Payments CZ API Flow

  1. Authenticate user

    1) Your application initiates the flow by directing your user browser to the authorization endpoint. Initiation is carried out by making a GET /oauth2/authorize request.

    2) The bank authenticates your user and informs him about initiation of the payment through your application.

    3) Assuming your user completes authentication, the bank server redirects the user browser back to your application using the redirection URI provided during your application registration. The redirection URI includes an authorization code.

    4) Your application requests an access token from the bank server's token endpoint by including the authorization code received in the previous step. The authorization code exchange is carried out by making a POST /oauth2/token request.

    This step is mandatory only during the first payment for respective customer from your application and received access token can be used until revocation by the user.

  2. Check availability of funds (optional)

    Your application connects to the bank using access token from the Step 1 and validates if there is sufficient balance on user account in order to process your payment. Response is only positive or negative.

    This step is carried out by making a POST /payments/balanceCheck request to the payments resource.

    Positive response doesn’t guarantee, that funds will be available at the moment of the transaction authorization.

  3. Initiate Single Payment

    Your application connects to the bank using access token from the Step 1 and creates a new payments resource. The bank responds with an identifiers for the resource (transaction.identification – which is used as paymentId in the following steps and signInfo.signID used in authorization). This step is carried out by making a POST /payments/ request to the payments resource.

  4. Get Payment Details (optional)

    You can check the details and status of the initiated payment (with the paymentId).This is carried out by making a GET /payments/{paymentId} request to the initiated payments. This resource is available only until Step 5 is completed by the user.

  5. Authorize Initiated Payment

    Once the payment is initiated and signId is received in the Step 3, you will receive redirect URL link, where you should forward the user in order to authorize the payment. This is carried out by making a POST /payments/{paymentId}/sign/{signId}

    Your application should than redirect user to this URL to authorize the payment.

    Once user completes or abandons payment authorization screen, he will be forwarded to the URL included in the header of your request. Parameter paymentId will be added to this redirect link.

  6. Get Payment Status (optional)

    You can check the status of the initiated payment (with the paymentId). This is carried out by making a GET /payments/{paymentId}/status request to the initiated payments resource.