External system can handle the event notifications from SOFI. SOFI sends the event notifications as XML-document via HTTPS-request (method POST).
At the moment SOFI can send notifications about following events:
Notification XML-document for fraud-status change event has the following form:
<message>
<authorization>
<login>
outlogin
</login>
<password>
outpassword
</password>
</authorization >
<event type="AFS_CHANGED">
<payment>
<id>
Payment id
<id>
<fstatus>
Fraud-status code (see section "External system client side requirements")
</fstatus >
<reason>
Fraud-status setting reason code (see section "External system client side requirements")
</reason>
< /payment>
</event>
<message> |
Notification XML-document for merchant auto-creation event has the following form:
<message>
<authorization>
<login>
outlogin
</login>
<password>
outpassword
</password>
</authorization >
<event type="MERCHANT_AUTO_CREATE">
<merchant>
<id>
Merchant ID
<id>
<paymentId>
Payment ID which was used for auto-creation
</paymentId>
</merchant>
</event>
<message> |
The document can contain several fraud-statuses or auto-created merchants. Tag <event> contain the corresponding number of tags <payment> or <merchant>.in such cases.
Examples (XML – example of documents and DTD – file for XML creation) can be received by following addresses:
https://afs-api.paysecure.ru/doc/event.xml
https://afs-api.paysecure.ru/doc/notification.dtd
The external system may implement services to receive information about events in the SOFI for asynchronous analysis of payment check results and/or to transfer the specifying data . To do this, the external system has to use a web-server that receives HTTPS-requests from SOFI. The body of any request is a XML-document with information about the event in the SOFI. The external system Web-service must retrieve data from the XML in accordance with the structure description in the DTD and perform the necessary actions.
In case of successful request processing the service must send to SOFI the response with HTTP Response Status Code 200. If there is no connection to the service or the request handling is not succeed, the message is considered as undelivered. The next attempt will be made in some time. The number of attempts is limited
Supported services of external system for handling of SOFI notifications have to be registered in SOFI. Contact the support team and provide the data for access to web-services, SSL-certificate for SOFI authentication, URL(s) for service(s) access and types of handled events. SOFI can provide login/password in each request if it is required. Provide also login/password in this case.
To provide fault tolerance, the external system can support more than one URL for receiving information about the same event. In this case the notification will be sent to the first available service.