, and when.

Sending Custom Parameters to Gestpay

During the payment/create call you can also pass user-defined parameters. This is completely optional and can be useful for attaching some additional data (a sessionId, a variable, etc.) that you want to receive back when the payment is completed (or failed).

From the page Payment Page -> Fields & Parametrs, you can create custom parameter by clicking on Add parameter in the Merchant Back-Office:


Then fillout the box with your parameter’s name:


A description of the fields:

Once you have set up a new parameter (in the examples the parameter is called MYPARAM) you can send it via payment/create method.

You can code your custom parameters inside the field customInfo, in a key/value syntax.

"customInfo":{  
    "{myCustomInfo1}":"{myCustomInfoValue1}",
    "{myCustomInfo2}":"{myCustomInfoValue2}"
  }

You can retrive those parameters calling payment/details. They are also included in the payment/submit result.

For more informations about customInfo check out the API documentation.