When a user completes a payment, we will send a pingback which will notify your server about the transaction.
Pingback request is sent from our servers to your Pingback listener script where we communicate to your server regarding the details about payment transactions so that your server can process the pingback automatically and deliver the goods to the according users.
In your Business Model settings, please input the Pingback URL which is the URL address of your script that processes the pingbacks.
Configuring Pingback URL in Business Model Settings.
The pingback requests are posted to the pingback url specified by the Merchant as the part of their Business Model.
Once the Merchants start receiving pingbacks on the dedicated pingback url, the merchant has to validate those pingbacks at their end to verify if the transaction is legitimate and does belongs to it.
Validation using the X-FasterPay-Signature header
To verify the merchant transaction, FasterPay injects a signature value as a part of Header Information that is sent along with the pingback request.
The secret key header to be verified is “X-FasterPay-Signature” and it should match with the signature generated at merchant’s end.
Refer: Calculating API Hash to understand how FasterPay Signature is calculated for Pingbacks.
Once this verification is done the merchant should deliver the product.
Once the Pingback is received by the merchant’s servers, the merchant has to respond back with the following details to acknowledge the pingback:
HTTP Status: 200 Response Body: ok
Validation using the secret key header [Deprecated]
To verify the merchant transaction, FasterPay injects Merchant’s Private Key as a part of Header Information that is sent along with the pingback request.
The secret key header to be verified is “X-ApiKey” and it should match with the merchant’s Private Key.
Once the Pingback request is received by the Merchants servers, the merchant has to send a “OK” as the response of the API Call.