Processing Methods

The Intrapay API allows you to process transactions in two distinct ways: STP Direct and Web Redirect. STP direct should be used for relatively low risk transactions with verified customers that can handle non-3D secure payments with their banks. The Web Redirect method may be required by your Acquirer for PCI Compliance and set as mandatory (in this case the user finalises the transaction on the 3rd party site or server).


STP Direct

The STP Direct method is one of the easiest way to securely integrate with the Intrapay system through the World Wide Web (HTTPS).

To implement this method:

  1. The merchant securely obtains all the information needed to start a transaction;
  2. The merchant then initiates a HTTPS POST method to the Intrapay endpoint URL with all the necessary information (sent as url-encoded key-value pairs);
    URL: payment.intrapay.com/transaction/execute
  3. The system will respond back to the Merchant with the result of the transaction;
  4. The Merchant shows the result of the transaction to the end user.

STP Direct Fields

Order (pSign)Field NameDetailsMinMaxTypeRequired
01merchantIDMerchant id supplied by Intrapay18NumberYes
02amountThe purchase amount (ex. 1.99)112DecimalYes
03currencyThe purchase currency (ISO 4217)33StringYes
04orderIDThe unique Merchant Order ID164StringYes
05returnURLMerchant URL that will handle the customer redirect back1300StringNo
06notifyURLMerchant URL for server to server asynchronous notifications1300StringNo
07customerIPCustomer's IP (IPv4 only)750StringYes
08customerForwardedIPCustomer's IP forwarded by proxies (IPv4 only)750StringNo
09customerUserAgentCustomer's browser type1200StringNo
10customerAcceptLanguageCustomer's browser language set160StringNo
11customerEmailCustomer's email address1120StringYes
12customerPhoneCustomer's telephone number716StringYes
13customerFirstNameCustomer's first name1128StringYes
14customerLastNameCustomer's last name1128StringYes
15customerAddress1Customer's address line 11128StringYes
16customerAddress2Customer's address line 21128StringNo
17customerCityCustomer's city name1128StringYes
18customerZipCodeCustomer's zip / postal code116StringYes
19customerStateProvinceCustomer's state / province1128StringNo*
20customerCountryCustomer's country code (ISO 3166-2)22StringYes
21customerDobCustomer's Date of Birth (yyyy-mm-dd)1010StringNo*
22cardNumberCustomer's card number1226StringYes
23cardCVV2Customer's card security card code36StringNo*
24cardExpiryDateCustomer's card expiration date; format [mmyy]44StringYes
25cardHolderNameCustomer's card holder name (Name on Card)364StringNo*
26routingStringGateway bank route if option is available164StringNo
27saveCardRegister the Credit Card details for future recurrent transactions (flag: `1` enable)11EnumNo
28descriptionTransaction or Product short description164StringNo
29csidPlease contact techsupport if you need to pass this parameter11000StringNo*
30threeDSecureInfoJson encoded field that contains 3DS info. Example Format: {"eci":"","status":"","cavv":"","xid":"","cavv_algorithm":""}11000StringNo
31pSignThe SHA signature used to secure protocol4040StringYes

* Please note that some Gateways / Banks do not support/use these parameters, or may consider them as mandatory! Our technical team will specify if any of these are required/supported.

Example STP Direct Request:

[POST URL] https://payment.intrapay.com/transaction/execute

[POST PARAMS]

<?php
    	
require_once("classes/Api.php");
    	
$endPointUrl = "https://payment.intrapay.com/transaction/execute";	// api name to be process
$passCode = "PASSCODE_GOES_HERE"; //your pass Code

$postData["merchantID"] = "MERCHANT_ID_GOES_HERE"; //your merchant ID
$postData["amount"] = "2.11";
$postData["currency"] = "CURRENCY_GOES_HERE"; //your assign currency
$postData["orderID"] = rand (100000,999999); //unique order ID
$postData["returnURL"] = "";
$postData["notifyURL"] = "http://mysite.com/notify";
$postData["customerIP"] = "188.26.48.48";
$postData["customerForwardedIP"] = "";
$postData["customerUserAgent"] = "";
$postData["customerAcceptLanguage"] = "";
$postData["customerEmail"] = "test@test.com";
$postData["customerPhone"] = "8008828181";
$postData["customerFirstName"] = "John";
$postData["customerLastName"] = "Doe";
$postData["customerAddress1"] = "Address St 1";
$postData["customerAddress2"] = "Address St 2";
$postData["customerCity"] = "Los Angeles City";
$postData["customerZipCode"] = "92929";
$postData["customerStateProvince"] = "CA";
$postData["customerCountry"] = "US";
$postData["customerDob"] = "2010-10-12";
$postData["cardNumber"] = "4773654827386427";
$postData["cardCVV2"] = "777";
$postData["cardExpiryDate"] = "1020";
$postData["cardHolderName"] = "John Doe";
$postData["routingString"] = "";
$postData["saveCard"] = "";
$postData["description"] = "";
$postData["csid"] = "";
$postData["threeDSecureInfo"] = "";

try {
	$api = new Api();
   
	$data = $api->generatePsign( $passCode, $postData );
   
	echo $api->apiCurlRequest( $data , $endPointUrl);
   
} catch (Exception $e) {
	echo "Caught exception: ",  $e->getMessage(), "\n";
}
   
?>
<%@ page language="java" contentType="text/html; charset=UTF-8"
	pageEncoding="UTF-8" %>
<%@ page import="java.net.*, java.util.*, com.intrapay.util.*" %>
<%
	String endPointUrl = "https://payment.intrapay.com/transaction/execute";
	String passCode = "PASSCODE_GOES_HERE"; //your pass Code
	String merchantID = "MERCHANT_ID_GOES_HERE"; //your merchant ID
	String amount = "2.11";
	String currency = "CURRENCY_GOES_HERE"; //your assign currency
	String orderID = new Random().nextInt(999999) + ""; // unique order ID
	String returnURL = "";
	String notifyURL = "http://mysite.com/notify";
	String customerIP = "188.26.48.48";
	String customerForwardedIP = "";
	String customerUserAgent = "";
	String customerAcceptLanguage = "";
	String customerEmail = "test@test.com";
	String customerPhone = "8008828181";
	String customerFirstName = "John";
	String customerLastName = "Doe";
	String customerAddress1 = "Address St 1";
	String customerAddress2 = "Address St 2";
	String customerCity = "Los Angeles City";
	String customerZipCode = "92929";
	String customerStateProvince = "CA";
	String customerCountry = "US";
	String customerDob = "2010-10-12";
	String cardNumber = "4773654827386427";
	String cardCVV2 = "777";
	String cardExpiryDate = "1020";
	String cardHolderName = "John Doe";
	String routingString = "";
	String saveCard = "";
	String description = "";
	String csid = "";
	String threeDSecureInfo = "";

	String pSign = PSignUtil.generatePSign(passCode + merchantID + amount + currency + orderID + returnURL + 
		notifyURL + customerIP + customerForwardedIP + customerUserAgent + customerAcceptLanguage + 
		customerEmail + customerPhone + customerFirstName + customerLastName + customerAddress1 + 
		customerAddress2 + customerCity + customerZipCode + customerStateProvince + customerCountry + 
		customerDob + cardNumber + cardCVV2 + cardExpiryDate + cardHolderName + 
		routingString + saveCard + description + csid + threeDSecureInfo);
		
	String and = "&";
	StringBuffer requestData = new StringBuffer();

	requestData.append("merchantID=" + merchantID);
	requestData.append(and + "amount=" + amount);
	requestData.append(and + "currency=" + currency);
	requestData.append(and + "orderID=" + orderID);
	requestData.append(and + "returnURL=" + URLEncoder.encode(returnURL, "UTF-8"));
	requestData.append(and + "notifyURL=" + URLEncoder.encode(notifyURL, "UTF-8"));
	requestData.append(and + "customerIP=" + customerIP);
	requestData.append(and + "customerForwardedIP=" + customerForwardedIP);
	requestData.append(and + "customerUserAgent=" + customerUserAgent);
	requestData.append(and + "customerAcceptLanguage=" + customerAcceptLanguage);
	requestData.append(and + "customerEmail=" + customerEmail);
	requestData.append(and + "customerPhone=" + customerPhone);
	requestData.append(and + "customerFirstName=" + customerFirstName);
	requestData.append(and + "customerLastName=" + customerLastName);
	requestData.append(and + "customerAddress1=" + customerAddress1);
	requestData.append(and + "customerAddress2=" + customerAddress2);
	requestData.append(and + "customerCity=" + customerCity);
	requestData.append(and + "customerZipCode=" + customerZipCode);
	requestData.append(and + "customerStateProvince=" + customerStateProvince);
	requestData.append(and + "customerCountry=" + customerCountry);
	requestData.append(and + "customerDob=" + customerDob);
	requestData.append(and + "cardNumber=" + cardNumber);
	requestData.append(and + "cardCVV2=" + cardCVV2);
	requestData.append(and + "cardExpiryDate=" + cardExpiryDate);
	requestData.append(and + "cardHolderName=" + cardHolderName);
	requestData.append(and + "routingString=" + routingString);
	requestData.append(and + "saveCard=" + saveCard);
	requestData.append(and + "description=" + description);
	requestData.append(and + "csid=" + csid);
	requestData.append(and + "threeDSecureInfo=" + URLEncoder.encode(threeDSecureInfo, "UTF-8"));
	requestData.append(and + "pSign=" + pSign);

	String result = ServerPost.post(requestData.toString(), endPointUrl);
%>
<%=result%>
var request = require('request');
var querystring = require('querystring');

/*
 * 
 * Merchant's Data Variables.
 * 
 */
var postUrl = 'https://payment.intrapay.com/transaction/execute'; //api name to be process
var passCode = 'PASSCODE_GOES_HERE'; //your pass Code
var merchantID = 'MERCHANT_ID_GOES_HERE'; //your merchant ID
var amount = '2.11';
var currency = 'CURRENCY_GOES_HERE'; //your assign currency
var orderID = Date.now(); // unique order ID
var returnURL = '';
var notifyURL = 'http://mysite.com/notify';
var customerIP = '188.26.48.48';
var customerForwardedIP = '';
var customerUserAgent = '';
var customerAcceptLanguage = '';
var customerEmail = 'test@test.com';
var customerPhone = '8008828181';
var customerFirstName = 'John';
var customerLastName = 'Doe';
var customerAddress1 = 'Address St 1';
var customerAddress2 = 'Address St 2';
var customerCity = 'Los Angeles City';
var customerZipCode = '92929';
var customerStateProvince = 'CA';
var customerCountry = 'US';
var customerDob = '2010-10-12';
var cardNumber = '4773654827386427';
var cardCVV2 = '777';
var cardExpiryDate = '1020';
var cardHolderName = 'John Doe';
var routingString = '';
var saveCard = '';
var description = '';
var csid = '';
var threeDSecureInfo = '';

/*
*
* Generate pSign
*
*/
var crypto = require('crypto'), shasum = crypto.createHash('sha1');

shasum.update(passCode + merchantID + amount + currency + orderID + returnURL + 
		notifyURL + customerIP + customerForwardedIP + customerUserAgent + customerAcceptLanguage + 
		customerEmail + customerPhone + customerFirstName + customerLastName + customerAddress1 + 
		customerAddress2 + customerCity + customerZipCode + customerStateProvince + customerCountry + 
		customerDob + cardNumber + cardCVV2 + cardExpiryDate + cardHolderName + 
		routingString + saveCard + description + csid + threeDSecureInfo);
		
var pSign = shasum.digest('hex');

/*
*
* Ready HTTP Post with url-encoded data
*
*/

var data = {
		'passCode' : passCode,
		'merchantID' : merchantID,
		'amount' : amount,
		'currency' : currency,
		'orderID' : orderID,
		'returnURL' : returnURL,
		'notifyURL' : notifyURL,
		'customerIP' : customerIP,
		'customerForwardedIP' : customerForwardedIP,
		'customerUserAgent' : customerUserAgent,
		'customerAcceptLanguage' : customerAcceptLanguage,
		'customerEmail' : customerEmail,
		'customerPhone' : customerPhone,
		'customerFirstName' : customerFirstName,
		'customerLastName' : customerLastName,
		'customerAddress1' : customerAddress1,
		'customerAddress2' : customerAddress2,
		'customerCity' : customerCity,
		'customerZipCode' : customerZipCode,
		'customerStateProvince' : customerStateProvince,
		'customerCountry' : customerCountry,
		'customerDob' : customerDob,
		'cardNumber' : cardNumber,
		'cardCVV2' : cardCVV2,
		'cardExpiryDate' : cardExpiryDate,
		'cardHolderName' : cardHolderName,
		'routingString' : routingString,
		'saveCard' : saveCard,
		'description' : description,
		'csid' : csid,
		'threeDSecureInfo' : threeDSecureInfo,
};

var formData = querystring.stringify(data);
var contentLength = formData.length;
var headers = {
    "Content-Length" : contentLength,
    "Content-Type" : "application/x-www-form-urlencoded",
}

var options = {
    url : postUrl,
    method : "POST",
    headers : headers,
    body : formData,
}

request(options, function(err, res, body) {
    if (res && (res.statusCode === 200 || res.statusCode === 201)) {
        // return result
        console.log(body);
    }
});
require 'time'
require_relative 'classes/API'

api = API.new

postUrl = 'https://payment.intrapay.com/transaction/execute' #api name to be process
passCode = 'PASSCODE_GOES_HERE' #your pass Code
merchantID = 'MERCHANT_ID_GOES_HERE' #your merchant ID
amount = '2.11'
currency = 'CURRENCY_GOES_HERE' #your assign currency
orderID = Time.now.to_i #unique order ID
returnURL = ''
notifyURL = 'http://mysite.com/notify'
customerIP = '188.26.48.48'
customerForwardedIP = ''
customerUserAgent = ''
customerAcceptLanguage = ''
customerEmail = 'test@test.com'
customerPhone = '8008828181'
customerFirstName = 'John'
customerLastName = 'Doe'
customerAddress1 = 'Address St 1'
customerAddress2 = 'Address St 2'
customerCity = 'Los Angeles City'
customerZipCode = '92929'
customerStateProvince = 'CA'
customerCountry = 'US'
customerDob = '2010-10-12'
cardNumber = '4773654827386427'
cardCVV2 = '777'
cardExpiryDate = '1020'
cardHolderName = 'John Doe'
routingString = ''
saveCard = ''
description = ''
csid = ''
threeDSecureInfo = ''

postData = Hash[
	'merchantID' => merchantID,
	'amount' => amount,
	'currency' => currency,
	'orderID' => orderID,
	'returnURL' => returnURL,
	'notifyURL' => notifyURL,
	'customerIP' => customerIP,
	'customerForwardedIP' => customerForwardedIP,
	'customerUserAgent' => customerUserAgent,
	'customerAcceptLanguage' => customerAcceptLanguage,
	'customerEmail' => customerEmail,
	'customerPhone' => customerPhone,
	'customerFirstName' => customerFirstName,
	'customerLastName' => customerLastName,
	'customerAddress1' => customerAddress1,
	'customerAddress2' => customerAddress2,
	'customerCity' => customerCity,
	'customerZipCode' => customerZipCode,
	'customerStateProvince' => customerStateProvince,
	'customerCountry' => customerCountry,
	'customerDob' => customerDob,
	'cardNumber' => cardNumber,
	'cardCVV2' => cardCVV2,
	'cardExpiryDate' => cardExpiryDate,
	'cardHolderName' => cardHolderName,
	'routingString' => routingString,
	'saveCard' => saveCard,
	'description' => description,
	'csid' => csid,
	'threeDSecureInfo' => threeDSecureInfo
]

postData['pSign'] = api.generatePsign(passCode, postData)

puts api.apiPostRequest(postData, postUrl)
<%@ Page Language="C#" %>
<%@ Import Namespace="Intrapay.Api.Util" %> 
<%
	String endPointUrl = "https://payment.intrapay.com/transaction/execute";
	String passCode = "PASSCODE_GOES_HERE"; //your pass Code
	String merchantID = "MERCHANT_ID_GOES_HERE"; //your merchant ID
	String amount = "2.11";
	String currency = "CURRENCY_GOES_HERE"; //your assign currency
	String orderID = new Random().Next(1, 999999).ToString(); //unique order ID
	String returnURL = "";
	String notifyURL = "http://mysite.com/notify";
	String customerIP = "188.26.48.48";
	String customerForwardedIP = "";
	String customerUserAgent = "";
	String customerAcceptLanguage = "";
	String customerEmail = "test@test.com";
	String customerPhone = "8008828181";
	String customerFirstName = "John";
	String customerLastName = "Doe";
	String customerAddress1 = "Address St 1";
	String customerAddress2 = "Address St 2";
	String customerCity = "Los Angeles City";
	String customerZipCode = "92929";
	String customerStateProvince = "CA";
	String customerCountry = "US";
	String customerDob = "2010-10-12";
	String cardNumber = "4773654827386427";
	String cardCVV2 = "777";
	String cardExpiryDate = "1020";
	String cardHolderName = "John Doe";
	String routingString = "";
	String saveCard = "";
	String description = "";
	String csid = "";
	String threeDSecureInfo = "";

	String pSign = PSignUtil.GeneratePSign(passCode + merchantID + amount + currency + orderID + returnURL + 
		notifyURL + customerIP + customerForwardedIP + customerUserAgent + customerAcceptLanguage + 
		customerEmail + customerPhone + customerFirstName + customerLastName + customerAddress1 + 
		customerAddress2 + customerCity + customerZipCode + customerStateProvince + customerCountry + 
		customerDob + cardNumber + cardCVV2 + cardExpiryDate + cardHolderName + 
		routingString + saveCard + description + csid + threeDSecureInfo);
		
	String and = "&";
	StringBuilder requestData = new StringBuilder();

	requestData.Append("merchantID=" + merchantID);
	requestData.Append(and + "amount=" + amount);
	requestData.Append(and + "currency=" + currency);
	requestData.Append(and + "orderID=" + orderID);
	requestData.Append(and + "returnURL=" + HttpUtility.UrlEncode(returnURL));
	requestData.Append(and + "notifyURL=" + HttpUtility.UrlEncode(notifyURL));
	requestData.Append(and + "customerIP=" + customerIP);
	requestData.Append(and + "customerForwardedIP=" + customerForwardedIP);
	requestData.Append(and + "customerUserAgent=" + customerUserAgent);
	requestData.Append(and + "customerAcceptLanguage=" + customerAcceptLanguage);
	requestData.Append(and + "customerEmail=" + customerEmail);
	requestData.Append(and + "customerPhone=" + customerPhone);
	requestData.Append(and + "customerFirstName=" + customerFirstName);
	requestData.Append(and + "customerLastName=" + customerLastName);
	requestData.Append(and + "customerAddress1=" + customerAddress1);
	requestData.Append(and + "customerAddress2=" + customerAddress2);
	requestData.Append(and + "customerCity=" + customerCity);
	requestData.Append(and + "customerZipCode=" + customerZipCode);
	requestData.Append(and + "customerStateProvince=" + customerStateProvince);
	requestData.Append(and + "customerCountry=" + customerCountry);
	requestData.Append(and + "customerDob=" + customerDob);
	requestData.Append(and + "cardNumber=" + cardNumber);
	requestData.Append(and + "cardCVV2=" + cardCVV2);
	requestData.Append(and + "cardExpiryDate=" + cardExpiryDate);
	requestData.Append(and + "cardHolderName=" + cardHolderName);
	requestData.Append(and + "routingString=" + routingString);
	requestData.Append(and + "saveCard=" + saveCard);
	requestData.Append(and + "description=" + description);
	requestData.Append(and + "csid=" + csid);
	requestData.Append(and + "threeDSecureInfo=" + HttpUtility.UrlEncode(threeDSecureInfo));
	requestData.Append(and + "pSign=" + pSign);

	String result = ServerPost.Post(requestData.ToString(), endPointUrl);
	Response.Write(result);
%>
from classes.API import API

import time

postUrl = 'https://payment.intrapay.com/transaction/execute' #api name to be process
passCode = 'PASSCODE_GOES_HERE' //your pass Code
merchantID = 'MERCHANT_ID_GOES_HERE' //your merchant ID
amount = '2.11'
currency = 'CURRENCY_GOES_HERE' //your assign currency
orderID = time.time() #unique order ID
returnURL = ''
notifyURL = 'http://mysite.com/notify'
customerIP = '188.26.48.48'
customerForwardedIP = ''
customerUserAgent = ''
customerAcceptLanguage = ''
customerEmail = 'test@test.com'
customerPhone = '8008828181'
customerFirstName = 'John'
customerLastName = 'Doe'
customerAddress1 = 'Address St 1'
customerAddress2 = 'Address St 2'
customerCity = 'Los Angeles City'
customerZipCode = '92929'
customerStateProvince = 'CA'
customerCountry = 'US'
customerDob = '2010-10-12'
cardNumber = '4773654827386427'
cardCVV2 = '777'
cardExpiryDate = '1020'
cardHolderName = 'John Doe'
routingString = ''
saveCard = ''
description = ''
csid = ''
threeDSecureInfo = ''

postData = {
	'passCode' => passCode,
	'merchantID' => merchantID,
	'amount' => amount,
	'currency' => currency,
	'orderID' => orderID,
	'returnURL' => returnURL,
	'notifyURL' => notifyURL,
	'customerIP' => customerIP,
	'customerForwardedIP' => customerForwardedIP,
	'customerUserAgent' => customerUserAgent,
	'customerAcceptLanguage' => customerAcceptLanguage,
	'customerEmail' => customerEmail,
	'customerPhone' => customerPhone,
	'customerFirstName' => customerFirstName,
	'customerLastName' => customerLastName,
	'customerAddress1' => customerAddress1,
	'customerAddress2' => customerAddress2,
	'customerCity' => customerCity,
	'customerZipCode' => customerZipCode,
	'customerStateProvince' => customerStateProvince,
	'customerCountry' => customerCountry,
	'customerDob' => customerDob,
	'cardNumber' => cardNumber,
	'cardCVV2' => cardCVV2,
	'cardExpiryDate' => cardExpiryDate,
	'cardHolderName' => cardHolderName,
	'routingString' => routingString,
	'saveCard' => saveCard,
	'description' => description,
	'csid' => csid,
	'threeDSecureInfo' => threeDSecureInfo
}

postData['pSign'] = API.generatePsign(passCode, postData)
print(API.apiPostRequest(postData, postUrl))

You will see the response here...