Click to Pay checkout used by Merchants to receive payload data from the Click to Pay System and send the results of transaction authorisation back to the Click to Pay System. Endpoints are available to retrieve payload data and send the outcome of a payment or checkout.
The signing of the request is as per the process documented at https://developer.mastercard.com/support-article/what-authentication-requirements-are-there-to-use-the-raw-rest-protocol
The signing process and calcualtion of body hash follows draft given by Google and documented at https://tools.ietf.org/id/draft-eaton-oauth-bodyhash-00.html
For more information, please visit https://developer.mastercard.com/support.
PHP 7.4 and later. Should also work with PHP 8.0.
To install the bindings via Composer, add the following to composer.json
:
{
"repositories": [
{
"type": "vcs",
"url": "https://github.com/GIT_USER_ID/GIT_REPO_ID.git"
}
],
"require": {
"GIT_USER_ID/GIT_REPO_ID": "*@dev"
}
}
Then run composer install
Download the files and include autoload.php
:
<?php
require_once('/path/to/MastercardApiClient/vendor/autoload.php');
Please follow the installation procedure and then run the following:
<?php
require_once(__DIR__ . '/vendor/autoload.php');
$apiInstance = new MastercardApiClient\Api\CardOnFileApi(
// If you want use custom http client, pass your client which implements `GuzzleHttp\ClientInterface`.
// This is optional, `GuzzleHttp\Client` will be used as default.
new GuzzleHttp\Client()
);
$merchant_card_id = ea9862e0-f937-4b4b-932d-2653bdd55ef9; // string | Merchant Card ID for a consumer. This is returned by Save Card on File endpoint.
$x_openapi_clientid = 3f34bev5-55dc-4c2d-a971-3ec37175364k; // string | Open API key to make the server to server call to Mastercard SRCI. This ID is provided to the client during the onboarding process to make OAuth1.0 based signed requests. The value MUST match the Click to Pay Client ID present in the request body.
$src_dpa_id = b756a2b0-ef62-4c62-a6de-f72e75ce5f17; // string | Identifies the connecting client. This will be the DPA ID of the v2 merchant.
$x_src_trace_id = 39a9af3f-e27c-49f2-b924-26b74938d013; // string | Trace Id of the present checkout session. If present, can be used to trace the calls within a checkout session.
$correlation_id = 82cb0848-918c-495f-86ba-ca5130365d48; // string | Unique identifier generated by an SRC System. If an srcCorrelationId is generated and returned to a participant, it must be included in all subsequent messages sent to the SRC System within the same transaction context.
$merchant_account_id = fd569a31-1215-4cdd-8627-65a42167b902; // string | Merchant issued Account ID for a consumer. It serves as an integration check. It will be validated against, if `merchantCardId` was generated with an `merchantAccountId` in SaveCOF operation.
try {
$apiInstance->deleteCOF($merchant_card_id, $x_openapi_clientid, $src_dpa_id, $x_src_trace_id, $correlation_id, $merchant_account_id);
} catch (Exception $e) {
echo 'Exception when calling CardOnFileApi->deleteCOF: ', $e->getMessage(), PHP_EOL;
}
All URIs are relative to https://sandbox.api.mastercard.com/srci/api
Class | Method | HTTP request | Description |
---|---|---|---|
CardOnFileApi | deleteCOF | DELETE /merchantCards/{merchantCardId} | Delete a previously saved card on file. |
CardOnFileApi | saveCOF | POST /merchantCards | Saves a Card on File (COF) |
CheckoutApi | checkout | POST /checkout | Used either for Server to Server Checkout (allow the SRCI server to perform a checkout), or to obtain the encrypted transaction payload via the response. |
TransactionApi | postConfirmation | POST /checkout/confirmations | Send results of payment authorization to Unified Checkout Solutions. |
- AccountReference
- AccountReferenceData
- AccountReferenceType
- AssuranceData
- CardOnFileMaskedCard
- CardOnFileRequest
- CardOnFileResponse
- CheckoutAddress
- CheckoutCardResponse
- CheckoutDigitalCardData
- CheckoutEncryptedPayload
- CheckoutMaskedCard
- CheckoutMaskedConsumer
- CheckoutReference
- CheckoutReferenceData
- CheckoutReferenceType
- CheckoutRequest
- CheckoutResponse
- CheckoutToken
- CheckoutType
- ConfirmationData
- Detail
- Details
- DigitalCardData
- DigitalCardFeature
- DigitalCardFeatureContentType
- DpaTransactionOptions
- DynamicData
- DynamicDataType
- Error
- Errors
- MaskedAddress
- PaymentOptions
- PhoneNumber
- PlainCard
- PostbackConfirmationRequest
- TransactionAmount
- VerificationData
- VerificationType
Endpoints do not require authorization.
To run the tests, use:
composer install
vendor/bin/phpunit
This PHP package is automatically generated by the OpenAPI Generator project:
- API version:
1.3.2
- Package version:
1.0.0
- Package version:
- Build package:
org.openapitools.codegen.languages.PhpClientCodegen