Technical Information

The SanctusPay process involves the merchant creating a payment intent with the API, directing the user to the HCP for secure card entry. The HCP confirms payment with the API and redirects the user back to the merchant with the transaction result.

Access HCP & Live and Test environments

SanctusPay's Hosted Checkout Page (HCP) operates in two distinct environments: Live and Test. The Live environment is used for processing real transactions with actual payment details, ensuring that all interactions are secure and reliable. On the other hand, the Test environment is designed for development and troubleshooting, allowing merchants to simulate transactions without incurring actual charges. This separation ensures that developers can verify their integration and functionality without jeopardizing real customer data or financial information.

Environments

HCP URL Variables

To access the Hosted Checkout Page (HCP) URL, it is essential to supply two specific GET parameters: client_id and intent_id.

The client_id represents the unique identifier assigned to the merchant's account, ensuring that the transaction is linked to the correct merchant. You can get this information in your api/developer section in Portal. It's also referred as "Account ID".

Meanwhile, the intent_id is the unique identifier for the , allowing the system to retrieve the correct transaction details. Utilizing these parameters correctly in the URL ensures that the SanctusPay HCP can open successfully and process the payment securely and efficiently for the intended user and transaction.

HCP Sequence Flow

Step-by-Step Explanation

1. Merchant Website → SanctusPay API: The merchant’s backend sends a POST /intents/payment request to create a new payment intent. This request typically includes information such as the merchant’s external_id, order details, and redirect URLs.

2. SanctusPay API → Merchant Website: The SanctusPay API responds with a JSON payload that includes an intent_id. This unique identifier references the newly created payment intent.

3. Merchant Website → User: With the intent_id in hand, the merchant constructs and provides the Hosted Checkout Page URL to the user. This might involve redirecting the user’s browser or displaying a link/button that includes the intent_id and the merchant account_id (also known as client_id).

4. User → Hosted Checkout Page: The user clicks on the provided link (or is automatically redirected) to the SanctusPay Hosted Checkout Page (HCP). The HCP page is responsible for securely collecting the user’s card and billing information.

5. Hosted Checkout Page → SanctusPay API: Once the user inputs their card details and confirms payment, the HPP sends the card data and confirmation to the SanctusPay API. This step initiates the actual payment authorization process.

6. SanctusPay API → Hosted Checkout Page: The SanctusPay API processes the request (e.g., checks the card, contacts the payment network, etc.) and returns the authorization result to the HPP. The result can be a success (authorized) or failure (declined or error).

7. Hosted Checkout Page → Merchant Website: Finally, the Hosted Checkout Page redirects the user back to the merchant-specified success or failure URL. This redirect typically includes parameters indicating the status of the transaction, and possibly the intent_id or a transaction reference.