Skip to end of metadata
Go to start of metadata

Frontend API Endpoints

Request URL to PAYONE Frontend hosted-iFrame: https://frontend.pay1.de/frontend/v2/

The Endpoint  to Frontend Classic: https://secure.pay1.de/frontend/ should not be used for new implementations; existing implementations should be migrated

Request Parameters

Important notes for hash calculation

The UsedInHash-column defines whether the parameter value has to be included in your hash.
The parameters with a "+" must be included in the calculation of the hash value to prevent changes by the customer.

Request to Frontend

Common Parameter

Required

UsedInHash



aid

+

+


Sub-Account ID, defined by PAYONE

Format

NUMERIC(5..6)

portalid

+

+


Portal ID, defined by PAYONE

Format

NUMERIC(7)

api_version

+

+


New parameter api_version should be added to current implementations as it will be mandatory in future.

Format

LIST 
api_versionCommentDescription

3.8

Current API-version
(Default if not present)


3.9

New API-version
from 2015-01-05

New response “pending” added for “preauthorization” / “authorization”

3.10

New API-version
from 2016-06-01

Response for “customermessage” can be more specific in case of error by containing detailed error messages from external payment gateways (e.g. Ratepay, …)

3.11

New API-version
from 2018-02-01

Request “capture” with response “pending”

  • Announcement for upcoming request “refund” / response “pending”
  • Announcement for upcoming request “createaccess” / response “pending”

mode

+

+


Mode for transactions, either ‘live’ or ‘test’

Format

LIST 

valueComment

live

Transaction should be performed in live mode.

test

Transaction should be simulated

request

+

+


The type of request you would like to perform

Format

LIST 

Link to Request-Overview: Request Overview

encoding

-

+


The type of character encoding used in the request.

Format

LIST 

valueComment

ISO-8859-1

Default if not specified

UTF-8


clearingtype

+

+


Format

LIST 
valueCommentDescription / Comments
elvDebit payment

According to the new regulation on the transfer of funds (Geldtransferverordnung) address data (name, street, zip, city) is mandatory for cross border bank transfers (EEA / EWR), e.g.: CH, SM, MC, PM, JE, GG. This is mandatory from 2017-11-19.

Please use request “updateuser” to update customers address data.

This means that the whole address for bank transfers needs to be provided.

ccCredit card
recInvoice
codCash on deliverynot allowed for vauthorization, createaccess, updateaccess
vorPrepaymentnot allowed for vauthorization, createaccess, updateaccess
sbOnline Bank Transfernot allowed for vauthorization, createaccess, updateaccess
wlte-walletnot allowed for vauthorization, createaccess, updateaccess
fncFinancingnot allowed for vauthorization, createaccess, updateaccess
cshCash or Hybrid Paymentsnot allowed for vauthorization, createaccess, updateaccess

reference

+

+


Merchant reference number for the payment process (case insensitive)

Format

CHAR(1..20)
Permitted Symbols
[0-9][a-z][A-Z], .,-,_,/

customerid

-

+


Merchant's customer ID, defined by you / merchant to refer to the customer record

Format

CHAR(1..20)
Permitted Symbols
[0-9, a-z, A-Z, .,-,_,/]
  • "customerid" can be used to identify a customer record.
  • If "customerid" is used then stored customer data are loaded automatically.

invoiceid

-

+


Merchant's invoice number

Format

CHAR(1..20)

invoice_deliverydate

-

+


Delivery date (YYYYMMDD)

Format

DATE(8), YYYYMMDD

invoice_deliveryenddate

-

+


Delivery end date (YYYYMMDD)

Format

DATE(8), YYYYMMDD

invoiceappendix

-

+


Dynamic text on the invoice

Format

CHAR(1..255)

param

-

+


Individual parameter (per payment process)

Format

CHAR(1..255)

narrative_text

-

+


Dynamic text element on account statements

Format

CHAR(1..81)

(3 lines with 27 characters each) and credit card statements.

display_name

-

+


Specifies whether the customer name / company should be queried - instead of providing them in the Frontend request URL.

Format

LIST 

valueComment

yes

Name will be queried (default)

no

name/company will not be queried if all necessary data were already transferred and are correct

display_address

-

+


Specifies whether the customer address should be queried - instead of providing them in the Frontend request URL.

Format

LIST 

ValueComment

yes

Address will be queried (default)

no

Address will not be queried if all necessary data were already transferred and are correct

display_change_order

-

-


Specifies whether payment details or payment information should be displayed first.

Format

LIST 

ValueComment

no

Unchanged order (default)

yes

Changed order: Payment details are listed after the payment information.

autosubmit

-

+


Specifies whether payment details should be queried with customer interaction or with payment details provided in Frontend request URL.

Format

LIST 

ValueComment

no

no: No auto-submit (default)

yes

Payment is executed immediately without customer interaction. If the payment was successful the customer is forwarded directly to the „successurl“.

All payment data must be transmitted in this version.

successurl

o

+


URL for "payment successful"

Format

CHAR(2..255)

Scheme

<scheme>://<host>/<path>
<scheme>://<host>/<path>?<query>

scheme-pattern: [a-zA-Z]{1}[a-zA-Z0-9]{1,9}

backurl

o

+


URL for "Back" or "Cancel"

Format

CHAR(2..255)

Scheme

<scheme>://<host>/<path>
<scheme>://<host>/<path>?<query>

scheme-pattern: [a-zA-Z]{1}[a-zA-Z0-9]{1,9}

targetwindow

-

+


Specifies target window for Frontend form.

Format

LIST 

ValueComment
windowdefault
opener
top
parent
blank
self

hash

+

 


The hash code is used to prevent that a customer changes any relevant value (like payment type, your MID or the amount).

MD5 hash code SHA2-384 hash code. Details: FE - Calculation of the HASH value

Format

CHAR(1..96) lowercase
Permitted Symbols
[0-9,a-z]

Parameter ( „pre-/authorization“ )

amount

+

+


Specifies the total gross amount of a payment transaction.

Value is given in smallest currency unit, e.g. Cent of Euro; Pence of Pound sterling; Öre of Swedish krona.

The amount must be less than or equal to the amount of the corresponding booking.

Format

NUMERIC(1..10)

Permitted values

max. +/- 19 999 999 99

currency

+

+


Specifies currency for this transaction


Format

LIST 

Permitted values

 ISO 4217 (currencies) 3-letter-codes

Samples

EUR
USD
GBP

it[n]

+

+


Parameter it[n] specifies the item type of a shopping cart item.

Format

LIST 

Array

Array elements [n] starting with [1]; serially numbered; max [400]


it[n]

Comments


goodsGoods
shipment

Shipping charges


handling

Handling fee

  • Not to be used with PDT
voucherVoucher / discount
  • Not to be used with PDT

id[n]

+

+


Product number, SKU, etc. of this item

Format

CHAR(1..32)

Array

Array elements [n] starting with [1]; serially numbered; max [400]

Permitted Symbols
[0-9][A-Z][a-z][()[]{} +-_#/:]

pr[n]

+

+


Unit gross price of the item in smallest unit! e.g. cent

Format

NUMERIC(10) max. 19 999 999 99

Array

Array elements [n] starting with [1]; serially numbered; max [400]

no[n]

+

+


Quantity of this item

Format

NUMERIC(6)

Array

Array elements [n] starting with [1]; serially numbered; max [400]

de[n]

+

+


Description of this item. Will be printed on documents to customer.

Format

CHAR(1..255)

Array

Array elements [n] starting with [1]; serially numbered; max [400]

Example
de[1]=Product 1
de[2]=Product 2
de[3]=Product 3
...
de[400]=Product 400

va[n]

o

+


VAT rate (% or bp)

Format

NUMERIC(4)

Array

Array elements [n] starting with [1]; serially numbered; max [400]

Parameter („createaccess“)

productid

+

+


ID for the offer

Format

NUMERIC(1..7)

accessname

-

+


Customer's user name

Format

CHAR(1..32)

accesscode

-

+


Customer's password

Format

CHAR(1..32)

frontend_description

-

+


Confirmation text for the end customer after creating access. The transfer of HTML elements is permitted. At 10,000 characters this parameter is truncated.

Format

CHAR(1..10000)

amount_trail

-

+


Total gross amount for initial term

Must equal the sum (quantity x price) of all items for the initial term.

Required when item is submitted.

Amount can be "0" (e.g. for test period).

Format

NUMERIC(1..8), max. value 999 999 99

amount_recurring

-

+


Total gross amount of all items of one period during the subsequent term

Must equal the sum (quantity x price) of all items during the subsequent term.

Required when item is submitted.

Amount must not be "0".


Format

NUMERIC(1..8), max. value 999 999 99

period_unit_trail

-

+


Time unit for initial term

Do not use with “access_expiretime”.

Do not exceed 5 years / 60 months.

Format

LIST 
valueComment

Y

Value “length” is in years

M

Value “length” is in months

D

Value “length” is in days

period_length_trail

-

+


Duration of the initial term. Can only be used in combination with period_unit_trail.

Required when period_unit_trail is submitted.

Do not use with “access_expiretime”

Format

NUMERIC(1..4)

period_unit_recurring

-

+


Time unit for subsequent term

Do not exceed 5 years / 60 months.

Format

LIST 
valueComment

Y

Value “length” is in years

M

Value “length” is in months

D

Value “length” is in days

N

No subsequent term given

period_length_recurring

-

+


Duration of the subsequent term. Can only be used in combination with period_unit_recurring.

Required when period_length_recurring is submitted.

Format

NUMERIC(1..4)

id_trail[n]

+

+


Product number, order number, etc. of this item (initial term)

Format

CHAR(1..32)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

Permitted Symbols
[0-9][A-Z][a-z][()[]{} +-_#/:]

no_trail[n]

+

+


Quantity of this item (initial term)

Format

NUMERIC(5)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

pr_trail[n]

+

+


Unit gross price of the item (initial term) in smallest unit.

Format

NUMERIC(8) max. 999 999 99

Array

Array elements [n] starting with [1]; serially numbered; max [100]

de_trail[n]

+

+


Description of this item (initial term)

Format

CHAR(1..255)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

Example
de[1]=Product 1
de[2]=Product 2
de[3]=Product 3
...
de[100]=Product 100

ti_trail[n]

+

+


Title (initial term)

Format

CHAR(1..100)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

va_trail[n]

-

+


VAT rate (% or bp) (first term)

Format

NUMERIC(4)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

id_recurring[n]

-

+


Product number, order number, etc. of this item (subsequent term)

Format

CHAR(1..32)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

Permitted Symbols
[0-9][A-Z][a-z][()[]{} +-_#/:]

no_recurring[n]

-

+


Quantity of this item (subsequent term)

Format

NUMERIC(5)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

pr_recurring[n]

-

+


Unit gross price of the item (subsequent term) in smallest unit.

Format

NUMERIC(8) max. 999 999 99

Array

Array elements [n] starting with [1]; serially numbered; max [100]

de_recurring[n]

-

+


Description of this item (subsequent term)

Format

CHAR(1..255)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

Example
de[1]=Product 1
de[2]=Product 2
de[3]=Product 3
...
de[100]=Product 100

ti_recurring[n]

-

+


Title (subsequent term)

Format

CHAR(1..100)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

va_recurring[n]

-

+


VAT rate (% or bp) (subsequent term)

Format

NUMERIC(4)

Array

Array elements [n] starting with [1]; serially numbered; max [100]

Parameter ( personal data )

businessrelation

o

+


Value specifies business relation between merchant and customer

Format

LIST 
valueComment

b2c

Indicates business to private customer

b2b

indicates business to business customer (company)

firstname

-

-


First name of customer; optional if company is used, i.e.: you may use

  • "company"
  • or "lastname"
  • or "firstname" plus "lastname"

Format

CHAR(1..50)

lastname

-

-


Last name of customer; optional if company is used, i.e.: you may use

  • "company"
  • or "lastname"
  • or "firstname" plus "lastname"

Format

CHAR(2..50)

company

-

-


Company name of customer; The company name is optional if lastname is used, i.e.: you may use

  • "company"
  • or "lastname"
  • or "firstname" plus "lastname"

Format

CHAR(2..50)

street

-

-


Street number and name (required: at least one character)

Format

CHAR(1..50)

addressaddition

-

-


Specifies an additional address line for the invoice address of the customer.

Format

CHAR(1..50)

Samples

7th floor
c/o Maier

zip

-

-


Postcode

Format

CHAR(2..10)
Permitted Symbols
[0-9][A-Z][a-z][_.-/ ]

city

-

-


City of customer

Format

CHAR(2..50)

country

-

-


Specifies country of address for the customer

Format

LIST 

Permitted values

ISO 3166 2-letter-codes

Samples

DE
GB
US

Some countries require additional information in parameter "state"

email

-

-


email-address of customer

Format

CHAR(5..254)
Permitted Symbols
RFC 5322

telephonenumber

-

-


Phone number of customer

Format

CHAR(1..30)

birthday

-

-


Date of birth of customer


Format

DATE(8), YYYYMMDD

Samples

20190101
19991231

language

-

-


Language indicator (ISO 639) to specify the language that should be presented to the customer (e.g. for error messages, frontend display).

If the language is not transferred, the browser language will be used. For a non-supported language English will be used.

Format

LIST 

Permitted values

ISO 639-1 (Language) 2-letter-codes

gender

-

-


Gender of customer (female / male / diverse* )

Format

LIST 

Permitted values

f    
m
d

* currently not in use

personalid

-

-


Person specific numbers or characters, e.g. number of passport / ID card

Format

CHAR(1..32)
Permitted Symbols
[0-9][A-Z][a-z][+-./()]

Parameter ( delivery data )

shipping_firstname

-

-


First name of delivery address

Format

CHAR(1..50)

shipping_lastname

-

-


Surname of delivery address

Format

CHAR(1..50)

shipping_company

-

-


Company Name of the delivery address

Format

CHAR(2..50)

shipping_street

-

-


Street number and name of delivery address

Format

CHAR(2..50)

shipping_zip

-

-


Postcode of delivery address

Format

CHAR(2..10)
Permitted Symbols
[0-9][A-Z][a-z][_.-/ ]

shipping_city

-

-


City of delivery address

Format

CHAR(2..50)

shipping_country

-

-


Specifies country of delivery address for the customer

Format

LIST 

Permitted values

ISO 3166 2-letter-codes

Samples

DE
GB
US

Some countries require additional information in parameter shipping_state

Parameter („autosubmit“ - credit card)

cardholder

-

-


Cardholder of credit card.


Format

CHAR(1..50)

cardpan

+

-


Primary account number of credit card

Format

NUMERIC(13..19)

  • if your system handles "cardpan" directly you can not be PCI DSS SAQ A compliant.
  • for simple PCI DSS SAQ A compliance please use PAYONE hosted iFrames together with pseudocardpan.

cardtype

+

-


Card type of credit card

Format

LIST 
valueCommentBIN-Range for automatic card type detection

V

Visa

4

M

MasterCard

51-55,2221-2720

A

American Express

34, 37
DDiners / Discover

300-305,3095,36,38,39

601, 64, 65

CDiscover

J

JCB

3528-3589

O

Maestro International

50, 56-58,602, 61, 620, 627, 63, 67
PChina Union Pay62212600-62299800,624-626, 6282-6288
UUATP / Airplus1220, 1920 -> coming soon; not available yet
Ggirocard68 *

*girocard is currently only viable for e-commerce-payments via Apple Pay.

cardexpireyear

+

-


Credit card expiry year YYYY


Format

NUMERIC(4), YYYY

cardexpiremonth

+

-


Credit card expiry month MM


Format

NUMERIC(2), MM

cardcvc2

o

-


Credit card security number

Format

NUMERIC(3..4)

For SAQ A compliance: PAYONE Frontend hosted iFrame must be used. This parameter must not be used.

Parameter („autosubmit“ - direct debit)

iban

o

-


IBAN to be used for payment or to be checked

Format

CHAR(10..34)
Permitted Symbols
[0-9][A-Z]

bic

o

-


Bank Identifier Code to be used for payment or to be checked

Format

CHAR(8 or 11) Only capital letters and digits, no spaces
Permitted Symbols
[0-9][A-Z]

BIC is optional for all Bank transfers within SEPA. For Accounts from Banks outside of SEPA, BIC is still required. 

bankaccountholder

-

-


Account holder


Format

CHAR(1..50)

bankcountry

o

-


Account type/ country for use with BBAN (i.e. bankcode, bankaccount): DE

DE: Mandatory with bankcode, bankaccount, optional with IBAN

For other countries than DE please use IBAN or IBAN/BIC

Format

LIST 

bankaccount

o

-


Account number (BBAN)

  • DE: bankcountry, bankcode and bankaccount may be used. Then IBAN will be generated by PAYONE platform and used for SEPA transactions.
  • Not DE: Please use IBAN or IBAN / BIC.

Format

NUMERIC(1..10)

bankcode

o

-


Sort code (BBAN) (only in DE)

  • DE: bankcountry, bankcode and bankaccount may be used. Then IBAN will be generated by PAYONE platform and used for SEPA transactions.
  • Not DE: Please use IBAN or IBAN / BIC.

Format

NUMERIC(8)

mandate_identification

o

+


A SEPA mandate can be created if a payment is initiated (amount > 0). Can be used to enforce a merchant specific mandate identification. The mandate_identification has to be unique.

Format

CHAR(1..35)
Permitted Symbols
[A-Z,a-z,0-9,+,-,.,(,)]

If the mandate_identification is not set PAYONE will create an unique mandate identification (pattern: PO-nnnnnnnnnn).

PPS (PAYONE Payment Service): This parameter must not be used! For PPS the PAYONE platform defines the mandate_identification

Parameter („autosubmit“ - Online transfer)

onlinebanktransfertype

+

-


Format

LIST 

Value

Comment

Server-APIClient-API

Frontend

BCTBancontact(tick)(tick)(minus)
EPSeps – online transfer (AT)(tick)(tick)(tick)
GPYgiropay (DE)(tick)(tick)(tick)
IDLiDEAL (NL)(tick)(tick)(tick)
MBCMultibanco(tick)(tick)(minus)
MYBMyBank(tick)(tick)(minus)
P24Przelewy24 (PL)(tick)(tick)(tick)
PFFPostFinance E-Finance (CH)(tick)(tick)(tick)
PFCPostFinance Card (CH)(tick)(tick)(tick)
PNTSOFORT Überweisung(tick)(tick)(tick)
TRLTrustly(tick)(tick)(minus)
VKPVerkkopankki(tick)(tick)(minus)

bankcountry+-

Account type/ country for use with BBAN (i.e. bankcode, bankaccount): DE

DE: Mandatory with bankcode, bankaccount, optional with IBAN

For other countries than DE please use IBAN or IBAN/BIC

Format

LIST 

iban

o

-


IBAN to be used for payment or to be checked

Format

CHAR(10..34)
Permitted Symbols
[0-9][A-Z]

bic

o

-


Bank Identifier Code to be used for payment or to be checked

Format

CHAR(8 or 11) Only capital letters and digits, no spaces
Permitted Symbols
[0-9][A-Z]

BIC is optional for all Bank transfers within SEPA. For Accounts from Banks outside of SEPA, BIC is still required. 

bankaccount

o

-


Account number (BBAN)

  • DE: bankcountry, bankcode and bankaccount may be used. Then IBAN will be generated by PAYONE platform and used for SEPA transactions.
  • Not DE: Please use IBAN or IBAN / BIC.

Format

NUMERIC(1..10)

bankcode

o

-


Sort code (BBAN) (only in DE)

  • DE: bankcountry, bankcode and bankaccount may be used. Then IBAN will be generated by PAYONE platform and used for SEPA transactions.
  • Not DE: Please use IBAN or IBAN / BIC.

Format

NUMERIC(8)

bankgrouptype

o

-


Issuer of Online-Bank-Transfer used for iDEAL and EPS

Format

LIST 

Parameter („autosubmit“ - e-wallet)

wallettype

+

-


Used with "clearingtype=wlt" to identify wallet payment types

Format

LIST 
ValueCommentServer-APIClient-APIChannel Frontend
ALPAlipay(tick)(tick)(tick)
AMZAmazon Payments(tick)(tick)(minus)
MPA

Masterpass (Deprecated)

(tick)(tick)(minus)

PDT

paydirekt

(tick)(tick)(tick)

PPE

PayPal

(tick)(tick)(tick)
PSCpaysafecard(tick)(tick)(minus)
QIWQiwi(tick)(tick)(minus)

Parameter („autosubmit“ - Financing)

financingtype

+

-


Used with "clearingtype=fnc" to identify Financing type

Format

LIST 

ValueCommentServer-APIClient-APIFrontend

RPV

Ratepay Open Invoice

(tick)(tick)(tick)

RPS

Ratepay Installments

(tick)(tick)

RPP

Ratepay Prepayment

(tick)(tick)(tick)

RPD

Ratepay Direct Debit

(tick)(tick)(tick)

PYV

Unzer Invoice

(tick)(tick)

PYS

Unzer Installment

(tick)(tick)

PYM

Unzer Monthly

(tick)(tick)

PYD

Unzer Direct Debit

(tick)(tick)
PPIPayPal Installment(tick)(tick)

KLV

Klarna Checkout Invoice

(tick)(tick)

KLS

Klarna Checkout Installment

(tick)(tick)
KISKlarna Payments "Slice it" (Installments)(tick)

KIVKlarna Payments "Pay now" (Invoice)(tick)

KDDKlarna Payments "Pay now" (Direct Debit)(tick)

KBTKlarna Payments "Pay now" (Bank Transfer)(tick)



  • No labels