Search

Are you looking for test card numbers?

Would you like to contact support?

Classic-integration icon

Payment response merchantSig - SHA 256

To verify that the values, which you have received in the result URL, are valid and have not been tampered in the process, refer to this example.

Example:

https://test.adyen.com/hpp/result.shtml?&authResult=AUTHORISED&merchantReference=SKINTEST-test&merchantReturnData=YourMerchantReturnData&merchantSig=ctYgiLlrjyG5OxoXmy8nn5n%2BYToDmw%2BR%2BqrC%2FhQxzE8%3&paymentMethod=ideal&pspReference=7914447419663319&reason=3542&shopperLocale=nl_NL&skinCode=314lwMhy

If you extract the parameters, you have:

Key Value
authResult AUTHORISED
merchantReference SKINTEST-test
merchantReturnData YourMerchantReturnData
paymentMethod ideal
pspReference 7914447419663319
reason 3542
shopperLocale nl_NL
skinCode 314lwMhy

Concatenate the keys and values as:

authResult:merchantReference:merchantReturnData:paymentMethod:pspReference:reason:shopperLocale:skinCode:AUTHORISED:SKINTEST-test:YourMerchantReturnData:ideal:7914447419663319:3542:nl_NL:314lwMhy

This string contains values for you to calculate merchantSig with HMAC SHA-256 key.

If some parameters are missing in the URL, they should be also omitted in the concatenated string. For example, if the merchantReturnData and reason fields are not provided, the string above should look as follows:

authResult:merchantReference:paymentMethod:pspReference:shopperLocale:skinCode:AUTHORISED:SKINTEST-test:ideal:7914447419663319:nl_NL:314lwMhy