4. Informing the parameters
- PagBrasil
There are two different ways of providing the information required to process the payment: setting the data in the object used by each method or including specific attributes to HTML inputs in your checkout. Below we list the methods, their parameters and the equivalent attributes if you prefer to set the values using HTML inputs.
All methods return "this" to allow chaining of methods together.
4.1. setMerchant
Parameter | Attribute | Description | Required | Length |
|---|---|---|---|---|
pbtoken | PB_pbtoken | Token assigned to your merchant account. Your token is displayed at the PagBrasil Dashboard, menu Account > Settings. | Yes | 32 |
authentication | PB_authentication | Required when payment method is Débito Flash™ (value "3DS2"). | No | 4 |
authentication_onfailure | PB_authentication_onfailure | Required when payment method is Débito Flash™ (value "false"). | No | 5 |
homolog | PB_homolog | Required when connecting to the sandbox account (value “true“). See note “q“ | No | 4 |
4.2. setCustomer
Parameter | Attribute | Description | Required | Length |
|---|---|---|---|---|
customer_name | PB_customer_name | Customer's full name if an individual, or "razão social" if the customer is a company. See note "c" | Yes | 128 |
customer_taxid | PB_customer_taxid | CPF if an individual, or CNPJ if the customer is a company. See note "d" | Yes | 14 |
customer_email | PB_customer_email | Customer's e-mail address | Yes | 128 |
customer_phone | PB_customer_phone | Customer's phone number (including the 2-digit area code) | Yes | 40 |
address_street | PB_address_street | Customer's street address | Yes | 200 |
address_zip | PB_address_zip | Customer's postal code (in Brazil called CEP). Only digits, do not include the dash. | Yes | 8 |
address_city | PB_address_city | Customer's city | Yes | 40 |
address_state | PB_address_state | Customer's state. See note "e" | Yes | 2 |
4.3. setOrder
Parameter | Attribute | Description | Required | Length |
|---|---|---|---|---|
order | PB_order | Order number. Used when executing the methods doAddOrder and doGetOrder. See note "f" | Yes | 64 |
order_token | PB_order_token | Tokenized order number. Used only when executing the method doGetOrder. | No | 80 |
product_name | PB_product_name | Product name. See note "g" | Yes | 254 |
amount_brl | PB_amount_brl | Amount in Brazilian Real | Yes | 7.2 |
param_url | PB_param_url | A string that can be included as a parameter in the PagBrasil.JS callback. It may contain any information the merchant wants to. | No | 254 |
4.4. setPayment
Parameter | Attribute | Description | Required | Length |
|---|---|---|---|---|
payment_method | PB_payment_method | C = Credit card | Yes | 1 |
bol_expiration | PB_bol_expiration | Number of days (0 - 999) the Boleto Bancário is valid for. If you don't use this parameter, our system will use the default value set at the PagBrasil Dashboard, menu Account > Settings. You may extend the expiration date of an already issued boleto using the API function "/api/order/extend" (please refer to the Boleto Bancário documentation, item 7). | No | 3.0 |
pec_expiration | PB_pec_expiration | Number of days (0 - 5) the PEC Flash® is valid for. If you don't use this parameter, our system will use the default value set at the PagBrasil Dashboard, menu Account > Settings. You may extend the expiration date of an already issued PEC Flash® using the API function "/api/order/extend" (please refer to the PEC Flash® documentation, item 7). | No | 3.0 |
cc_installments | PB_cc_installments | Number of installments. Required when payment method is credit (value "1" to "12") or Débito Flash™ (value "1"). See note "h" | No | 2 |
visitor_id | PB_visitor_id | Required when using PagShield fraud prevention service. Please refer to the PagShield documentation, available at the PagBrasil Dashboard, menu Resources. | No | 40 |
4.5. setCard
Parameter | Attribute | Description | Required | Length |
|---|---|---|---|---|
cc_prevsaved | PB_cc_prevsaved | To be used when charging a previously saved credit card on subsequent purchases. See note "i" | No | 80 |
cc_holder | PB_cc_holder | Credit card holder's name | Yes* | 30 |
cc_number | PB_cc_number | Credit card number | Yes* | 14 - 19 |
cc_expiration | PB_cc_expiration | Credit card expiration date. | Yes* | 5 |
cc_cvv | PB_cc_cvv | Card verification value (security code). | Yes* | 3 - 4 |
wallet_type | PB_wallet_type | Used only when processing Samsung Pay transactions. See note "k" | No | 2 |
wallet_payload | PB_wallet_payload | Used only when processing Samsung Pay transactions. See note "k" | No | Unlimited |
soft_descriptor | PB_soft_descriptor | Text identification that will appear on the customer's credit card statement next to the payee name (PB). See note "l" | No | 13 |
cc_save | PB_cc_save | Defines if the credit card information is stored at PagBrasil's server for future charges. This parameter must be always equal to "0" (zero) except when the customer has explicitly authorized future charges on their credit card. See note "m" | Yes | 1 |
cc_auth | PB_cc_auth | Used only for credit card transactions. | No | 1 |
Notes:
a) All fields are required except when noted otherwise.
b) If a parameter is sent with a size greater than the maximum allowed, process will not be aborted but the value will be truncated.
c) You need to let the customer selects if they are a "pessoa física" (individual) or a "pessoa jurídica" (company). If they select "pessoa física", you need to ask for their full name and CPF (see note "b"). If they select "pessoa jurídica", you need to ask for the "razão social" (official company name registered at the local tax authority) and CNPJ (see note "b").
d) There are two types of tax IDs in Brazil: CPF (used by individuals, having 11 digits) and CNPJ (used by companies, having 14 digits). PagBrasil.JS will automatically remove the separators (e.g. "123.123.123-34" to "12312312334").
You must validate the tax ID to prevent sending to PagBrasil invalid values. You will find examples of CPF/CNPJ validation routines in different languages at the PagBrasil Dashboard, menu Resources.
For testing purposes, please use CPF 91051605962 and CNPJ 78797547000157.
e) The parameter address_state must be the official abbreviation used in Brazil. To prevent customer from entering an invalid state, please see table below to create a select object (drop-down list).
State | Abbreviation |
|---|---|
Acre | AC |
Alagoas | AL |
Amapá | AP |
Amazonas | AM |
Bahia | BA |
Ceará | CE |
Distrito Federal | DF |
Espírito Santo | ES |
Goias | GO |
Maranhão | MA |
Mato Grosso | MT |
Mato Grosso do Sul | MS |
Minas Gerais | MG |
Pará | PA |
Paraíba | PB |
Paraná | PR |
Pernambuco | PE |
Piauí | PI |
Rio de Janeiro | RJ |
Rio Grande do Norte | RN |
Rio Grande do Sul | RS |
Rondônia | RO |
Roraima | RR |
Santa Catarina | SC |
São Paulo | SP |
Sergipe | SE |
Tocantins | TO |
f) The order number must be unique for a specific customer. If you try to submit two different transactions with the same order number but a different customer_taxid, PagBrasil.JS calls back with error "Duplicated order.". Our server will also respond with "Duplicated order." if you try to re-submit an order that ir already paid. If parameters order and customer_taxid are equal to a previously submitted unpaid order, the previous order will be updated with the new information provided.
Characters allowed in the parameter order (regular expression): [a-zA-Z0-9\.\-\_\/]
g) The parameter product_name must contain the name of the product or service purchased, and it is required for compliance purposes.
h) The minimum amount of a credit card installment is BRL 5. For example, a purchase amount of BRL 20 can be paid to a maximum of 4 installments. If e.g. an amount of BRL 20 is submitted to be charged in 5 installments, the transaction will always be declined by the credit card company.
i) Parameter cc_prevsaved may be used to charge a previously saved credit card. You may use it to refer to a credit card used in a previous order, or a token created using the method doAddToken (see item 5.1).
To be able to charge in the future a credit card linked to an order, set the parameter cc_save=1, and in the future order just set cc_prevsaved with the the original order number. For example, if order 123456 was submitted in the past with the parameter cc_save=1, you may charge the same customer again in the future by setting the parameter cc_prevsaved as "123456". Please note that:
If the original order number was not submitted using cc_save=1 then PagBrasil.JS will call back with error "Order not found".
If you use parameter cc_prevsaved you have to leave in blank the parameters cc_holder, cc_number, cc_expiration and cc_cvv. All other parameters must be populated as usual because information such as the customer's address and e-mail address may have changed.
Parameter cc_save is ignored when cc_prevsaved is not blank
To prevent the wrong customer from being charged, we will check if the parameter customer_taxid matches the one provided in the original order. If it doesn't match then PagBrasil.JS will call back with error "Parameter customer_taxid doesn't match the information previously saved".
IMPORTANT: The merchant using PagBrasil is contractually obliged to inform the end customer by email between 5 - 15 days before an upcoming recurring payment charge. Therefore the implementation of such an automated email must be an integral part of the recurring payment implementation.
Brand | Code | CC Length | CVV Length | Sample |
|---|---|---|---|---|
Mastercard | M | 16 | 3 | 5555666677778884 |
Visa | V | 16 | 3 | 4984123412341234 |
Diners | D | 14 | 3 | 30111122223331 |
Amex | A | 15 | 4 | 376411112222331 |
Hipercard | H | 16 | 3 | 6062111122223339 |
Elo | E | 16 | 3 | 6362970000457013 |
k) To process a Samsung Pay payment, please set parameter wallet_type="SP". You will also need to send us the parameter wallet_payload with the payload returned by Samsung Pay (entire JSON response). Credit card details will be decrypted from the wallet_payload, thus you will not submit parameters cc_holder, cc_number, cc_expiration and cc_cvv.
Please contact us to enable Samsung Pay in your account.
l) By default a transaction is shown on the customer's credit card statement as "PB*XXXXXXX".
"PB" is what is called the hard descriptor (cannot be changed).
"XXXXXXX" is the soft descriptor (customizable).
The soft_descriptor parameter accepts letters, digits and spaces (regular expression [a-zA-Z0-9\s]). The string is truncated to the maximum allowable length of 13 characters. When receiving the parameter soft_descriptor with invalid characters, we will accept it but remove those characters from the string. When this parameter is blank, it is replaced by the default soft descriptor defined in the PagBrasil Dashboard. If there's no default soft descriptor defined in the dashboard, this parameter is replaced by the merchant commercial name.
m) When parameter cc_save is set to "1" our server will allow the merchant to charge the same credit card again in the future without needing to inform parameters cc_holder, cc_number, cc_expiration and cc_cvv. To define cc_save=1 you need to have the customer explicitly authorized you to process recurring payments using their credit card. To charge a previously saved credit card please use the parameter cc_prevsaved. To delete a previously saved credit card please refer to the credit card documentation, item 7. Recurring payments are disabled by default. If you want to use the parameter cc_save for recurring payments, please contact PagBrasil for further information. Please note that when the order is not successfully authorized cc_save will not be applied. That prevents invalid credit card information from being stored.
n) Please find below information on each cc_auth value.
cc_auth=0 (or blank) - Authorize and capture a transaction immediately.
cc_auth=1 - Authorize a transaction, but don't capture it now. The amount set at amount_brl will be held on the customer's credit card for later confirmation. Pre-authorizations will be held for 14 days.
cc_auth=2 - Capture a previously authorized transaction. When this option is used the parameter order needs to be populated with the order number of the transaction that was pre-authorized beforehand using cc_auth=1. The order can't be older than 14 days. The amount to be captured defined at parameter amount_brl needs to be lower than or equal to the amount previously authorized. When setting cc_auth=2 the only parameters that you should submit are pbtoken, order, payment_method, amount_brl and cc_auth.
Examples of parameters order, amount_brl and cc_auth for 3 types of scenarios:
Charge BRL 100 to a credit card:
order=test1
amount_brl=100
cc_auth=0Pre-authorize BRL 100 and then later capture (charge) the full amount:
Step 1:
order=test2
amount_brl=100
cc_auth=1Step 2: (up to 14 days later than Step 1)
order=test2
amount_brl=100
cc_auth=2Pre-authorize BRL 100 and then later charge only BRL 75 (partial capture):
Step 1:
order=test3
amount_brl=100
cc_auth=1Step 2: (up to 14 days later than Step 1)
order=test3
amount_brl=75
cc_auth=2
p) To emulate a successful payment, please refer to the documentation of each specific payment method available.
q) To connect to the sandbox account, ensure to modify the setMerchant() method by adding the parameter "homolog": true. Please find the sample below.
Sandbox environment:
$PB.setMerchant({
"pbtoken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"homolog": true
});Production environment:
$PB.setMerchant({
"pbtoken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
});
CONFIDENTIAL