Memento Payments
Search…
Notification Callback
If a notify_url was defined when the payment request was created, you will receive a notification callback POST from the API with the payment request data and a signature. We recommend that you verify the signature, since it proves authenticity of the data.
Note: Your server must respond with 200 OK. Otherwise the response is treated as an error and the API will POST again later.
The notification object
Key
Type
Description
payment_request_id
uuid
The unique identifier for the payment request.
transaction_id
uuid
The unique identifier for the transaction. A transaction ID is only issued if the request has been paid. Not issued if the request is unpaid, rejected or expired.
amount
float
The paid amount.
currency
string
Three-letter ISO-4217 code.
status
string
Same value as posted when the payment request was created.
order
string
The payment request status. Note: Rejected can either mean that the payer declined or the payment request expired.
pendingpaidrejectedcompleted
int
The date and time when the status changed from
pending to paid. UTC (GMT +0) UNIX timestamp.signature
string
The signature is used to verify the authenticity of the data.
1
{
2
"payment_request_id": "3e6975e8-77cb-48b7-7722-3dfe47677bbc",
3
"transaction_id": "a917be59-f35a-478f-a5d9-19bf467972ad",
4
"amount": 10.99,
5
"currency": "USD",
6
"status": "paid",
7
"order": "abc123",
8
"completed": 1458748422,
9
"signature": "8022cb71924dba2e24f849fdc83596e80a3966465f6b3f1702326afa31229b11"
10
}
Copied!
Signature
The signature is a string comprised of the following variables and then hashed using HMAC SHA256 where the merchant's access token is the key.
Signature string composition
{payment_request_id}&{transaction_id}&{order}&{amount}&{status}&{completed}
Example string before hashing
3e6975e8-77cb-48b7-7722-3dfe47677bbc&a917be59-f35a-478f-a5d9-19bf467972ad&abc123&2199&paid&1458748422
Example string after hashing
8022cb71924dba2e24f849fdc83596e80a3966465f6b3f1702326afa31229b11
Last modified 2yr ago