Are you looking for test card numbers?

Would you like to contact support?

No momento, esta página não está disponível em português
Default icon

Handling redirects

Learn how you can handle different redirect flows on Checkout API.

Choose your API version:

If you get a redirect action.type:

  1. Get the action.url from the /payments response:

    /payments response
      "action": {
        "method": "GET",
        "paymentMethodType": "ideal",
        "type": "redirect",
        "url": ""
  2. Redirect the shopper to the action.url with the HTTP method from action.method.

    • For redirect payment methods, theaction.method is GET:

      curl \
    • For 3D Secure redirect, the action.method is POST:

      curl \
      --data-urlencode 'PaReq=eNpVUttygjAQ/RXbDyAXBYRZ00HpTH3wUosPfe...' \
      --data-urlencode 'TermUrl=' \
      --data-urlencode 'MD=OEVudmZVMUlkWjd0MDNwUWs2bmhSdz09...'

    The shopper is redirected to a page where they need to take additional action, depending on the payment method.

    For security reasons, when displaying the redirect in the app, we recommend that you use SFSafariViewController for iOS or Chrome Custom Tabs for Android, instead of WebView objects. Also refer to the security best practices for WebView.

    After the shopper completes the payment, they are redirected back to your returnUrl with HTTP GET. The returnUrl is appended with a Base64-encoded redirectResult:

    GET /?shopperOrder=12xy..&&redirectResult=X6XtfGC3%21Y... HTTP/1.1
  3. Get the redirectResult appended to the URL and pass it to your back end to verify the payment result in the next step.

    If a shopper completed the payment but failed to return to your website or app, you will receive the outcome of the payment in a notification webhook.

  4. From your server, make a /payments/details request, specifying:

    • details: Object that contains the URL-decoded redirectResult.
    /payments/details request
    curl \
    -H "x-API-key: YOUR_X-API-KEY" \
    -H "content-type: application/json" \
    -d '{
        "details": {
          "redirectResult": "eyJ0cmFuc1N0YXR1cyI6IlkifQ=="

    The response contains:

    /payments/details response
       "resultCode": "Authorised",
       "pspReference": "NC6HT9CRT65ZGN82"