OP Online Payment - Browser flow API (1.2)

Download OpenAPI specification:Download

OP Online Payment allows merchants and payment service providers to collect e-commerce payments as credit transfers to an OP account from both OP customers and other banks' customers (add-on service). The OP Online Payment service includes the collection of payments and the making of payment status requests and payment refunds.


OP Online Payment API's documentation consists of three parts:

  • REST API: initiation of online payments, refund and status query
  • Browser flow API: initiation of the payment flow in the browser
  • Merchant callback API: an optional service for receiving notifications on the payment status changes

Browser flow API

The API initiates a customer-facing browser interface for OP Online Payment. The merchant starts the flow by doing a full-page redirect in the browser to the API url so that the customer can authenticate and confirm the payment.

OP payments are initiated with OP Payment flow, and payments with other supported banks are started with Multi-bank payment flow (OP not included).

You can get the list of supported banks from the Other bank providers endpoint in the REST API.

Displaying the UI in an iframe element is not recommended and not supported.

Note that there is no test UI available in the sandbox environment. The browser UI is short-circuited and customer (browser) is taken directly to the last step of the flow (redirect back to merchant).

The final payment status can be simulated by using the accountId values defined in the Sandbox section of the REST API.

Change log

v1.2 (03/2024)

Added

  • Code examples in C#, Java, Node.js, PHP and Python added for all endpoints.

    Changed

  • Updated API doc format from Swagger 2.0 to OpenAPI 3.0.1

v1.1.1 (07/2022)

Changed

  • Corrected redirect code

v1.1 (10/2021)

Added

  • Initial version

OP payment flow

Initiate OP payment flow in browser

This endpoint starts the OP payment process in the browser. The flow consists of the following phases:

  1. Authenticating the customer
  2. Selecting the account to pay from
  3. Confirming the payment
  4. Redirecting the customer back to the merchant’s service Note: the API uses query parameters to send the paymentOperationId and paymentOperationValidation values to the server. Please make sure that the query parameters are properly URL encoded.
Authorizations:
xApiKey
query Parameters
paymentOperationId
required
string <= 128 characters

Operation id received in the Create payment operation response

paymentOperationValidation
required
string <= 512 characters

Signature for the payment operation id received in the Create payment operation response

header Parameters
x-session-id
required
string <uuid> <= 36 characters

Unique identifier (UUID) of the session. All requests in the same session should use the same session ID. Each x-session-id and x-request-id combination can only be used once.

x-request-id
required
string <uuid> <= 36 characters

Unique identifier (UUID) of the request. Each request must have a unique request ID. Each x-session-id and x-request-id combination can only be used once.

Date
required
string

Standard HTTP Date header containing the date and time (GMT) when the request was sent (for example: Wed, 21 Oct 2019 07:28:00 GMT).

Responses

Request samples

'https://api.smn-sandbox.aws.op-palvelut.fi/customer/payment/startPaymentConfirmation?paymentOperationId=d3582ce7-f764-4f77-9155-7c150bdf95a662c87691-a46f-4076-bdf3-e5b27d660205&paymentOperationValidation=GU%2F1O9CbEnGh9RxeJf4ElK0Wab4WqdFD2FRgS8k%2F0Rk%3D'

Multibank payment flow

Initiate multibank payment flow in browser

This endpoint starts the multibank payment process in the browser. The flow consists of the following phases:

  1. Accepting OP terms for multibank service
  2. Authenticating the customer in the selected bank
  3. Selecting the account to pay from in the selected bank
  4. Confirming the payment in the selected bank
  5. Redirecting the customer back to the merchant’s service The endpoint does not provide a bank selection UI. Bank selection is done by using the bankId url path parameter when constructing the url for the Browser. OP payment flow is not supported with this endpoint. Note: the API uses query parameters to send the paymentOperationId and paymentOperationValidation values to the server. Please make sure that the query parameters are properly URL encoded.
Authorizations:
xApiKey
path Parameters
bankId
required
string <= 40 characters

Bank ID for the selected bank to initiate the payment from. Allowed bankId options are provided in the REST API

query Parameters
paymentOperationId
required
string <= 128 characters

Operation id received in the Create payment operation response

paymentOperationValidation
required
string <= 512 characters

Signature for the payment operation id received in the Create payment operation response

header Parameters
x-session-id
required
string <uuid> <= 36 characters

Unique identifier (UUID) of the session. All requests in the same session should use the same session ID. Each x-session-id and x-request-id combination can only be used once.

x-request-id
required
string <uuid> <= 36 characters

Unique identifier (UUID) of the request. Each request must have a unique request ID. Each x-session-id and x-request-id combination can only be used once.

Date
required
string

Standard HTTP Date header containing the date and time (GMT) when the request was sent (for example: Wed, 21 Oct 2019 07:28:00 GMT).

Responses

Request samples

'https://api.smn-sandbox.aws.op-palvelut.fi/customer/payment/multibank/direct/BankoEnablado/startPaymentConfirmation?paymentOperationId=d3582ce7-f764-4f77-9155-7c150bdf95a662c87691-a46f-4076-bdf3-e5b27d660205&paymentOperationValidation=GU%2F1O9CbEnGh9RxeJf4ElK0Wab4WqdFD2FRgS8k%2F0Rk%3D'