OP Online Payment - Browser flow API (1.2)
Download OpenAPI specification:Download
OP Online Payment allows merchants and payment service providers to collect e-commerce payments as credit transfers to an OP account from both OP customers and other banks' customers (add-on service). The OP Online Payment service includes the collection of payments and the making of payment status requests and payment refunds.
OP Online Payment API's documentation consists of three parts:
- REST API: initiation of online payments, refund and status query
- Browser flow API: initiation of the payment flow in the browser
- Merchant callback API: an optional service for receiving notifications on the payment status changes
The API initiates a customer-facing browser interface for OP Online Payment. The merchant starts the flow by doing a full-page redirect in the browser to the API url so that the customer can authenticate and confirm the payment.
OP payments are initiated with OP Payment flow, and payments with other supported banks are started with Multi-bank payment flow (OP not included).
You can get the list of supported banks from the Other bank providers endpoint in the REST API.
Displaying the UI in an iframe element is not recommended and not supported.
Note that there is no test UI available in the sandbox environment. The browser UI is short-circuited and customer (browser) is taken directly to the last step of the flow (redirect back to merchant).
The final payment status can be simulated by using the accountId
values
defined in the
Sandbox
section of the REST
API.
v1.2 (03/2024)
Added
- Code examples in C#, Java, Node.js, PHP and Python added for all endpoints.
Changed
- Updated API doc format from Swagger 2.0 to OpenAPI 3.0.1
v1.1.1 (07/2022)
Changed
- Corrected redirect code
v1.1 (10/2021)
Added
- Initial version
Initiate OP payment flow in browser
This endpoint starts the OP payment process in the browser. The flow consists of the following phases:
- Authenticating the customer
- Selecting the account to pay from
- Confirming the payment
- Redirecting the customer back to the merchant’s service
Note: the API uses query parameters to send the
paymentOperationId
andpaymentOperationValidation
values to the server. Please make sure that the query parameters are properly URL encoded.
Authorizations:
query Parameters
paymentOperationId required | string <= 128 characters Operation id received in the Create payment operation response |
paymentOperationValidation required | string <= 512 characters Signature for the payment operation id received in the Create payment operation response |
header Parameters
x-session-id required | string <uuid> <= 36 characters Unique identifier (UUID) of the session. All requests in the same session should use the same session ID. Each x-session-id and x-request-id combination can only be used once. |
x-request-id required | string <uuid> <= 36 characters Unique identifier (UUID) of the request. Each request must have a unique request ID. Each x-session-id and x-request-id combination can only be used once. |
Date required | string Standard HTTP Date header containing the date and time (GMT) when the request was sent (for example: Wed, 21 Oct 2019 07:28:00 GMT). |
Responses
Request samples
- Example URL (for Browser)
- C#
- Java
- Node.js
- PHP
- Python
- CURL
'https://api.smn-sandbox.aws.op-palvelut.fi/customer/payment/startPaymentConfirmation?paymentOperationId=d3582ce7-f764-4f77-9155-7c150bdf95a662c87691-a46f-4076-bdf3-e5b27d660205&paymentOperationValidation=GU%2F1O9CbEnGh9RxeJf4ElK0Wab4WqdFD2FRgS8k%2F0Rk%3D'
Initiate multibank payment flow in browser
This endpoint starts the multibank payment process in the browser. The flow consists of the following phases:
- Accepting OP terms for multibank service
- Authenticating the customer in the selected bank
- Selecting the account to pay from in the selected bank
- Confirming the payment in the selected bank
- Redirecting the customer back to the merchant’s service
The endpoint does not provide a bank selection UI. Bank selection is done by using the
bankId
url path parameter when constructing the url for the Browser. OP payment flow is not supported with this endpoint. Note: the API uses query parameters to send thepaymentOperationId
andpaymentOperationValidation
values to the server. Please make sure that the query parameters are properly URL encoded.
Authorizations:
path Parameters
bankId required | string <= 40 characters Bank ID for the selected bank to initiate the payment from. Allowed bankId options are provided in the REST API |
query Parameters
paymentOperationId required | string <= 128 characters Operation id received in the Create payment operation response |
paymentOperationValidation required | string <= 512 characters Signature for the payment operation id received in the Create payment operation response |
header Parameters
x-session-id required | string <uuid> <= 36 characters Unique identifier (UUID) of the session. All requests in the same session should use the same session ID. Each x-session-id and x-request-id combination can only be used once. |
x-request-id required | string <uuid> <= 36 characters Unique identifier (UUID) of the request. Each request must have a unique request ID. Each x-session-id and x-request-id combination can only be used once. |
Date required | string Standard HTTP Date header containing the date and time (GMT) when the request was sent (for example: Wed, 21 Oct 2019 07:28:00 GMT). |
Responses
Request samples
- Example URL (for Browser)
- C#
- Java
- Node.js
- PHP
- Python
- CURL
'https://api.smn-sandbox.aws.op-palvelut.fi/customer/payment/multibank/direct/BankoEnablado/startPaymentConfirmation?paymentOperationId=d3582ce7-f764-4f77-9155-7c150bdf95a662c87691-a46f-4076-bdf3-e5b27d660205&paymentOperationValidation=GU%2F1O9CbEnGh9RxeJf4ElK0Wab4WqdFD2FRgS8k%2F0Rk%3D'