Redirection to the merchant website


In order for the merchant to display his result page on his website to the client at step 3 or 8 instead of the standard eCom result page, you need to pass the address of this page in the BACKREF parameter and add the redirect = true parameter to the address. In this case, the parameters of the operation result will be added to the specified address, and the client's browser will be redirected to this address using the GET method.

Added parameters:
Parameter Descriptiom
order Order number
mpi_order MPI order number
rrn RRN (returns to REF, only in case of successful operation)
res_code Operation result code:
0 - Operation completed successfully
otherwise - error code
amount Transaction amount
currency Transaction currency
res_desc Description of the result from MPI
sign Sign

For example, if you specify the address https://www.google.kz?redirect=true, then the browser will be redirected to the address:

https://www.google.kz?redirect=true&order=529619375&mpi_order=529619375&res_code=28&amount=0.9¤cy=EUR&res_desc=12123&desc=111&sign=12345678

The algorithm for verifying the signature sign is as follows: you need to collect in one line the values of all order fields in the order specified in the table, separated by the separator ";", then add this line to the value of the secret key SHARED_SECRET (this key is individual for each merchant), and calculate the value from the resulting string hash SHA512. In the lines desc, res_desc, before processing, you need to remove all line breaks. For example, in PHP it will look something like this:

vSign=hash("sha512",
C_SHARED_KEY
.$_POST["order"].";"
.$_POST["mpi_order"].";"
.$_POST["rrn"].";"
.$_POST["res_code"].";"
.$_POST["amount"].";"
.$_POST["сurrency"].";"
.preg_replace("/\n|\r/g","",$_POST["res_desc"]).";" );

Note! In the product system on the merchant's server, there must be a check of the sign value to exclude the falsification of the order result!

The secret key SHARED_SECRET should never be available to anyone outside your server!