Callback mechanism: Difference between revisions

From Barion Documentation
Jump to navigation Jump to search
No edit summary
 
(34 intermediate revisions by 8 users not shown)
Line 1: Line 1:
{{PageTitle|title=Payment callback mechanism (aka. IPN)}}
{{PageTitle|title=Payment callback mechanism (aka. IPN)}}
__NOTOC__
{{TableOfContents}}
Whenever a given payment's state changes, it is expected that the caller system and the Barion database are synchronized. This is accomplished by implementing the '''callback mechanism''' (referred to as ''"Instant Payment Notification"'' or ''"IPN"'' in some terminology) between the two systems.


Learn how to subscribe to the Barion callback mechanism, a webhook service that helps you track the state changes of payments in real time.
The basic idea is that to help automate your payment processing, the Barion server sends notifications about updates to the payments in your Barion shop, which should make your Barion shop query the Barion API’s payment state endpoint for the specifics of the status change.
Here’s an overview of the steps involved:
# Set up a webhook listener endpoint (that implements the processing logic detailed on this page).
# Provide your listener’s URL when setting up a payment ([[Payment-Start-v2|as a required parameter to the payment start endpoint call]]).
# The Barion server sends real-time state change notifications to the listener about the payment.
# The notification triggers your listener endpoint logic.
This page offers an overview of the Barion callback mechanism (an implementation of the [https://en.wikipedia.org/wiki/Instant_payment_notification Instant Payment Notification (IPN)] concept), best practices, and troubleshooting tips.
<span id="the-callback-process"></span>
== The callback process ==
== The callback process ==


The event flow of the implemented callback mechanism is simple:
Whenever there’s a change in the status of a payment transaction, the Barion server sends a HTTP POST request to the <code>CallbackUrl</code> parameter you passed to [[Payment-Start-v2|the Payment/Start call]] when you created the payment.
 
This improves scalability, and avoids potential delays in your payment processing caused by polling intervals.
 
<ol style="list-style-type: decimal;">
<li><p>The Barion server sends a POST request to the <code>CallbackUrl</code> you specified, with the <code>PaymentId</code> identifying the updated payment.</p>
<p>This is merely an indication that there’s an update to query.</p></li>
<li><p>Your listener should acknowledge receipt of the POST request with a <code>HTTP 200 OK</code> response within 15 seconds.</p>
<blockquote>The Barion server only accepts HTTPS-protocol requests that are using TLS v1.2 and above.</blockquote>
<p>The Barion server re-sends the webhook up to 5 more times after the initial 15-second window, with increasing delays between calls (2 seconds, 6 seconds, 18 seconds, 54 seconds, and 102 seconds).</p>
<p>If the server doesn’t get a <code>HTTP 200 OK</code> after the fifth call (and 4 minutes’ total waiting time), it sends an error message email to your Barion shop’s registered email address.</p></li>
<li><p>After acknowledging the request, your listener should make a call to [[Payment-PaymentState-v4|the Payment/<PaymentId>/PaymentState]] API endpoint to query the payment transaction’s new status.</p></li>
<li><p>Your listener logic should check the [[05-api-reference/01-payment-resource/04-payment-resource-enums/04-payment-status|<code>PaymentStatus</code>]] to see if the payment is still active:</p>
<ul>
<li><p><code>Canceled</code> indicates that the customer has closed the checkout page without starting a payment process, or before the payment process could finish.</p></li>
<li><p><code>Expired</code> indicates that the customer let the payment window elapse without completing the payment – they most likely abandoned the checkout page.</p>
<p>An <code>Expired</code> reservation payment automatically gets refunded, which generates a new refund-type transaction in the endpoint response’s [[05-api-reference/01-payment-resource/01-payment-state#transactions|<code>Transactions</code>]] array.</p></li></ul>
 
<blockquote><p>It’s recommended to reach out to your customer in these cases, and attempt to change their minds about the payment.</p></blockquote></li>
<li><p>After determining that the customer attempted to pay, the listener logic should check both [[05-api-reference/01-payment-resource/04-payment-resource-enums/04-payment-status|<code>PaymentStatus</code>]] and the [[05-api-reference/01-payment-resource/01-payment-state#transactions|<code>Transactions</code>]] array in the endpoint response.</p></li>
<li><p>Based on the payment state endpoint response, and considering [[#payment-scenarios|the payment scenario]], your listener should process the payment according to your business logic.</p></li></ol>
 
=== '''Fallback mechanism''' ===
If a callback is not received, the [[Payment-PaymentState-v4|PaymentState]] API endpoint should be called as a fallback to retrieve the status of the payment. This ensures that the payment status is still updated, even if the callback doesn’t come through. The [[Payment-PaymentState-v4|PaymentState]] API should be called in the following cases if the callback is not received:
 
* After redirection: the [[Payment-PaymentState-v4|PaymentState]] endpoint should be called after the customer is redirected to the <code>RedirectUrl</code>.
* After payment window expiry: if a final status is not received via callback notification or if the customer has not been redirected, the [[Payment-PaymentState-v4|PaymentState]] API should be called approximately 15 minutes after the payment window expires. This accounts for scenarios where the payment process may still be completed by the customer, even if the window has officially closed.<br />
 


# The payment gets completed, cancelled, expired or refunded
=== Payment scenarios ===
# The Barion system sends an HTTP POST request to the merchant's system with the payment's unique identifier, indicating that something has just happened, so the merchant's system should check the payment now
<span id="immediate-payment"></span>
# The merchant's system sends a request to the [[Payment-GetPaymentState-v2|/v2/Payment/GetPaymentState]] API endpoint with its POSKey and the received payment identifier
==== Immediate payment ====
# Based on the response received, the merchant's system can determine what processing tasks should take place


== Structure and processing of the callback request ==
A “Succeeded” payment status indicates that all transactions in the payment went through.<span id="reservation-payment"></span>
==== Reservation payment ====
<span id="reservation-payment-setup"></span>


The callback request contains one parameter, the payment identifier. This is sent in the <code>PaymentId</code> field of the POST request body. The merchant's system must send an <code>HTTP 200 OK</code> response (with any content) in order for the callback to be considered successful. The timeout period for answering a callback request is '''15 seconds'''.
* Reservation payment setup


If the Barion system does not get an HTTP 200 response, it retries sending the callback for a maximum of 5 times, with exponential back-off timing delay between tries:
A “Reserved” payment status indicates that the reservation is successfully set up.<span id="reservation-payment-finishing"></span>
* 2 seconds
* 6 seconds
* 18 seconds
* 54 seconds
* 2 minutes 42 seconds
So the total time window allocated for successful callback is roughly '''4 minutes'''. If the Barion system fails to get an HTTP 200 response after that, the callback is not sent and the merchant's system automatically gets an e-mail notification about the error.


Every time, when your system receives a callback request from the Barion you have to call the [[Payment-GetPaymentState-v2|/v2/Payment/GetPaymentState]] API endpoint to find out the change. First, your system should check the payment's status and after the list of the payment's transactions. For example, if you requested a payment refund or when the reserved payment's time limit has expired the list of payment’s transactions will contain new e-money transactions. It's your system's responsibility to handle changes.
* Reservation payment finishing
** “Succeeded” payment status: all transactions in the payment have been finished with the initially reserved amount
** “PartiallySucceeded” payment status: some, but not all transactions have been finished with the initially reserved amount
** A new refund-type transaction in the endpoint response’s [[05-api-reference/01-payment-resource/01-payment-state#transactions|<code>Transactions</code>]] array: a transaction in a reserved payment was finished with a lower amount than the initially reserved amount, and the difference is automatically refunded to the user in a new transaction
<span id="delayed-capture"></span>
==== Delayed capture ====
<span id="delayed-capture-payment-setup"></span>


== Security ==
* Delayed capture payment setup
Never rely on the callback function alone. When the callback URL is requested, your application must call the [[Payment-GetPaymentState-v2|/v2/Payment/GetPaymentState]] Barion API to get the proper payment state.


{{NotificationBox|title=IMPORTANT|text=The IP address of the callback request may change any time for security reasons.|color=#FF7A3D}}
An “Authorized” payment status indicates that the customer completed the payment, and the payment funds are blocked on their payment instrument.<span id="delayed-capture-payment-capturing"></span>


== Why you should use it ==
* Delayed capture payment capturing
** “Succeeded” payment status indicates that the payment was successfully captured.
<blockquote>Even if the captured amount is lower that the previously-authorized amount, no refund transaction is generated, because the difference is simply released directly on the payer’s payment instrument.
</blockquote><span id="refund"></span>
==== Refund ====


When a Barion Smart Gateway payment process takes place between the two systems, neither of them can rely purely on explicit user interaction to process things. In such situations, the Barion system must inform the merchant's system that the payment has changed in some way, without involving the user.
A new refund-type transaction is added to the [[05-api-reference/01-payment-resource/01-payment-state#transactions|<code>Transactions</code>]] array in the endpoint response.


Here are some examples:
<blockquote>Note that only previously “Succeeded” payment transactions can be refunded, and that the status of these payments won’t change regardless of whether the refund was successful or not.
</blockquote><span id="best-practices"></span>
== Best practices ==
<span id="rate-limiting"></span>
=== Rate limiting ===


* the payment is completed, but the user closed their browser or lose network connection, preventing them from returning to the webshop or application that redirected them to the Barion Smart Gateway
Throttling is in place to prevent service disruption caused by excessive requests to the payment state endpoint: if you call the endpoint with the same `PaymentID` more than once within a 5-second interval, for the following 5 seconds, further calls to the endpoint the request return the `HTTP 429 Too many requests` error.
* the user explicitly cancels the payment, but closes their browser instead of navigating back to the merchant
* the payment is never completed and expires because of the time window limit
* the payment is refunded


Implementing callback handling will save you time and pain tracking such "lost" payments. It also eases the troubleshooting with your customers, since you will always have valid data on your side.
<blockquote>If the number of requests with the same `PaymentID` exceeds a certain threshold within a certain time window, all further requests will return `HTTP 429 Too many requests`.</blockquote><span id="ip-allowlisting"></span>
=== IP allowlisting ===


== What NOT to do ==
To protect your webhook listener endpoint from unauthorized requests, it’s strongly recommended to allowlist the Barion API IP addresses, and blocklist all other IPs.<span id="production-environment-barion-api-ip-address"></span>
==== Production environment Barion API IP address ====


Never long-poll the [[Payment-GetPaymentState-v2|/v2/Payment/GetPaymentState]] API endpoint and wait for the payment status to suddenly change!
40.113.73.229<span id="sandbox-barion-api-ip-address"></span>
If you use a high interval between requests, user experience will deteriorate significantly. If you use a small interval, your requests will get throttled.
==== Sandbox Barion API IP address ====


If you are having difficulties implementing the proper callback flow, consult our developer support!
20.223.214.216

Latest revision as of 13:09, 18 October 2024

Payment callback mechanism (aka. IPN)


Learn how to subscribe to the Barion callback mechanism, a webhook service that helps you track the state changes of payments in real time.

The basic idea is that to help automate your payment processing, the Barion server sends notifications about updates to the payments in your Barion shop, which should make your Barion shop query the Barion API’s payment state endpoint for the specifics of the status change.

Here’s an overview of the steps involved:

  1. Set up a webhook listener endpoint (that implements the processing logic detailed on this page).
  2. Provide your listener’s URL when setting up a payment (as a required parameter to the payment start endpoint call).
  3. The Barion server sends real-time state change notifications to the listener about the payment.
  4. The notification triggers your listener endpoint logic.

This page offers an overview of the Barion callback mechanism (an implementation of the Instant Payment Notification (IPN) concept), best practices, and troubleshooting tips.

The callback process

Whenever there’s a change in the status of a payment transaction, the Barion server sends a HTTP POST request to the CallbackUrl parameter you passed to the Payment/Start call when you created the payment.

This improves scalability, and avoids potential delays in your payment processing caused by polling intervals.

  1. The Barion server sends a POST request to the CallbackUrl you specified, with the PaymentId identifying the updated payment.

    This is merely an indication that there’s an update to query.

  2. Your listener should acknowledge receipt of the POST request with a HTTP 200 OK response within 15 seconds.

    The Barion server only accepts HTTPS-protocol requests that are using TLS v1.2 and above.

    The Barion server re-sends the webhook up to 5 more times after the initial 15-second window, with increasing delays between calls (2 seconds, 6 seconds, 18 seconds, 54 seconds, and 102 seconds).

    If the server doesn’t get a HTTP 200 OK after the fifth call (and 4 minutes’ total waiting time), it sends an error message email to your Barion shop’s registered email address.

  3. After acknowledging the request, your listener should make a call to the Payment/<PaymentId>/PaymentState API endpoint to query the payment transaction’s new status.

  4. Your listener logic should check the PaymentStatus to see if the payment is still active:

    • Canceled indicates that the customer has closed the checkout page without starting a payment process, or before the payment process could finish.

    • Expired indicates that the customer let the payment window elapse without completing the payment – they most likely abandoned the checkout page.

      An Expired reservation payment automatically gets refunded, which generates a new refund-type transaction in the endpoint response’s Transactions array.

    It’s recommended to reach out to your customer in these cases, and attempt to change their minds about the payment.

  5. After determining that the customer attempted to pay, the listener logic should check both PaymentStatus and the Transactions array in the endpoint response.

  6. Based on the payment state endpoint response, and considering the payment scenario, your listener should process the payment according to your business logic.

Fallback mechanism

If a callback is not received, the PaymentState API endpoint should be called as a fallback to retrieve the status of the payment. This ensures that the payment status is still updated, even if the callback doesn’t come through. The PaymentState API should be called in the following cases if the callback is not received:

  • After redirection: the PaymentState endpoint should be called after the customer is redirected to the RedirectUrl.
  • After payment window expiry: if a final status is not received via callback notification or if the customer has not been redirected, the PaymentState API should be called approximately 15 minutes after the payment window expires. This accounts for scenarios where the payment process may still be completed by the customer, even if the window has officially closed.


Payment scenarios

Immediate payment

A “Succeeded” payment status indicates that all transactions in the payment went through.

Reservation payment

  • Reservation payment setup

A “Reserved” payment status indicates that the reservation is successfully set up.

  • Reservation payment finishing
    • “Succeeded” payment status: all transactions in the payment have been finished with the initially reserved amount
    • “PartiallySucceeded” payment status: some, but not all transactions have been finished with the initially reserved amount
    • A new refund-type transaction in the endpoint response’s Transactions array: a transaction in a reserved payment was finished with a lower amount than the initially reserved amount, and the difference is automatically refunded to the user in a new transaction

Delayed capture

  • Delayed capture payment setup

An “Authorized” payment status indicates that the customer completed the payment, and the payment funds are blocked on their payment instrument.

  • Delayed capture payment capturing
    • “Succeeded” payment status indicates that the payment was successfully captured.

Even if the captured amount is lower that the previously-authorized amount, no refund transaction is generated, because the difference is simply released directly on the payer’s payment instrument.

Refund

A new refund-type transaction is added to the Transactions array in the endpoint response.

Note that only previously “Succeeded” payment transactions can be refunded, and that the status of these payments won’t change regardless of whether the refund was successful or not.

Best practices

Rate limiting

Throttling is in place to prevent service disruption caused by excessive requests to the payment state endpoint: if you call the endpoint with the same `PaymentID` more than once within a 5-second interval, for the following 5 seconds, further calls to the endpoint the request return the `HTTP 429 Too many requests` error.

If the number of requests with the same `PaymentID` exceeds a certain threshold within a certain time window, all further requests will return `HTTP 429 Too many requests`.

IP allowlisting

To protect your webhook listener endpoint from unauthorized requests, it’s strongly recommended to allowlist the Barion API IP addresses, and blocklist all other IPs.

Production environment Barion API IP address

40.113.73.229

Sandbox Barion API IP address

20.223.214.216