AlliancePay
🇬🇧 English
🇬🇧 English
  • E Commerce platform AlliancePay v2.32.0
  • Authentication
  • Data Encryption
  • Authorization
  • Using an authorization token
  • Key Management Overview
    • PURCHASE Collection Example
    • A2C Collection Example
  • Payment methods H2H
    • PURCHASE
      • PURCHASE Request - Step 1
      • PURCHASE Request - Step 2
    • A2C
    • C2A
      • C2A Transaction Request - Step 1
      • C2A Transaction Request - Step 2
    • ApplePay decrypted
      • PURCHASE
        • Payment Processing Request - Step 1
        • Payment Processing Request - Step 2 (3DS)
      • C2A
        • C2A request Step 1
        • C2A request Step 2 (3DS)
    • ApplePay encrypted
      • Request aPay support on the page
      • Request to receive aPay merchant data
      • Merchant validation request
      • Session Establishment Request in aPay
      • Payment Processing Request
    • GooglePay™ decrypted
      • PURCHASE
        • Payment Processing Request - Step 1
        • Payment Processing Request - Step 2 (3DS)
      • C2A
        • C2A request Step 1
        • C2A request Step 2 (3DS)
    • GooglePay™ encrypted
      • Google Pay™ Documentation
      • Google Pay™ Support Request on the Page
      • Google Pay™ Merchant Data Retrieval Request
      • Payment request
    • REFUND
    • TOKEN
      • PURCHASE
        • Token payment request Step 1
        • 3DS token payment request Step 2
      • C2A
        • Token payment request Step 1
        • 3DS token payment request Step 2
      • Token Creation
      • Retrieve Token by CustomerId
      • Retrieve Token Data
      • Update Token Status
      • Token Statuses
    • Account Verification
      • Card Verification Request Step 1
      • Card verification request Step 2
    • Getting data
      • By OPERATION_ID
      • By merchantRequestId
    • Getting a balance
    • Callback
  • Payment methods HPP
    • PURCHASE
      • Creating an order
      • Receiving order data
    • REFUND
    • Callback
    • Order statuses
  • Dictionary
    • Transaction status
    • Test cases
    • Error codes
    • Value actionCode, responseCode
    • Limits
    • Instructions for reconciliation by registers
      • Fields Description in Registers
    • Whitelist IP addresses and URLs
  • History of changes
Powered by GitBook
On this page
  • Request Authorization
  • Authorization Recovery
  • Timeout
  • Payments
  • Testing Data
  • Authorization Key:
  • Payment Key
  • Request Headers

Authorization

Request Authorization

To authorize a request, it is necessary to include the following headers:

x-api_version:V1

x-device_id:{{deviceId}}

x-refresh_token:{{refreshToken}}

Authorization Recovery

If a request returns an HTTP status 401, authorization data must be refreshed by executing a session update request and then retrying the failed request.

Timeout

Timeout specified in the parameters:

  • "tokenExpirationDateTime":"2025-02-14 22:45:24.0463 +0000" - UTC

  • "tokenExpiration":"2025-02-15 00:45:24.463+02:00" - Kyiv, Ukraine time

Payments

A Payment is a type of transaction used for purchasing goods, services, or products on websites using a payment card.

For Payment transactions, cardholder verification via 3D Secure is required if the card is enrolled in the program.

Testing Data

  • serviceCode for device authorization – UUID (e.g., a51e68aa-c6fa-11ed-afa1-0242ac120005).

  • In the production environment, this code is generated separately by the Bank for each merchant.

Authorization Key:

{
    "kty": "EC",
    "d": "QVwaujXBuM1mdyNSadU5qSjRk5xggY-aX7yzes_qyNQC9nTVO1SmNBHd_fBzZILd",
    "use": "enc",
    "crv": "P-384",
    "x": "lxF9kVkpdTRqd256CO0Q3fOEAPcek-U_Q72UoySdXXZWr9Tf8bSMhc8gwVbgtDC",
    "y": "3aQaGq0Va9OshPr63jZ2KEcfO1jqibz6bKFeJr6K6h4dHFGj298hv7sb6bYaUyD",
    "alg": "ECDH-ES+A256KW"
}

Payment Key

{
    "kty": "EC",
    "use": "enc",
    "crv": "P-384",
    "x": "lxF9kVkpdTRqd256CO0Q3fOEgAPcek-U_Q72UoySdXXZWr9Tf8bSMhc8gwVbgtDC",
    "y": "3aQaGq0Va9OsGhPr3jZ2KEcfO1jqibz6bKFeJr6K6h4dHFGj298hv7sb6bYaUyD",
    "alg": "ECDH-ES+A25KW"
}

URL - https://api-ecom-prod.bankalliance.ua

Request Headers

Parameter

Description

Example

x-api_version

API Version

v1

x-device_id

Generated when requesting authorize_virtual_device

f7b244ae-57e7-4fe2-89d7-7d6a02a17048

x-refresh_token

Generated when requesting authorize_virtual_device

9a64d090-732c-4e28-9c57-609083b8bd56

PreviousData EncryptionNextUsing an authorization token

Last updated 2 months ago