Integration Guide Oxid 6


Our Oxid 6 plugin comes with regular updates and full integration support, offering a versatile out-of-the-box solution to accept online payments easily:

Currently supported payment methods:

  • Credit Cards (Visa, Mastercard, American Express, JCB, Diners Club, Maestro International, Carde Bleue)
  • Amazon Pay (V1)
  • Alipay
  • Apple Pay
  • Bancontact
  • Barzahlen
  • EPS
  • iDEAL
  • Klarna Payments
  • paydirekt
  • PAYONE secure Invoice
  • PAYONE Secured Invoice, Secured Direct Debit and Secured Installment
  • PAYONE Direct Debit
  • PAYONE open Invoice
  • PAYONE Prepayment
  • PayPal and PayPal Express
  • PostFinance Card and E-Finance
  • Przelewy24
  • Sofort
  • Ratepay Invoice, Direct Debit and Installment
  • Trustly
  • Unzer Invoice, Direct Debit and Installment
  • WeChat Pay

Keep an eye on our Release Notes to stay informed about updates and new features (i.e. payment methods, features, integration modes) we have added to this plugin!

Check out our documentation to learn how to link your store with our platform to profit from all these features!

Current Release: v1.10.0


An active PAYONE - Account is required. If you do not have one yet, please contact us.

Plugin Installation

You have 2 ways to install our plugin:

Installation via Composer

Oxid 6 uses composer for dependency management, so our extension is also installed via composer. Please perform the following steps to install the extension:

SSH to the directory of your Oxid composer.json file and perform the following command:

composer require payone-gmbh/oxid-6

Installation via Github

PAYONE - Portal configuration

To send the transaction status to the correct address, the log in to the PAYONE Merchant Interface (PMI).

Under Configuration → Payment Portals → YOUR_PORTAL → Advanced → TransactionStatus URL


Please leave the hash check set to "md5 oder sha2-384 (during migration)" to ensure correct communication between PAYONE and the store.
Additional Response-data

Under General, set the Additional Response data for both Live and Test modes to "on".

Oxid 6 - Admin configuration

Activate the module in the Oxid backend.

    Payment methods setup

    In the menu item Configuration → Payment methods both the standard payment methods of your OXID eShop and the payment methods available via PAYONE are displayed. Here you can configure the desired payment methods.

    The PAYONE payment types are an extension of the OXID standard payment types and offer additional options. To display only the PAYONE payment types, use the filter function PAYONE Only in the header of the payment type table.


    The overview shows you all PAYONE payment methods that are available for configuration. Please only configure the payment methods that have been activated for your merchant account.


    Basic Configuration

    You can recognize all PAYONE payment methods by the displayed logo.

    Field Description


    • Preauthorization - The amount to be paid is reserved in the course of the order. In this case, the debit must be initiated in a second step when the goods are delivered (Capture). The receivable is only posted after the capture has been carried out.
    • Authorize - The amount tobe paid is collected immediately when the order is placed. The receivable is immediately booked on the PAYONE platform.

    PAYONE Operating mode

    Here you can specify for the respective payment type whether the payments are to be processed in test mode or whether they are to be executed "live". You can also configure the test mode for individual payment types.


    Determines whether the payment method is available in the checkout process.


    Name of the payment method, which will be displayed in the checkout.

    Price Surcharge/ Reduction

    Here you can set a price premium/discount for the payment type. The prices can be indicated in two different ways:

    • abs - indicates the absolute price (e.g. if you enter 7.50, 7.50 euros will be charged).
    • % - calculates the price in relation to the shopping cart value. (Example: enter "2", 2% of the cart value will be added). You can also enter negative values. (Example: enter "-2", 2% of the cart value will be deducted).

    min. Credit Rating

    Here you can specify that certain payment types are only available to users/buyers who have at least the defined creditworthiness index. You can enter the credit rating index for each user under the menu item Manage User → User → Advanced.

    If you have ordered the Protect module from PAYONE, you can automatically deposit this value with the respective user / buyer using the credit check. 

    Settings for payment types without the PAYONE indicator have no effect on processing via PAYONE.

    Payment Settings

    The global configuration settings for communication with the PAYONE platform are made under PAYONE → Configuration → PAYONE Payment Settings.


    Connection Settings

    Field Description

    PAYONE Merchant ID

    You will find your PAYONE Merchant ID at the top right of the PAYONE Merchant Interface (PMI) and on all PAYONE invoices.

    PAYONE Portal ID

    Please enter the ID of the PAYONE payment portal you want to use to process the payments. The Portal ID can be found in the PAYONE Merchant Interface (PMI) under the menu item Configuration > Payment Portals.

    PAYONE Portal Key

    The configuration can be found in the PAYONE Merchant Interface (PMI) under the menu item Configuration → Payment Portals → [Edit] → Tab [Advanced] → Key

    PAYONE Sub-Account ID

    Please enter the ID of the sub-account you want to use to process the payments. The ID can be found in the PAYONE Merchant Interface (PMI) under the menu item Configuration → Accounts

    Reference number Prefix

    Here you can configure how the reference number is supplemented to ensure uniqueness for the transfer to PAYONE.

    This setting is required, for example, if you are running the extension on a test system and a production system.

    Hash Method

    This setting corresponds to the hash setting in your payment portal.

    The PMI and shop settings have to match for credit card payments to work correctly. We strongly recommend setting both to sha2!
    General information

    Field Description

    Send article list

    Here you can configure that the article information is also transferred to PAYONE.

    This option only needs to be activated if you have booked the Invoicing module with PAYONE.

    Save order before authorization

    Here you can define whether the order is already saved before the payment confirmation. These orders are then in a wait status.

    Special adjustments
    Credit Card

    The Creditcard payment method in the extension is divided into various subtypes (card brands).

    You can activate or deactivate the respective card type in the overview. You also have the option of assigning countries from which you wish to accept the card to the respective card brand. In addition, you can set for each credit card brand whether it is activated in live or test mode.

    Local card brands should only be assigned for the respective country (e.g. Carte Bleue = France). In addition, the respective card brand must have been ordered and activated for your merchant account.
    Credit Card Configuration

    The Oxid Extension offers you the conformity with the "lowest" Compliance Level according to PCI DSS (SAQ A). Since in this compliance level all credit card data may only be entered in fields hosted by a PCI DSS certified service provider, our extension uses iFrames that are integrated into the checkout. However, these do not inherit the CSS of the shop template, but contain their own style. You can use the following settings to customize these fields.


    Field Description


    Make sure to always use "hosted iFrame". Only merchants with a PCI DSS certification level of SAQ A-EP or greater are allowed to use AJAX. We still strogly suggest using hosted iFrame!


    Here you can set separate parameters for the individual fields of the credit card query.


    • Numeric - Only numbers are allowed and for mobile devices the numeric keyboard is used input type="tel".
    • Password - input type="password"
    • Text - input type="text"
    • Selection - drop-down list


    Length of the field in characters (HTML attribute size)


    Maximum length of input (HTML attribute maxlength)


    • Standard - Uses width and height from standard style
    • Custom - Uses width and height from the following fields


    CSS - Specify width


    CSS - Indication of height


    • Standard - Uses CSS specification from Standard
    • Custom - Uses CSS specification from the following field


    Specification of CSS properties for field 

    The use of the attribute "url" leads to a non-display of the field



    • Input - CSS specification for all input fields (HTML input)
    • Selection - CSS specification for all selection fields (HTML select )


    • Width - CSS specification
    • Height - CSS specification



    Enables error output in checkout related to credit card entries.


    Selection of the display language for the error messages.

    PAYONE Direct Debit

    In the direct debit area, you can make settings with regard to the SEPA procedure (Single European Payments Area).


    Field Description


    Selection of countries for which direct debit may be offered.

    Account number Display bank sort code

    For German accounts, it is still possible to display the account number and bank sort code in addition to the IBAN / BIC. With this selection you activate the display.

    Active mandate allocation

    Activates the mandate management of PAYONE.

    Download mandate as PDF

    Here you can define whether the buyer receives a download of the mandate from PAYONE at the end of the checkout.


    Field Description

    In case of missing delivery address, the billing address will be handed over as delivery address.

    If no explicit delivery address or a different delivery address has been specified, the billing address will be transmitted as the delivery address for the payment method PayPal - if the checkbox is activated.


    Activates the entry


    Language to which this entry applies. Only languages created in the OXID eShop are displayed.


    Preview of the uploaded logo, which will be used later in the checkout.


    At this point the logo can be selected. 


    If activated, the entry or logo of this entry will be the default for all languages where no logo is available.

    Unzer Payments

    Field Description

    Operate Payolution in B2B mode

    If the B2B mode is activated, it is automatically assumed that it is a B2B transaction if the "Company" field was executed when entering the address. To check the creditworthiness of the company, further information such as the commercial register number is then requested in the checkout.

    Company's name

    The full name of the company must appear here. The name will be used in the privacy policy.

    Payolution Username

    In order to retrieve the installment purchase draft contract, the user name assigned by Paysafe must be stored here.

    Payolution Password

    The password assigned by Unzer must be stored here in order to retrieve the installment purchase draft contract.


    For Ratepay Invoice to work, please add your profile ID and provide the corresponding currency.
    When B2B mode is activated and the company name specified by the user, the VAT ID no. is requested. For B2C customers the date of birth is requested instead.

    Amazon Pay

    Please enter the following URL under Integrator-URL in the item "Integration settings" in Seller Central: - the "Seller URL" may remain empty. This URL ensures that the shop receives all notifications from Amazon.

    Also please make sure to store all your shop URLs as allowed Javascript Origin in Seller Central.
    1. From the Seller Central home page, select “Integration - Integration Central” from the navigation bar on top-left side
    2. From Integration Central page, scroll down to the “Manage client ID/store ID(s)” section, and click “View client ID/store ID(s)”
    3. If you have an existing client or Store ID registered, review the configuration of the selected store. You can click on the “Edit” link on the right side to edit informatio
    4. If you click on the “Edit” button, you can edit all the details of the client configuration
    5. From STEP 3, if you click on the “Create new configuration” link on top, you will be able to create a new client configuration providing all the relevant information


    To activate the payment method, please use the button "Retrieve Amazon configuration from PAYONE". This will retrieve your customer ID and seller ID from our platform. You should then see the values in the corresponding fields.


    Please note that you can only make live payments if the payment method is approved for live payments in Seller Central.

    Field Description

    Amazon Client ID

    Displays the current Client ID

    Amazon Seller ID

    Displays the current Seller ID

    Retrieve configuration from PAYONE

    Click this button to retrieve the current configuration from PAYONE.

    This payment method won't work before the configuration has been saved!

    Amazon Button Type

    • Amazon Pay (standard) 
    • Pay (slightly smaller)
    • Amazon Pay (smallest)

    Amazon Button Color

    • Gold
    • Light grey
    • Dark grey

    Amazon Mode

    • Always Synchronous
    • Asynchronous on failure - can have better conversion rate, but can complicate your workflow

    Login method

      • Automatic - recommended setup
      • Popup - only works for SSL-secured Shops
      • Redirect

    PAYONE Secured Invoice + PAYONE Secured Installment

    These two payment methods require their own payment portal. Please enter under Customers → Payments → PAYONE → Konfiguration → applies to payment method: PAYONE Secured Invoice bzw. PAYONE Secured Installment a separate portal ID.

    If the orders are partially captured, the refunds must be created in the same amount. The background is that a new receivable is created with each capture.


    Field Description

    Paydirekt-Express button

    At this point you can choose which design of the Paydirekt-Express-Button you want to use in the checkout.

    The following buttons are available for selection:

    Green Green 2 White White 2

    Webaddress shipping terms

    Entering a webaddress for your Shipping Terms is mandatory for usage of the Paydirekt Express payment method.


    Please choose the matching deliveryset for your PaydirektExpress orders

    Editing the orders

    Orders placed via the PAYONE Extension for Oxid are listed as usual in the order overview of Oxid. Order processing differs depending on the authorization method used to process the order.


    Orders placed using the "Preauthorization" authorization method must be captured. In the order details you will find an additional tab "PAYONE". Here you can capture the order.

    The collection is then initiated on the PAYONE platform.


    Credit notes use the familiar Oxid credit note process. A click on the button "Refund" in the order opens the menu for credit notes.Here you can enter the amount credited and a reason. Important: "Refund manually" does not credit the money on the payment method, but only in Oxid. Use this option only if you do not want to transfer money back or if you use other ways than the PAYONE platform.

    Extended configurations

    Here you will find separate setting options that allow you to customize our plugin more precisely to your needs.


    Under the menu item PAYONE → Protect you can configure credit and address checks as well as bank account checks.

    Here you can specify for the credit standing check whether the checks are carried out in test or live mode.

    The Protect module must be enabled for your merchant account to use these options. Incorrect configuration leads to unwanted interruptions in the checkout process.
    Credit Assessment

    Here you can specify whether and in what form creditworthiness checks are to be carried out during the checkout process.

    Field Description

    Consumerscore check

    • Do no perform consumer score check - no request is made to the PAYONE platform.
    • Infoscore (Hard features) - Checking for hard characteristics via infoscore (e.g. consumer insolvency proceedings, arrest warrant for affidavit or enforcement of affidavit)
    • Infoscore (All features) - Examination for so-called "hard" negative features (see above) and "medium" negative features (e.g. order for payment order, enforcement order or enforcement) and "soft" negative features (e.g. collection dunning procedure initiated, continuation of out-of-court collection dunning procedure after partial payment, discontinuation of out-of-court collection dunning procedure due to hopelessness)
    • Infoscore (All features + Boniscore) - Checking for all characteristics (see above) and delivery of the BoniScore, which as a score value enables a higher selectivity for existing negative characteristics.
    • Boniverse VERITA Score - Check for VERITA-Scores via Boniversum

    Moment of consumerscore

    • Before paymenttype selection
    • After paymenttype selection - you can select the creditworthiness index for the payment type so that a check is only carried out for certain payment types.

    Lifetime credit check in days

    Number of days for which the credit standing value returned is valid. No new credit checks will be carried out for the set period for the relevant shop buyer / user until the set period expires. If this field is empty, a request is always made.

    Credit check up from minimum value of goods (€)

    Market-basket value from which a credit check is carried out. If this field is empty, a request is always made.

    Standard credit index

    The customer receives this credit rating index when he registers.

    Purpose: If the customer has not yet been checked and the check only takes place above a certain goods value, this is the credit rating index which is taken into account until the first actual check. If this field remains empty, the OXID standard is set (1000).

    Please make the settings for the credit check with caution. Incorrect configurations can result in errors in the checkout process and unwanted costs due to an increased number of queries and an unnecessarily high risk of payment defaults. You should only use the credit standing check for payment types that entail a payment default risk for you (such as open invoices or direct debits). You configure this via the setting "Credit rating index" in the configuration of the respective payment type. You should also indicate in your shop in an appropriate manner that you are conducting credit checks via infoscore Consumer Data GmbH.
    Address Validation

    Here you can specify whether and in what form the address checks should be performed and how the OXID eShop should behave if certain results apply.


    Field Description


    • Do not perform addresscheck - No address check is performed.
    • AddressCheck Basic - Address check for existence (street number, postcode, city, country) as well as addition and correction of address (possible for addresses from Germany, Austria, Switzerland, the Netherlands, Belgium, Luxembourg, France, Italy, Spain, Portugal, Denmark, Sweden, Finland, Norway, Poland, Slovakia, Czech Republic, Hungary, USA, Canada).
    • AddressCheck Person - Checking whether the person is known at the address given, checking the existence of the address and supplementing and correcting the address (Germany only).
    • Boniversum Addresscheck Basic
    • Boniversum Addresscheck Person

    Commit corrected addresses

    An address corrected by the PAYONE platform is adopted

    Check delivery address

    A different delivery address will also be checked on the basis of the selected address check.

    If the option "Apply corrected address" is selected, corrected delivery addresses will also be applied.

    If postal address is incorrect, users will be sent back to the user form

    If the described condition applies, the user is asked again to enter his invoice/delivery data in the checkout.

    Bank details check

    Here you can configure whether and in what form bank details should be checked during the checkout process when the payment type Direct Debit is selected.


    Field Description

    Check bank account

    • Inactive - No check of the bank details
    • Active - The system checks the plausibility of the account details.
    No check is made for the existence of the bank details or account coverage.
    • Active, with check against POS CRL - A check of the bank details for plausibility and a check against the POS block list is performed.
    Here, too, no check is made for the existence of the bank details or coverage of the account. The POS block file contains account connections with open chargebacks from stationary trading.

    Transaction Status redirects

    Field Description


    With this option activated, you can log activity of transactionstatus redirects. Content of this logging are landing in file fcpo_message_forwarding.log in your shops log folder.


    • Direct redirect - Using this method will directly redirect the transaction after receiving it. This mode offers a high redirection speed and a moderate transaction security.
    • Delayed by Cronjob - Instead of directly redirecting the statusmessage, this method collects incoming messages and will redirect them aftery calling a cronjob. This mode offers a very high transaction security. The speed of redirecting statusmessages depends on the setup of your server.


    For offering direct redirects without any interruptions, there is a need for having a timout for mode "Direct redirects".

    Transaction Status Forwarding

    Transaction status forwarding enables you to transfer the payment status to other systems, such as Materials Management or Logistics.

    Field Description


    The status sent by PAYONE.


    Enter the receive URL to which the status is to be forwarded.


    Number of seconds to wait until the status is accepted.

    Delete Here you can delete the respective forwarding.


    Saving saves all redirects in the database.


    You can add as many redirects as you like. Also multiple forwarding for one and the same status.

    Transaction Status Mapping

    The transaction status mapping is used to use the PAYONE status in order to have the orders processed according to your needs in an appropriate shop status.


    Field Description


    The payment type for which the mapping is to apply.

    PAYONE Status

    The status sent from PAYONE to the shop.

    Shop - Status

    The status that the orders should assume when the configured PAYONE request is processed in the shop.


    Here you can delete the respective mapping.


    Saving saves all mappings in the database.


    You can add any number of mappings. Please note, however, that only one mapping exists for a payment type and PAYONE status combination. This may lead to inconsistencies.


    Within the menu item Protocols/Logs you will find all information about processed payments, the communication with the PAYONE platform as well as the order overview.



    The Transactions submenu item displays notifications received from the OXID eShop of the transaction status of the PAYONE platform for each order and transaction. If there are any errors, you can find out here whether the transaction status was received correctly and what the current status is for a transaction.

    In the overview you can see all received and processed messages of the transaction status of the PAYONE platform. Filter options are available above the individual columns.


    Field Description


    Time at which the transaction status was received.

    order number

    The order number of the order in the OXID eShop.

    transaction number

    The unique number of the transaction (TXID). This number is assigned by the PAYONE platform.

    payment method

    The payment type used within this transaction is displayed here.

    The following abbreviations are possible:

    elv - Direct debit
    cc - credit card
    rec - invoice
    cod - cash on delivery
    sb - online bank transfer
    wlt - e-Wallet (e.g. PayPal)
    fnc - Financing (e.g. Klarna)

    customer email

    The e-mail address of the customer that was specified in the order.


    The amount in the currency used.


    This displays the status transmitted by the transaction status of the PAYONE platform.

    An explanation of the individual statuses can be found in the technical documentation of the PAYONE platform in the PAYONE Merchant Interface (PMI) under Downloads → Documentation.

    Transaction details

    After selecting an entry in the overview, you will receive all transmitted transaction status information through the PAYONE platform to your OXID eShop. This allows you to track at any time which data your OXID eShop has received and processed.

    A detailed explanation of the respective parameters can be found in the technical documentation of the PAYONE platform in the PAYONE Merchant Interface (PMI) under Downloads → Documentation.

    API logs

    In the submenu API-Logs you will find all requests from the OXID eShop to the PAYONE platform as well as the corresponding answer of the PAYONE platform.

    The only requests that are not contained in these logs are requests using the Client API. The reason for this is that these requests are sent directly from the buyer's browser (client) to the PAYONE platform for reasons of the Payment Card Industry Data Security Standard based on Ajax technology, so that your OXID eShop does not technically come into contact with sensitive credit card data.

    In the overview you will find a list of all requests from the OXID eShop to the Server API with basic information. You can filter the display in the column headers by entering search terms.


    The entire content of the Request and Response columns is searched. The content is described in more detail in the API Log Details.

    Field Description


    Time of the request.


    The channel used.


    Type of request.


    Parameter "status" from the response of the PAYONE platform to the request.
    API Log Details

    After clicking on one of the requests listed in the overview, you will see all parameters of the request sent to the PAYONE platform as well as the corresponding response from the PAYONE platform.

    A detailed explanation of the respective parameters can be found in the technical documentation of the PAYONE platform in the PAYONE Merchant Interface (PMI) under Downloads → Documentation.

    The order overview is a standard functionality of the OXID eShop. The PAYONE tab has been added to this list in order to be able to check the payment status of an order.

    Via the menu item Manage orders → Orders, which is available by default in every OXID eShop, the same overview including the PAYONE tab is displayed as under PAYONE → Protocols / Logs → Orders.


    Field Description

    order time

    Time of order


    Time for reporting the payment from the PAYONE platform.

    Order no.

    Order number of the OXID eShop.


    Name, first name of the customer.

    PAYONE reference number

    The reference number passed to the PAYONE platform for unique identification. The reference number is stored in the "reference" parameter.

    PAYONE Tab

    In the PAYONE tab you will find the transaction account in the context of the order, in which all receivables and payments are displayed. This is based on the OXID eShop requests via the Server API to the PAYONE platform as well as feedback on the transaction status from the PAYONE platform.

    You also have the option of capturing payments for pre-authorized payment transactions and refunds.


    Field Description

    reference number

    The reference number passed to the PAYONE platform for unique identification. The reference number is stored in the "reference" parameter.

    PAYONE Process number (TXID)

    The transaction number under which the transaction was processed in the PAYONE platform.

    method of payment

    Payment type with which the order was executed.

    payment details

    Depending on the payment method, detailed information about the payment is listed here. For credit card payments, the fields Card type and Masked card number are displayed here as information.


    Depending on the payment status of the order, you can trigger a credit note (refund) or carry out a payment collection (capture) at this point.

    In the accounts receivable management in the PAYONE Merchant Interface (PMI) there are more far-reaching possibilities for the execution of captures, refunds etc. available. In addition, you can trigger these transaction types via your merchandise management system or/and? via the server API of the PAYONE platform.

    transaction account

    All receivables and payments for the purchase order are displayed here in the form of a transaction account. All negative amounts are displayed in red. Click on "Time" to open the corresponding transaction status.