Versions Compared

Old Version 9

changes.mady.by.user PagBrasil

Saved on

compared with

New Version Current

changes.mady.by.user PagBrasil

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Please note that this URL shall only be used for integration and testing procedures. Once the Payment Service Agreement is signed, you will receive the production environment's URL when you request your account to go live.

Request parameters:

Field

Description

Required

Length

secret

Secret phrase as defined in the PagBrasil Dashboard

Yes

128

pbtoken

Token assigned to your merchant account. Your token is displayed at the PagBrasil Dashboard, menu Account > Settings.

Yes

32

order

Order number. See note "e"   

Yes

64

payment_method

X = PagBrasil Pix

Yes

1

product_name

Product name. See note "f"   

Yes

254

customer_name

Customer's full name if an individual, or "razão social" if the customer is a company. See note "g"   

Yes

128

customer_taxid

CPF if an individual, or CNPJ if the customer is a company. See note "h"   

Yes

14

customer_email

Customer's e-mail address

Yes

128

customer_phone

Customer's phone number (including the 2-digit area code)

Yes

40

address_street

Customer's street address

Yes

200

address_zip

Customer's postal code (in Brazil called CEP). Only digits, do not include the dash.

Yes

8

address_city

Customer's city

Yes

40

address_state

Customer's state. See note "i"   

Yes

2

amount_brl

Amount in Brazilian Real. See note "c"   

Yes

5

7.2

pix_expiration

Number of minutes the PagBrasil Pix is valid for (from 1 to 7200). If you don't use this parameter, our system will use the default value set at the PagBrasil Dashboard, menu Account > Settings. You may extend the expiration of an already issued PagBrasil Pix using the API function "/api/order/extend" (see item 7).

No

5

4.0

param_url

A string that can be concatenated to the URL our server posts the response to. See note "j"   

No

254

Notes:

a) All fields are required except when noted otherwise.

...

Anchor
PixNote41I
PixNote41I
i) The parameter address_state must be the official abbreviation used in Brazil. To prevent customer from entering an invalid state, please see table below to create a select object (drop-down list).

State

Abbreviation

Acre

AC

Alagoas

AL

Amapá

AP

Amazonas

AM

Bahia

BA

Ceará

CE

Distrito Federal

DF

Espírito Santo

ES

Goias

GO

Maranhão

MA

Mato Grosso

MT

Mato Grosso do Sul

MS

Minas Gerais

MG

Pará

PA

Paraíba

PB

Paraná

PR

Pernambuco

PE

Piauí

PI

Rio de Janeiro

RJ

Rio Grande do Norte

RN

Rio Grande do Sul

RS

Rondônia

RO

Roraima

RR

Santa Catarina

SC

São Paulo

SP

Sergipe

SE

Tocantins

TO

...

Anchor
PixNote41J
PixNote41J
j) The URL our server posts the response to for an "/api/order/add" call consists of a fixed and a dynamic part. The first part is defined at the PagBrasil Dashboard, menu Account > Settings. The second part is defined using param_url (optional). For example, if you define at the PagBrasil Dashboard the URL as "https://www.test.com/script.asp" and param_url as "?customer_id=12345&newsletter=yes" we will post the authorization response to: "https://www.test.com/script.asp?customer_id=12345&newsletter=yes"

...

You need to login to the PagBrasil Dashboard and specify the URL (webhook) you want PagBrasil to send the IPN (Instant Payment Notification) confirming the payment was authorized. By default we only allow outgoing connections to HTTPS URLs at standard port 443. If you plan to use a different port number in the IPN's URL please contact us requesting an exception.

PagBrasil's POST:

Field

Description

Length

secret

Secret phrase as defined in the PagBrasil Dashboard

128

payment_method

X = PagBrasil Pix

1

order

Order number

64

amount_brl

Amount in Brazilian Real

5

7.2

payment_status

A = Authorized
F = Failed
R = Rejected See note "b"   
C = Chargeback (see item 6.2)
P = Refund Processed (see item 6.2)
J = Refund rejected (see item 6.2)

1

authorization_code

Authorization code provided by the bank. Only available when payment_status = A.

32

signature

HMAC-MD5 hash that authenticates the IPN. See note "c"   

32

Notes:

a) After processing our IPN your server needs to acknowledge it has successfully received it by writing "Received successfully [timestamp]". If your server responds to our IPN with an invalid acknowledgement, our system will e-mail your technical contact a warning notification (subject "Urgent: Error posting IPN - Not Compliant"). In this case, the IPN will not be resent and you may want to resend the IPN manually at the PagBrasil Dashboard, menu IPN History, after resolving the problem at your end.

...

Please note that any IPN can be resent manually at any time at the PagBrasil Dashboard, menu IPN History.

...

Anchor
#PixNote42B#PixNote42B4.2.b
4.2.b
b) The payment status is returned as "R" (Rejected) when our fraud screening denied the transaction for security reasons – without submitting it to the Pix system.

...

Anchor
#PixNote42C#PixNote42C4.2.c
4.2.c
c) To authenticate the legitimacy of the IPN, you may check the parameter secret and/or the parameter signature, which is a HMAC-MD5 hash based on three parameters and a key defined at the PagBrasil Dashboard, menu Account > Settings. The HMAC-MD5 source string is the concatenation of the values of the parameters order, amount_brl and payment_status and the total length for these three parameters. For example, if parameter order="1234567890", amount_brl="39.50" and payment_status="P", the parameter signature would be "3093a7dffa0c04e74e827d1b52ef514e".

...