3.21. /api/v4/process-recurring-payment

Introduction

Process recurring payment is initiated through HTTPS POST request by using URLs and the parameters specified below. Use OAuth RSA-SHA256 for authentication.

API URLs

Integration

Production

https://sandbox.toptechpay.net/payment/api/v4/process-recurring-payment/ENDPOINTID

https://gate.toptechpay.net/payment/api/v4/process-recurring-payment/ENDPOINTID

Request Parameters

Note

Request must have content-type=application/x-www-form-urlencoded and Authorization headers.

Parameter Name

Description

Value

client-orderid

Connecting Party order ID.

Necessity: Required
Type: String
Length: 128

recurring-payment-id

Recurring ID assigned to the order by QA.

Necessity: Required
Type: String
Length: 10

amount

Amount of currency must be the same as currency on the project assigned. Upon reaching finish date, Recurring payment will go into stop status.

Necessity: Required
Type: Numeric
Length: 10

Merchant login

Connecting Party’s login name.

Necessity: Required
Type: String
Length: 20

Endpoint

Endpoint ID.

Necessity: Required
Type: Numeric
Length: 10

Response Parameters

Note

Response has Content-Type: text/html;charset=utf-8 header. All fields are x-www-form-urlencoded, with (0xA) character at the end of each parameter’s value.

Response Parameters

Description

type

The type of response. Example: process-recurring-payment-response, validation-error, error. If type equals validation-error or error, error-message and error-code parameters contain error details.

status

See Status List for details

serial-number

Unique number assigned by TopTechPay server to particular request from the Merchant

Request Example

Enter your private key in PKCS#1 container to use debug. See RSA-SHA256 for details.

POST /payment/api/v4/process-recurring-payment/ HTTP/1.1
User-Agent: curl/8.4.0
Accept: */*
Authorization: OAuth oauth_consumer_key="ErwinTestMerchant", oauth_nonce="XGsxKTfd4uiaQKOSyXkHQwKxFqLCEKRz", oauth_signature="KX7KEjFUEJo8rLJ2PvusGDlu5cxqMm%2BU%2Bn%2F1KxH18QUeZ57QghfnXyiXKCxwAr76uxMk9X10QL8YI4kuEHVmxThIomtIZML3yRLESneHNqZzlwXvTSG5o%2B7DTSdAeNGZ40PIbF4XAUzwp%2FQbpYGWBS4Yk36%2BPQbziJlsFa21gRo7e03fizxPEIYi1algEqOT5uu%2F07Yci6NsSyGGMGo4vyDhqPMLuDcaTeO%2Fzr51RfRa4jh2bT4tUriZLVrjYP0AJeHGlZdosTkqEyVAz5Q5yD67xmjUGlW4luezOWdR70wrfQ8JZ7QuXzueAb9TqyZfi%2BvCD4MrhXG299ujWUUtZ%2F8qi09p%2F7GmBiFSud7wgMjPGOC%2BijBEFIpsfiBFzd6%2FX7MBLAdTpHXrExT2C71dJysde31isAMVuIIuvXogY7YE0ZttWY1oYqcWDNSWXsUx5pQTjbBf1vyJB3CqtAFVFi6LwckqsYTAXkxfp%2B2IgFFhadEvf35XzFPv%2FEjsTqRLJuPYBa85mK9vaY7WJRtX89TjSdEPulFnz1EEFg5KHe5WxVp9GFw2XqLneqBu%2FwGAGg3NXRumBMHK3E%2Bh96cVdU5b3AkqVjS2Q36jpQtAhUIIGYyT02n4W9avhw2cHCJzErqGjALHJjkFQD1bhDRKyTm1Fqeh%2BplDaPwDKjy5EHY%3D", oauth_signature_method="RSA-SHA256", oauth_timestamp="1721316898", oauth_version="1.0"
Content-Length: 407
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive

recurring-payment-id=1492124
&amount=10
&client-orderid=1575634981130

Success Response Example

HTTP/1.1 200
Server: server
Date: Thu, 18 Jul 2024 15:35:46 GMT
Content-Type: text/html;charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 110

type=process-recurring-payment-response
&serial-number=00000000-0000-0000-0000-000002f36d8d
&status=processing

Fail Response Example

HTTP/1.1 500
Server: server
Date: Thu, 18 Jul 2024 15:39:05 GMT
Content-Length: 61
Connection: keep-alive
Keep-Alive: timeout=60
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

Internal server error [b2a06c5a-c770-4c01-b32c-e4fcb1da4cd6]

Postman Collection

Request Builder

Debug form
URL
client-orderid
Merchant login
Endpoint
recurring-payment-id
amount
order_desc
first-name
last-name
country
city
zip-code
address1
state
phone
e-mail
customer-ip
currency
purpose
birthday
ssn
notify_url
server_callback_url

Normalized parameters string to sign, according to OAuth 1.0a rules
POST body parameters to submit
OAuth 1.0a headers to submit.
HEX Encoded Signature
* HEX encoded string is for debug purposes only. You shouldn't send this string to the server neither in HEX nor in Encoded HEX representation.
Base64 Encoded Signature
* Binary RSA-SHA256 signature directly encoded in base64 should be sent to the server.