Payment Callback
Handle payment callback from the payment gateway (ePoint). This endpoint is called by the payment gateway after payment processing.
Endpoint
Authentication
Not required (called by payment gateway)
Request Body
Parameters
| Field | Type | Required | Description |
|---|---|---|---|
data |
string | Yes | Base64-encoded JSON string containing payment result |
signature |
string | Yes | Base64-encoded SHA1 signature for verification |
Data Structure (after decoding)
The data field contains a base64-encoded JSON string with the following structure:
{
"order_id": "abcde-fghij-klmno-pqrst",
"status": "success",
"code": "000",
"message": "Payment successful",
"transaction": "transaction_id",
"bank_transaction": "bank_transaction_id",
"bank_response": "response",
"operation_code": "operation_code",
"rrn": "rrn",
"card_name": "Card Name",
"card_mask": "****1234",
"amount": 199.98,
"other_attr": "other_attributes"
}
Response
Success (200 OK)
Error Responses
Signature Mismatch (403)
Order Not Found (404)
Payment Status Updates
Successful Payment (status: "success")
- Payment status set to "2" (Success)
- Order status set to "1" (Incoming)
- Payment status set to "1" (Success)
- Product stock quantities are decremented
- User's basket is cleared
Failed Payment (status: "failed")
- Payment status set to "3" (Failed)
- Order payment status set to "2" (Failed)
- Stock quantities remain unchanged
Security
- Signature is verified using SHA1 hash of
PRIVATE_KEY + data + PRIVATE_KEY - Only valid signatures are processed
- Invalid signatures return 403 Forbidden
Notes
- This endpoint is called automatically by the payment gateway
- Do not call this endpoint manually
- Payment callbacks update order and payment statuses
- Stock is only decremented on successful payments