When a payment attemt is made, it is possible to receive the transaction result via notification. iyzico is able to send a notification for every payment event. First notification is sent after 15 seconds later of processing the payment. It is a JSON Payload and server to server HTTP request. iyzico keeps continue sending notification every 10 minutes until your server respond with a status of 200. Each notification has to stop after 3 attempts after payment attempt.
The post body contains below parameters.
Parametere | Type | Description |
---|---|---|
iyziEventTime | long | Unix timestamp value of first notification. |
iyziEventType | string | Shows the request type. Values: API_AUTH, THREE_DS_AUTH, BKM_AUTH |
iyziReferenceCode | string | A unique reference code for the notification |
paymentId | long | Unique iyzico reference code of realted payment |
paymentConversationId | string | Merchant's reference id for the related payment |
status | string | Payment status. Values: SUCCESS, FAILURE |
The post body contains below parameters.
Parameter | Type | Description |
---|---|---|
iyziEventTime | long | Unix timestamp value of first notification |
iyziEventType | string | Shows the request type. VALUES: API_AUTH, THREE_DS_AUTH, BKM_AUTH |
iyziReferenceCode | string | A unique reference code for the notification |
token | string | The token generated for the related payment |
status | string | Payment status. Values: SUCCESS, FAILURE |
In order to understand that the request is coming from iyzico, you can use "X-IYZ-SIGNATURE" value in header.
iyzico puts X-IYZ-SIGNATURE parameter to the header and its value can be created with only merchant's secret key.
A string with secret Key, eventType and paymentId should be created with the given order below. This string should be encrypted with Sha1 and the result should be encoded with base 64. Final value should should be equal to X-IYZ-SIGNATURE in the header
Order | Parameter | Description |
---|---|---|
1 | secretKey | Merchant's secret key |
2 | iyziEventType | Shows the request type. Values: API_AUTH, THREE_DS_AUTH, BKM_AUTH |
3 | paymentId | Unique iyzico reference code of realted payment |
final String stringToBeHashed = new StringBuilder("secretKey")
.append(request.getIyziEventType())
.append(request.getPaymentId())
.toString();
String should be encoded with base64 after SHA1 encryption.
String hash = Base64.encodeBase64String(DigestUtils.sha1(stringToBeHashed));
A string with secret Key, eventType and token should be created with the given order below. This string should be encrypted with Sha1 and the result should be encoded with base 64. Final value should should be equal to X-IYZ-SIGNATURE in the header
Order | Parameter | Description |
---|---|---|
1 | secretKey | Merchant's secret key |
2 | iyziEventType | Shows the request type. Values: API_AUTH, THREE_DS_AUTH, BKM_AUTH |
3 | token | The token generated for the related payment |
final String stringToBeHashed = new StringBuilder("secretKey")
.append(request.getIyziEventType())
.append(request.getPaymentId())
.toString();
String should be encoded with base64 after SHA1 encryption.
String hash = Base64.encodeBase64String(DigestUtils.sha1(stringToBeHashed));
To be able to get notfication, please go to Settings -> Merchant Settings on iyzico merchant panel, enter the url(https) that you want to get notifications and activate Merchant Notifications setting.