{"openapi":"3.1.0","info":{"title":"imoje FRONT API","version":"1.1.0","description":"# Technical documentation for integration with the imoje payment gateway\n# Introduction\n\nInstructions for integration using the FRONT API with the imoje payment gateway. The assumption behind this integration is that queries are handled on the user's browser side. If you want to handle communication with imoje on the server side, please refer to our [RESTful API](https://bump.sh/pgw/doc/imoje-api-en/) integration.\n\n## Data required for integration\n\n* `Merchant ID`\n* `Shop ID`\n* `Shop key` \n* `Authorisation token`\n\n## Where to find data for integration\n\nAfter logging into the [imoje administration panel](https://imoje.ing.pl), go to the `Shops` tab, select the appropriate shop and go to its `Details`. Then go to the `Data for integration` tab. Here you will find: `Merchant ID`, `Shop ID`, `Shop key` and `Authorisation token`. \n\n\u003e [Administration panel](https://sandbox.imoje.ing.pl) for the sandbox test environment\n\n## Contact\n\nEmail address: kontakt.tech@imoje.pl \nTel: +48 32 319 35 70 \n","contact":{"name":"Wsparcie techniczne","email":"kontakt.tech@imoje.pl"}},"x-externalLinks":[{"label":"imoje","url":"https://www.ing.pl/bramka-platnicza-imoje"}],"servers":[{"url":"https://paywall.imoje.pl","description":"Production environment"},{"url":"https://sandbox.paywall.imoje.pl","description":"Test environment"}],"x-topics":[{"title":"Creating a payment","content":"To create a payment in imoje, send a POST or GET request to {[server](#doc-servers)}`/payment` with the following parameters.\n\nA signature is used to authorise the request, which must also be included in the request. You can find out how to calculate the signature [here](#topic-authorisation).\n\n## Request parameters\n\n| Parameter | Type | Required parameter | Description |\n|---------------------|--------------|--------------------|----------------|\n| `serviceId` | string(36) | `YES` | Customer store ID as `UUID v4` |\n| `merchantId` | string(20) | `YES` | Customer ID |\n| `amount` | string | `YES` | Amount of transaction in pennies |\n| `currency` | string(3) | `YES` | Currency `ISO 4217`|\n| `orderId` | string(100) | `YES` | order ID, \u003cbr\u003e **available characters:** A-Za-z0-9#_-./ space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters) |\n| `customerFirstName` | string(100) | `YES` | first name of the person placing the order, \u003cbr\u003e **available characters:** A-Za-z0-9-,. space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters), 0400 - 04FF (Cyrillic script) |\n| `customerLastName` | string(100) | `YES` | surname of the person placing the order, \u003cbr\u003e **available characters:** A-Za-z0-9-,. space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters), 0400 - 04FF (Cyrillic script) |\n| `signature` | string | `YES` | [Calculated signature](#topic-authorisation) |\n| `customerEmail` | string(200) | `NO` | E-mail address in the format compliant with RFC 5322 and RFC 6531 |\n| `customerPhone` | string(20) | `NO` | telephone number of the person placing the order, \u003cbr\u003e **available characters:** -+0-9 and space. \u003cbr\u003e The value of the parameter can be up to 20 characters |\n| `orderDescription` | string(255) | `NO` | title of transaction, \u003cbr\u003e **available characters:** A-Za-z0-9#\u0026_-,.\\/ space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters) |\n| `additionalDescription` | string | `NO` | Details of products or services ordered |\n| `urlSuccess` | string(300) | `NO` | URL the user will be redirected to after a successfully completed transaction. \u003cbr\u003e The address must comply with the `RFC 3986` standard and contain a host. \u003cbr\u003e The domain name cannot be absolute (FQDN). |\n| `urlFailure` | string(300) | `NO` | URL the user will be redirected to after an incorrectly completed transaction. \u003cbr\u003e The address must comply with the `RFC 3986` standard and contain a host. \u003cbr\u003e The domain name cannot be absolute (FQDN). |\n| `urlReturn` | string(300) | `NO` | URL the user will be redirected to after the completion of transaction. \u003cbr\u003e The address must comply with the `RFC 3986` standard and contain a host. \u003cbr\u003e The domain name cannot be absolute (FQDN). |\n| `urlNotification` | string(300) | `NO` | Dynamic notification address, possibility to set a specific address for a single transaction. |\n| `visibleMethod` | string | `NO` | payment methods to display at payment gateway. \u003cbr\u003e **Available values**: \u003cbr\u003e `card` \u003cbr\u003e `wallet` \u003cbr\u003e `pbl` \u003cbr\u003e `blik` \u003cbr\u003e `imoje_paylater` \u003cbr\u003e `wt` \u003cbr\u003e `lease`\u003cbr\u003e If this field is not inserted or is empty, all payment methods enabled in the store will be displayed. \u003cbr\u003e Every payment method must be separated by coma (e.g. *card,pbl*) |\n| `validTo` | string | `NO` | Payment link expiration date as timestamp in seconds. \u003cbr\u003e Failure to process the payment by that time will result in its cancellation. \u003cbr\u003e If it is not transferred, the payment link is valid until the time set in the \"Payment activity:\" parameter on the imoje Administration Panel (store settings) or until the expiry of 15 months. \u003cbr\u003e Passing the parameter `validTo` =` NULL` causes that the payment link will not expire without the settings in the parameter \"Payment activity:\" on the imoje Administration Panel (store settings). \u003cbr\u003e **Minimum** validity time is **60 seconds.** |\n| `preselectMethodCode`| string(20) | `NO` | Payment channel set as default and automatically selected when the payment gateway is opened. \u003cbr\u003e If this field is not present, the gateway opens without the selected payment channel selected. \u003cbr\u003e The field cannot be defined and left without a value. |\n| `billing` | string | `NO` | Billing details - see the table below |\n| `shipping` | string | `NO` | Delivery data - see the table below |\n| `isKsef` | string | `NO` | Generate KSeF payment identifier (IPKSeF). \u003cbr\u003e **Available characters:** `1` - yes, `0` - no | \n\n**Parameters for the `billing` array:** \n\n| Parameter | Type | Required parameter | Description |\n|---------------------|-------------|-------------------|-------------------|\n| `firstName` | string(100) | `YES` | First name of the customer, \u003cbr\u003e **available characters:** A-Za-z0-9#\u0026_-\"',.\\/ space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters), 0400 - 04FF (Cyrillic script) |\n| `lastName` | string(100) | `YES` | Last name of the customer, \u003cbr\u003e **available characters:** A-Za-z0-9#\u0026_-\"',.\\/ space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters), 0400 - 04FF (Cyrillic script) |\n| `company` | string(200) | `NO` | Company name, \u003cbr\u003e **available characters:** A-Za-z0-9 and space (0x20) |\n| `street` | string(200) | `NO` | Street, \u003cbr\u003e **available characters:** A-Za-z0-9 and space (0x20) |\n| `city` | string(100) | `NO` | City, \u003cbr\u003e **available characters:** A-Za-z0-9 and space (0x20) |\n| `region` | string(100) | `NO` | State, \u003cbr\u003e **available characters:** A-Za-z0-9 and space (0x20) |\n| `postalCode` | string(30) | `NO` | Postal code |\n| `countryCodeAlpha2` | string(20) | `NO` | `Alpha2` country code |\n| `taxId` | string(12) | `NO` | Tax number |\n\n**Parameters for the `shipping` array:** \n\n| Parameter | Type | Required parameter | Description |\n|---------------------|-------------|-------------------|-------------------|\n| `firstName` | string(100) | `YES` | First name of the customer, \u003cbr\u003e **available characters:** A-Za-z0-9#\u0026_-\"',.\\/ space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters), 0400 - 04FF (Cyrillic script) |\n| `lastName` | string(100) | `YES` | Last name of the customer, \u003cbr\u003e **available characters:** A-Za-z0-9#\u0026_-\"',.\\/ space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters), 0400 - 04FF (Cyrillic script) |\n| `company` | string(200) | `NO` | Company name, \u003cbr\u003e **available characters:** A-Za-z0-9 and space (0x20) |\n| `street` | string(200) | `NO` | Street, \u003cbr\u003e **available characters:** A-Za-z0-9 and space (0x20) |\n| `city` | string(100) | `NO` | City, \u003cbr\u003e **available characters:** A-Za-z0-9 and space (0x20) |\n| `region` | string(100) | `NO` | State, \u003cbr\u003e **available characters:** A-Za-z0-9 and space (0x20) |\n| `postalCode` | string(30) | `NO` | Postal code |\n| `countryCodeAlpha2` | string(2) | `NO` | `Alpha2` country code |\n\n## Example request as an HTML form\n\n```html\n\u003cinput type=\"hidden\" value=\"63f574ed-d90d-4abe-9cs1-39117584a7b7\" name=\"serviceId\"\u003e\n\u003cinput type=\"hidden\" value=\"6yt3gjtm9p1odfgx8491\" name=\"merchantId\"\u003e\n\u003cinput type=\"hidden\" value=\"100\" name=\"amount\"\u003e\n\u003cinput type=\"hidden\" value=\"PLN\" name=\"currency\"\u003e\n\u003cinput type=\"hidden\" value=\"yourOrderId\" name=\"orderId\"\u003e\n\u003cinput type=\"hidden\" value=\"yourDescription\" name=\"orderDescription\"\u003e\n\u003cinput type=\"hidden\" value=\"John\" name=\"customerFirstName\"\u003e\n\u003cinput type=\"hidden\" value=\"Doe\" name=\"customerLastName\"\u003e\n\u003cinput type=\"hidden\" value=\"johndoe@domain.com\" name=\"customerEmail\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/success\" name=\"urlSuccess\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/failure\" name=\"urlFailure\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/return\" name=\"urlReturn\"\u003e\n\u003cinput type=\"hidden\" value=\"cd5024f5ce5e6ff47990fe60572758fbcbcd6e3c04895d6815932b2d14e04ffd;sha256\" name=\"signature\"\u003e\n```\n\u003e info\n\u003e**Each unpaid link will automatically expire 15 months after its creation date. If you want it to expire sooner, use the `validTo` parameter.**\n"},{"title":"Authorisation","content":"In order to authorise payments you need signature, which is calculated as follows:\n\n1. Sort alphabetically, in ascending order, by order parameters.\n2. Combine the parameters as follows: `parameter1=value1\u0026parameter2=value2...parameterN=valueN`. Save the result to a variable (hereinafter referred to as `body`).\n3. Calculate the signature using the `sha224`, `sha256`, `sha384` or `sha512` hashing method, e.g. `sha256(body + serviceKey`. Save the hashing result to a variable (hereinafter referred to as `signature`).\n4. Add the hashing method used after a semicolon to the calculated signature: `signature + “;sha256”`.\n\n## Example of signature calculation\n\n```php\n/**\n* @param array $orderData\n* @param string $serviceKey\n* @param string $hashMethod\n*\n* @return string\n*/\nfunction createSignature($orderData, $serviceKey, $hashMethod)\n{\n $data = prepareData($orderData);\n\n return hash($hashMethod, $data . $serviceKey);\n}\n\n/**\n* @param array $data\n* @param string $prefix\n*\n* @return string\n*/\nfunction prepareData(\n $data,\n $prefix = ''\n) {\n ksort($data);\n $hashData = [];\n foreach($data as $key =\u003e $value) {\n if($prefix) {\n $key = $prefix . '[' . $key . ']';\n }\n if(is_array($value)) {\n $hashData[] = prepareData($value, $key);\n } else {\n $hashData[] = $key . '=' . $value;\n }\n }\n\n return implode('\u0026', $hashData);\n}\n\n$hashMethod = 'sha256';\n\n$serviceKey = 'eAyhFLuHgwl5hu-32GM8QVlCVMWRU0dGjH1c';\n\n$fields = [\n'merchantId' =\u003e '6yt3gjtm9p1odfgx8491',\n 'serviceId' =\u003e '63f574ed-d90d-4abe-9cs1-39117584a7b',\n 'amount' =\u003e '300',\n 'currency' =\u003e 'PLN',\n 'orderId' =\u003e '123',\n 'orderDescription' =\u003e 'Example transaction',\n 'customerFirstName' =\u003e 'John',\n 'customerLastName' =\u003e 'Doe',\n 'customerEmail' =\u003e 'johndoe@domain.com',\n 'customerPhone' =\u003e '501501501',\n 'urlSuccess' =\u003e 'https://your-shop.com/success',\n 'urlFailure' =\u003e 'https://your-shop.com/failure',\n 'urlReturn' =\u003e 'https://your-shop.com/return',\n];\n$result = createSignature($fields, $serviceKey, $hashMethod) . ';' . $hashMethod;\n```\n"},{"title":"Language on the payment gateway","content":"By default, the imoje payment gateway detects the language based on your browser settings. This behaviour is only possible with the basic request address: \n\n```\nhttps://paywall.imoje.pl/payment\n```\n\nTo force the imoje payment gateway to be displayed in a specific language, modify the base address by adding a value corresponding to the language in question.: \n\n```\nhttps://paywall.imoje.pl/[lang]/payment\n```\nwhere:\n\n| Parameter | Type | Description |\n|-------------|-------------|------------------------|\n| `lang` | string(2) | Location of the payer, determines the communication language of the Payment Gateway to the Payer - Paywall, E-mails and Statuses. \u003cbr\u003e **Available values**: `pl`, `en`, `cs`, `de`, `es`, `fr`, `it`, `lt`, `ru`, `sk`, `sl`, `uk`, `nl`, `hu`, `ro` |\n\n# Example\n\n```\nhttps://paywall.imoje.pl/en/payment\n```\n"},{"title":"Displaying selected payment methods on the payment gateway","content":"In imoje, it is possible to display only selected payment methods to the payer. To the standard request creating a transaction from the [Create payment](#topic-create-payment) point, add the `visibleMethod` parameter with at least one of the following values:\n\n| Name | Parameter value | Description |\n|----------|-------------|------------------------|\n| Payment cards | `card` | Card payment: `Visa`, `MasterCard`|\n| Electronic wallets | `wallet` | Electronic wallet payment: `Apple Pay`, `Google Pay`, `Visa Mobile`, `PayPal`|\n| Online transfer | `pbl` | Online transfer payment|\n| BLIK | `blik` | BLIK payment|\n| Deferred payments | `imoje_paylater` | imoje pay later payments: `Twisto`, `PayPo`, `PragmaGO`, `Blik pay later`|\n| Leasing online | `lease` | Payment ING Lease Now|\n| Traditional transfer | `wt` | Payment by traditional transfer|\n| imoje installments | `imoje_installments` | Payment in installments |\n\n\u003e info\n\u003e **Important!** For `PayPal` payments to function correctly, do not delete URLs in webhooks. If you change your integration keys in PayPal, you must also update them in the imoje administration panel.\n"},{"title":"Notifications","content":"For the correct configuration of notification sending, enter the appropriate notification URL in the imoje administration panel. \n\nTo add an address, log in to the imoje panel, go to the `Shops` tab, select the shop where the integration is performed, and click on `Details`. Then go to the `Integration data` section and edit the `Notification address` field.\n\n\u003e info\n\u003e Notifications are sent from IP addresses in the following ranges:\n**5.196.116.32/28**,\n**51.195.95.0/28**,\n**54.37.185.64/28**,\n**54.37.185.80/28**,\n**147.135.151.16/28**\n\n\u003e info\n\u003e Notifications are sent to the default HTTP (80) and HTTPS (443) ports.\n\nWhen the transaction status changes, imoje servers send notifications to the URL specified in the administration panel.\nThe merchant's server (e.g. shop) is required to respond with status `200 OK` with body `{'status':'ok'}`, which will indicate that the notification has been correctly received and processed by the merchant's server.\nNotifications are sent in the following cycle:\n\n* 3 times every 10 seconds, then\n* 5 times every 5 minutes, then\n* 5 times every 60 minutes, then\n* 5 times every 360 minutes, then\n* 5 times every 720 minutes.\n\n\u003e info\n\u003e If the merchant's server returns a 200 OK status, or the notification is not received by the end of the entire cycle, imoje servers will stop resending the notification.\n\nIf **two identical notifications** are received from imoje servers, the first one should be handled in accordance with the section [notification signature verification method](#topic-notifications#topic-notification-signature-verification-method), while the second one (duplicate) should be **ignored**.\n\nThe notification may consist of the following objects:\n\n- `transaction` - contains information about the transaction if it was created after the payer selected the payment method\n- `payment` - contains information about the payment link created\n- `action` - contains information about the data used to redirect to the external bank website\n- `paymentProfile` - contains information about the created Oneclick/Recurring card profile\n\n\u003e info\n\u003e The `payment` object will be the only object sent when the payment link expires or is manually cancelled.\n\n## Notification parameters\n\n#### Parameters for the `transaction` object:\n\n| Parameter | Type | Description |\n|------------------------|-------------|-------------------------------------------------------|\n| `id` | string(36) | Transaction identifier `UUID v4` |\n| `type` | string | Type of transaction, **allowed values**: `sale`, `refund` |\n| `status` | string | Transaction status, **allowed values**: `new`, `pending`, `settled`, `cancelled`, `rejected` |\n| `source` | string | Transaction source, **allowed values**: `api`, `web` |\n| `created` | integer(10) | Transaction creation date |\n| `modified` | integer(10) | Transaction modification date |\n| `notificationUrl` | varchar(300)| Notification address |\n| `serviceId` | string(36) | Service identifier `UUID v4` |\n| `amount` | integer(9) | Transaction amount, **maximum value**: 999999999 |\n| `currency` | string(3) | Transaction currency in `ISO 4217` |\n| `title` | string(255) | Order title, **allowed characters**: A-Za-z0-9#\u0026_-\"',./ and space character(0x20) and characters in the UNICODE range 00C0 - 02C0 (including Polish diacritics) |\n| `orderId` | string(100) | Order number, **allowed characters**: A-Za-z0-9#_-./ and space character(0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritics) |\n| `paymentMethod` | string | Order fulfilment method |\n| `paymentMethodCode` | string | Indication of payment channel |\n| `statusCode` | string(24) | Card transaction status code |\n| `statusCodeDescription`| string(113) | Card transaction status code description |\n\n\u003cbr\u003e\n#### Parameters for the `payment` object:\n\n| Parameter | Type | Description |\n|------------------------|-------------|-------------------------------------------------------|\n| `id` | string(36) | Order identifier `UUID v4` |\n| `title` | string(255) | Order title, **allowed characters**: A-Za-z0-9#\u0026_-\"',./ and space character(0x20) and characters in the UNICODE range 00C0 - 02C0 (including Polish diacritics) |\n| `amount` | integer(9) | Order amount, **maximum value**: 999999999 |\n| `status` | string | Order status, **allowed values**: `new`, `pending`, `settled`, `cancelled`, `rejected` |\n| `created` | integer(10) | Order creation date |\n| `orderId` | string(100) | Order number, **allowed characters**: A-Za-z0-9#_-./ and space character(0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritics) |\n| `currency` | string(3) | Order currency in `ISO 4217` |\n| `modified` | integer(10) | Order modification date |\n| `serviceId` | string(36) | Service identifier `UUID v4` |\n| `notificationUrl` | varchar(300)| Notification address |\n| `ipksef` | string | KSeF payment identifier |\n\n\u003cbr\u003e\n#### Parameters for the `action` object:\n\n| Parameter | Type | Description |\n|------------------------|-------------|-------------------------------------------------------|\n| `type` | string | Redirection type, **allowed values**: `redirect`, `transfer` |\n| `url` | string(2083)| Redirection address |\n| `method` | string | Redirection method, **allowed values**: `POST`, `GET` |\n| `contentType` | varchar(100)| Data format type |\n| `contentBodyRaw` | text | Redirection parameters |\n| `ban` | string(26) | Bank account number, **returned for Wire Transfer payment method** |\n\n\u003cbr\u003e\n#### Parameters for the `paymentProfile` object:\n\n| Parameter | Type | Description |\n|------------------------|-------------|-------------------------------------------------------|\n| `id` | string(36) | Profile identifier as `UUID v4` |\n| `merchantMid` | string(20) | Merchant identifier |\n| `merchantCustomerId` | string(36) | Customer identifier, **allowed values**: A-Za-z0-9 and dash (0x2D) |\n| `firstName` | string(100) | Customer first name, **allowed values**: A-Za-z0-9#\u0026_-\"',./ and space character(0x20) and characters in the UNICODE range 00C0 - 02C0 (including Polish diacritics) |\n| `lastName` | string(100) | Customer last name, **allowed values**: A-Za-z0-9#\u0026_-\"',./ and space character(0x20) and characters in the UNICODE range 00C0 - 02C0 (including Polish diacritics) |\n| `maskedNumber` | string(16) | Masked customer card number |\n| `month` | string(2) | Card validity - month |\n| `year` | string(4) | Card validity - year |\n| `organization` | varchar(30) | Customer card organization |\n| `isActive` | integer(1) | Oneclick/Recurring profile activity, **allowed values**: `1` (active), `0` (inactive) |\n| `profile` | string | Customer profile type, **allowed values**: `oneclick`, `recurring` |\n| `statusCode` | string(24) | Oneclick/Recurring transaction status code |\n| `statusCodeDescription`| string(113) | Oneclick/Recurring transaction status code description |\n\n## Example content of the notification BODY\n\n```json\n{\n \"transaction\": {\n \"id\": \"07938437-cae3-4d46-877d-e1b9d6e6c58f\",\n \"type\": \"sale\",\n \"status\": \"pending\",\n \"source\": \"api\",\n \"created\": 1666339083,\n \"modified\": 1666339083,\n \"notificationUrl\": \"https://yourshopdomain.com/notification\",\n \"serviceId\": \"a33f331b-23fc-42b0-9fd1-67f310028b46\",\n \"amount\": 1000,\n \"currency\": \"PLN\",\n \"title\": \"yourTitle\",\n \"orderId\": \"yourOrderId\",\n \"paymentMethod\": \"pbl\",\n \"paymentMethodCode\": \"ipko\"\n },\n \"payment\": {\n \"id\": \"07980a69-a884-46f7-ad16-216c88a13b98\",\n \"title\": \"yourTitle\",\n \"amount\": 100,\n \"status\": \"pending\",\n \"created\": 1666339083,\n \"orderId\": \"yourOrderId\",\n \"currency\": \"PLN\",\n \"modified\": 1666339083,\n \"serviceId\": \"a33f331b-23fc-42b0-9fd1-67f310028b46\",\n \"notificationUrl\": \"https://yourshopdomain.com/notification\"\n },\n \"action\": {\n \"type\": \"redirect\",\n \"url\": \"https://paywall.imoje.pl/07980a69-a884-46f7-ad16-216c88a13b98\",\n \"method\": \"GET\",\n \"contentType\": \"\",\n \"contentBodyRaw\": \"\"\n }\n}\n``` \n\n## Notification header content\n\nAdditionally, the following parameters are included in HTTP headers:\n\n```json\nAccept: \"text/plain\",\nUser-Agent: \"imoje\",\nContent-Type: \"application/json; charset=UTF-8\",\nX-Imoje-Signature: \"merchantid={merchantid};serviceid={serviceid};signature={signature};alg={alg}\"\n```\n\nwhere:\n* `merchantid` - customer ID\n* `serviceid` - shop ID\n* `signature` - notification signature\n* `alg` - hash function algorithm, **acceptable values**: `sha224`, `sha256`, `sha384`, `sha512`\n\n#### Example of an X-Imoje-Signature header\n\n```json\nX-Imoje-Signature: \"merchantid=6yt3gjtm9p7b8h9xsdqz;serviceid=63f574ed-d4ad-407e-9981-39ed7584a7b7;signature=20cdc8646eb268ea754842bdf0db1df21a2cf0b1c6e3e16e74ef7f7cca8f5450;alg=sha256\"\n```\n\n## Notification signature verification method\n\nVerification of the notification signature is a critical element of authenticating the information sent in the notification package.\n\nThe header containing the notification signature has the following form:\n\n```\nX-Imoje-Signature: merchantid=[...];serviceid=[...];signature=[...];alg=[...]\n```\n\nTo authenticate the origin and verify the integrity of the notification message, perform the following steps:\n\n1. From the headers of the incoming package to the notification address, retrieve the content of `X-IMoje-Signature`.\n2. Then retrieve the values of the `signature` and `alg` parameters.\n3. Depending on the hash function algorithm specified in the `alg` parameter, calculate the appropriate hash function:\n\n ```\n string incoming_signature = x_imoje_signature[signature]\n string body = notification_body\n string own_signature = hash(body + service_key, alg)\n ``` \n\n4. The calculated value of `own_signature` should be compared with the value of `incoming_signature`, which was retrieved from the header.\n5. If the values of `own_signature` and `incoming_signature` are identical, it means that the notification message is valid and comes from a trusted source.\n\n\u003e info\n\u003e Transaction statuses should only be changed once the signature has been successfully verified.\n\n### Example of notification signature verification\n\n1. The header contains the imoje signature:\n\n ```\n X-Imoje-Signature: merchantid=mdy7zxvxudgarxbsou9n;serviceid=a33f331b-23fc-42b0-9fd1-67f310028b46;signature=b73321c9e8bcc414b8c08198db4084dafb1b4dc252f512ffe71b1fbce857fd23;alg=sha256\n ```\n\n2. In the notification package, you receive `JSON`:\n\n```json\n{\n \"transaction\": {\n \"id\": \"07938437-cae3-4d46-877d-e1b9d6e6c58f\",\n \"type\": \"sale\",\n \"status\": \"pending\",\n \"source\": \"api\",\n \"created\": 1666339083,\n \"modified\": 1666339083,\n \"notificationUrl\": \"https://yourshopdomain.com/notification\",\n \"serviceId\": \"a33f331b-23fc-42b0-9fd1-67f310028b46\",\n \"amount\": 100,\n \"currency\": \"PLN\",\n \"title\": \"yourTitle\",\n \"orderId\": \"yourOrderId\",\n \"paymentMethod\": \"pbl\",\n \"paymentMethodCode\": \"ipko\"\n },\n \"payment\": {\n \"id\": \"07980a69-a884-46f7-ad16-216c88a13b98\",\n \"title\": \"yourTitle\",\n \"amount\": 100,\n \"status\": \"pending\",\n \"created\": 1666339083,\n \"orderId\": \"yourOrderId\",\n \"currency\": \"PLN\",\n \"modified\": 1666339083,\n \"serviceId\": \"a33f331b-23fc-42b0-9fd1-67f310028b46\",\n \"notificationUrl\": \"https://yourshopdomain.com/notification\"\n },\n \"action\": {\n \"type\": \"redirect\",\n \"url\": \"https://paywall.imoje.pl/07980a69-a884-46f7-ad16-216c88a13b98\",\n \"method\": \"GET\",\n \"contentType\": \"\",\n \"contentBodyRaw\": \"\"\n }\n}\n```\n\n1. Calculate the signature:\n\n `service_key`:PIcMy86ssE5wuNHAuQn5zPKf6hCAwX3Oxvjw\n\n `own_signature = sha256(body + service_key)`\n\n `own_signature`:b73321c9e8bcc414b8c08198db4084dafb1b4dc252f512ffe71b1fbce857fd23\n\n2. Compare the calculated signature with the one received in the notification header:\n\n```javascript\nconst crypto = require('crypto')\nlet body = \"{...}\";\nlet headerSignature = \"b73321c9e8bcc414b8c08198db4084dafb1b4dc252f512ffe71b1fbce857fd23\";\nlet serviceKey = \"PIcMy86ssE5wuNHAuQn5zPKf6hCAwX3Oxvjw\";\nlet mySignature = crypto.createHash(\"sha256\").update(body + serviceKey).digest(\"hex\");\nif (mySignature === headerSignature) {\n // Notification verified correctly. Continue processing.\n} else {\n // Notification verified as negative. Ignore notification.\n}\n```\n\n## Notifications for reports\n\nFor scheduled reports, it is possible to receive notifications about the availability of the finished report.\n\nTo do this, after logging in to the [imoje administration panel](https://imoje.ing.pl), go to the `Reports` tab, and then in the `Scheduled reports` section, select the `Add report` option. In addition to filling in the desired parameters in the form, you must also enter the `Notification address`, which will receive notifications about the availability of the report.\n\nNotifications for reports are sent as a `JSON` object using the `POST` method and have the following form:\n\n```\n{\n \"id\": \"57526046-db6a-45f9-8288-284337129a8f\",\n \"status\": \"generated\",\n \"fileExt\": \"owi1\",\n \"created\": 1540382655,\n \"modified\": 1705398343,\n \"url\": \"https://imoje.ing.pl/351e2776166edaf0e867e3231e518111b17580baa650c90764e671de57465e08c90ef7751600ef7107cdf7628ffced66bd85360776bf0b713881cbc9b9230c83\"\n}\n```\n\u003e info\n\u003e IMPORTANT! Notifications for reports do not contain signatures.\n\nThe notification may consist of the following parameters:\n\n| Parameter | Type | Description |\n|------------|--------------|------------------------------------------------------------------|\n| `id` | string(36) | Report identifier `UUIDv4` |\n| `status` | string | Report status, **acceptable values**: `generated` |\n| `fileExt` | string(5) | Report format, **acceptable values**: `csv`, `owi1`, `mt940`|\n| `created` | integer(10) | Date of report creation |\n| `modified` | integer(10) | Report modification date |\n| `url` | string(2083) | Redirect address |\n\n## Refund notifications\n\nBy default, we do not send return notifications.\n\nHowever, if you would like to receive them, please contact us at kontakt.tech@imoje.pl. In your email, please include the ID of the shop for which you would like to enable return notifications.\n"},{"title":"Refunds","content":"Refunds can only be made via HTTP requests within our RESTful API integration. A detailed description of how to make a refund can be found [here](https://bump.sh/pgw/doc/imoje-api-en/group/endpoint-refund).\n\nWhen performing multiple refund transactions simultaneously, please allow **at least a 5-second delay** between transactions.\n\n\u003e For security reasons, refunds can be made:\n\u003e - for BLIK, up to a maximum of 12 months\n\u003e - for imoje pay later, up to a maximum of 12 months\n\u003e - for payment cards, up to 3 years\n"},{"title":"imoje pay later","content":"imoje pay later payments do not require separate integration.\nTo start an imoje pay later payment, create a standard payment according to the section [Creating a payment](#topic-creating-a-payment).\n\nUsing the additional parameter `visibleMethod` with the value `imoje_paylater` will display only imoje pay later on the gateway. This allows you to separate this method as a separate item on the summary.\n"},{"title":"Widget for card payments","content":"The widget integration method allows you to integrate card payments from within your shop. In this case, no redirection to the payment gateway is required. \n\nThe widget supports eCom 3DSecure payments, OneClick payments, and recurring payments.\n\nTo use this method, you need to embed the appropriate JavaScript script.\n\nProduction environment:\n\n```\nhttps://paywall.imoje.pl/js/widget.min.js\n```\n\nTest environment: \n\n```\nhttps://sandbox.paywall.imoje.pl/js/widget.min.js\n```\n\n## Parameters\n\n| Parameter | Required parameter | Description |\n|---------------------|-------------------|----------------|\n| `data-merchant-id` | `YES` | Merchant ID |\n| `data-service-id` | `YES` | Shop ID |\n| `data-amount` | `YES` | transaction amount given in pence |\n| `data-currency` | `YES` | currency |\n| `data-order-id` | `YES` | Order ID, **acceptable characters**: A-Za-z0-9#_-./ and the space character (0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritical marks) |\n| `data-customer-id` | `YES` | Payer ID, **acceptable characters**: A-Za-z0-9_- |\n| `data-customer-first-name` | `YES` | name of the person placing the order, **acceptable characters**: A-Za-z0-9-,. and space character (0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritical marks), 0400 - 04FF (Cyrillic) |\n| `data-customer-last-name` | `YES` | name of the person placing the order, **acceptable characters**: A-Za-z0-9-,. and space character (0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritical marks), 0400 - 04FF (Cyrillic) |\n| `data-customer-email` | `YES` | e-mail address in a format compliant with RFC 5322 and RFC 6531 standards |\n| `data-signature` | `YES` | calculated signature |\n| `data-customer-phone` | `NO` | telephone number of the person placing the order, **acceptable characters**: -+0-9 and space. The parameter value may contain **up to 20 characters**. |\n| `data-order-description` | `NO` | transaction title, **permitted characters**: A-Za-z0-9#\u0026_-,.\\/ and space character (0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritical marks) |\n| `data-url-success` | `NO` | The URL to which the user will be redirected after a successful transaction.\u003cbr\u003e The address must comply with the `RFC 3986` standard and contain a host. \u003cbr\u003e The domain name cannot be absolute (FQDN). |\n| `data-url-failure` | `NO` | URL address to which the user will be redirected after an incorrect transaction.\u003cbr\u003e The address must comply with the `RFC 3986` standard and contain a host. \u003cbr\u003e The domain name cannot be absolute (FQDN). |\n| `data-url-return` | `NO` | The general URL to which the user will be redirected after completing the transaction. \u003cbr\u003e The address must comply with the `RFC 3986` standard and contain a host. \u003cbr\u003e The domain name cannot be absolute (FQDN). |\n| `data-url-cancel` | `NO` | The URL to which the user will be redirected after pressing the `Cancel` button. \u003cbr\u003e The address must comply with the `RFC 3986` standard and contain a host. \u003cbr\u003e The domain name cannot be absolute (FQDN). |\n| `data-widget-type` | `NO` | payment type designation **Acceptable values**: `oneclick`, `recurring`, `ecom3ds` |\n| `data-valid-to` | `NO` | expiry date of the payment link as a timestamp in seconds; if not provided, the link is always valid |\n| `data-invoice` | `NO` | encoded invoice data, necessary when using the **ING Księgowość** service. The data should be encoded in accordance with the instructions described **[here](#ing-ksiegowosc#preparing-the-invoice-object)**.|\n| `data-multipayout` | `NO` | data specifying the payment recipient for **multipayout functions**, where: \u003cbr\u003e * `ban` - bank account number \u003cbr\u003e * `amount` - transaction amount specified in pence \u003cbr\u003e * `label` - recipient name (max. 35 characters), **permitted characters**: A-Za-z0-9-,. and space character (0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritical marks) \u003cbr\u003e * `title` - transfer title (max 105 characters), **acceptable characters**: A-Za-z0-9#\u0026_-,.\\/ and space character (0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritical marks), optional parameter. Its presence causes the transaction to be separated in the recipient's account. \u003cbr\u003e Specifying a parameter for one element requires it to be provided for the others. |\n \n### The example structure of the `data-multipayout` parameter should look as follows:\n\n```javascript\ndata-multipayout=[{\"ban\":\"39109024028943913168514519\",\"label\":\"Test1\",\"amount\":100},{\"ban\":\"72105000028166973380325415\",\"label\":\"Test2\",\"amount\":100}]\n```\n\n## Configuration parameters - **should not be included when calculating the signature**\n\n| Parameter | Required parameter | Description |\n|----------------------|-------------------|----------------|\n| `data-locale` | `NO` | Two-letter language code. \u003cbr\u003e **Acceptable values**: `pl`, `en`, `cs`, `de`, `es`, `fr`, `it`, `lt`, `ru`, `sk`, `sl`, `uk`, `nl`, `hu`, `ro`, `bg`, `sv`. \u003cbr\u003e Default is `pl`; if an unknown value is passed, `en` will be displayed. |\n| `data-inline` | `NO` | If set to `true`, it is possible for the iframe to be embedded in an element with the identifier `imoje-widget__wrapper` (an element with this identifier must exist). \u003cbr\u003e If this parameter is not present or is set to `false`, the iframe will be displayed full screen. |\n| `data-element-id` | `NO` | indication of the identifier of the element that is to be interactive with the widget; the default value is `false` |\n| `data-element-event` | `NO` | specifies which event should initiate interaction with the widget; the default is `click` |\n\n## Example\n\n```\n\u003cscript\n src=\"https://paywall.imoje.pl/js/widget.min.js\"\n id=\"imoje-widget__script\"\n\n data-merchant-id=\"6yt3gjtm9p1odfgx8491\"\n data-service-id=\"63f574ed-d90d-4abe-9cs1-39117584a7b\"\n data-amount=\"200\"\n data-currency=\"PLN\"\n data-order-id=\"123\"\n data-customer-id=\"123\"\n data-customer-first-name=\"John\"\n data-customer-last-name=\"Doe\"\n data-customer-email=\"johndoe@domain.com\"\n data-signature=\"5d8b909fd777f1e2a4bbf9af8a9dca248c4fe9b14ae70610d051e29358cb62b1;sha256\"\u003e\n\u003c/script\u003e\n```\n\nwhere:\n\n* `src` - URL address for the `widget.min.js` script\n* `id` - Script ID. Must always have the value `imoje-widget__script`.\n\n\u003e info\n\u003e The above parameters `src` and `id` should **not be taken into account** when calculating the signature.\n\n## Calculating the signature\n\nThe names of the parameters for calculating the signature should be replaced as shown in the example:\n\n* parameter `data-order-id` to `orderId`.\n\nThe signature should be calculated in the same way as described in the section [Authorisation](#topic-authorisation).\n"},{"title":"OneClick and recurring card payments","content":"The FRONT API integration only allows you to create a card profile using the [widget](#topic-widget-for-card-payments).\n\nTo charge or deactivate a profile, you need to use the [RESTful API](https://bump.sh/pgw/doc/imoje-api-en) integration.\n\nA description of all profile actions can be found [here](https://bump.sh/pgw/doc/imoje-api-en/group/endpoint-profile).\n"},{"title":"imoje installments","content":"With this payment method, the payer can spread the order amount over instalments. \n\n\u003e info\n\u003e **IMPORTANT!** imoje instalments are only available to individual customers of your shop.\n\nThere are two instalment options available:\n\n- up to 60 instalments, variable APR, depending on the number of instalments\n- up to 10 instalments, 0% APR\n\nThe minimum amount required to use imoje instalments is **PLN 300**, and the maximum is **PLN 50,000**. \n\nimoje instalments will be displayed by default along with other payment methods. If you use the `visibleMethod` table, you must add the value `imoje_installments`.\n\n## Creating a payment with imoje instalments\n\nimoje instalments will be displayed by default along with other payment methods. If you are using the `visibleMethod` array, you must add the value `imoje_installments`.\n\n## Example request:\n\n```json\n\u003cinput type=\"hidden\" value=\"63f574ed-d90d-4abe-9cs1-39117584a7b7\" name=\"serviceId\"\u003e\n\u003cinput type=\"hidden\" value=\"6yt3gjtm9p1odfgx8491\" name=\"merchantId\"\u003e\n\u003cinput type=\"hidden\" value=\"5000000\" name=\"amount\"\u003e\n\u003cinput type=\"hidden\" value=\"PLN\" name=\"currency\"\u003e\n\u003cinput type=\"hidden\" value=\"imoje raty\" name=\"orderId\"\u003e\n\u003cinput type=\"hidden\" value=\"imoje raty\" name=\"orderDescription\"\u003e\n\u003cinput type=\"hidden\" value=\"John\" name=\"customerFirstName\"\u003e\n\u003cinput type=\"hidden\" value=\"Doe\" name=\"customerLastName\"\u003e\n\u003cinput type=\"hidden\" value=\"johndoe@domain.com\" name=\"customerEmail\"\u003e\n\u003cinput type=\"hidden\" value=\"501501501\" name=\"customerPhone\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/success\" name=\"urlSuccess\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/failure\" name=\"urlFailure\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/return\" name=\"urlReturn\"\u003e\n\u003cinput type=\"hidden\" value=\"imoje_installments\" name=\"visibleMethod\"\u003e\n\u003cinput type=\"hidden\" value=\"cd5024f5ce5e6ff47990fe60572758fbcbcd6e3c04895d6815932b2d14e04ffd;sha256\" name=\"signature\"\u003e\n```\n\n## imoje instalment calculator - widget\n\nThe imoje instalment widget allows you to display an instalment calculator on the shop summary, which the payer can use to preliminarily determine the amount of instalments for a selected period. \nThe preliminary instalment amount can be downloaded from the calculator and then transferred in the [transaction creation query](https://bump.sh/pgw/doc/imoje-api-en/operation/operation-post-parameter-transaction). \n\nTo call the calculator, use the appropriate JavaScript script and call it in the object with the ID `imoje-installments__wrapper`.\n\n### Widget URLs\n\n**PRODUKCJA:** `https://paywall.imoje.pl/js/installments.js`\n\n**SANDBOX:** `https://sandbox.paywall.imoje.pl/js/installments.js`\n\n### Script ID\n\n`imoje-installments__script`\n\n#### Parameters\n\n| Parameter | Description |\n|------------------------|--------------------------------------|\n| `merchantId` | Customer ID |\n| `serviceId` | Customer store ID as `UUID v4` |\n| `amount` | Transaction amount in the smallest currency unit, e.g. pence. Minimum value: `30000` Maximum value: `5000000` |\n| `currency` | Transaction currency in ISO 4217 standard, **acceptable value:** `PLN` |\n| `signature` | [Calculated signature](#topic-authorisation) |\n\n### Example of script invocation\n\n```javascript\n (function () {\n const form = document.getElementById('form');\n\n function onSubmit(event) {\n event.preventDefault();\n\n let script = document.getElementById('imoje-installments__script');\n if (!script) {\n script = document.createElement('script');\n script.id = 'imoje-installments__script';\n script.src = 'https://paywall.imoje.pl/js/installments.js';\n script.onload = () =\u003e onSubmit(event);\n document.body.appendChild(script);\n return;\n }\n\n const options = { \n merchantId: \"Twój identyfikator Klienta\", \n serviceId: \"Twój identyfikator sklepu\", \n amount: \"Kwota zamówienia\", \n currency: \"PLN\", \n signature: \"Wyliczona sygnatura\" \n };\n\n document.getElementById('imoje-installments__wrapper').imojeInstallments(options);\n }\n\n form.addEventListener('submit', onSubmit);\n })();\n```\n\n### Downloading settings from the calculator\n\nDepending on the imoje instalment channel selected on the calculator and the number of instalments, the widget creates a new event each time, based on which you can download the values and pass them in the request creating the transaction.\n\n#### Example of data download \n\n```javascript\n window.addEventListener('message', function (data) {\n if (data.data.channel \u0026\u0026 data.data.period) {\n var channel = data.data.channel;\n var period = data.data.period;\n }\n }, false);\n```\n\n## Refunds to imoje instalments\n\nWith this payment method, the supplier decides how much can be refunded for a given transaction.\n\nTo obtain information about the maximum amount of full and partial refunds, please use [this request](https://bump.sh/pgw/doc/imoje-api-en/operation/operation-post-parameter-transaction-parameter-can-refund).\n"},{"title":"Split Payment","content":"An `invoice` object must be attached to the basic request creating the transaction as described in the section [Creating a payment](#topic-creating-a-payment). This object consists of a `buyer` object and a `positions` array with the following parameters:\n\n`buyer` object:\n\n| Parameter | Type | Parameter required | Description |\n|-------------------|-----------------------------------------------|-|-|\n| `invoiceId` | string | `YES` | Invoice number |\n| `type` | string | `YES` | It takes the value `PERSON` *individual buyer or `COMPANY` *company* |\n| `email` | string(200) | `YES` | E-mail address in the format compliant with RFC 5322 and RFC 6531 |\n| `fullName`| string(200) | `YES` | Buyer's name/company name, \u003cbr\u003e **available characters:** A-Za-z0-9#\u0026_-\"',.\\/ space (0x20) and the UNICODE characters from the range 00C0 - 02C0 (e.g. Polish diacritic characters), 0400 - 04FF (Cyrillic script) |\n| `street` | string(200) | `YES` | Street |\n| `city` | string(100) | `YES` | City\n| `postalCode` | string(30) | `YES` | Postal code |\n| `countryCodeAlpha2` | string(2) | `YES` | Country code `Alpha2` |\n| `idCountryCodeAlpha2` | string(2) | `NO` | `Alpha2` country code identifier. Required for the `VAT_ID` value of the `idType` parameter. |\n| `idType` | string | `NO` | Identification number type. Required for the `COMPANY` value of the `type` parameter. Takes the value of `ID` *TIN* or `VAT_ID` *CRN* |\n| `idNumber`| string(30) | `NO` | CRN or TIN number. Required for the `COMPANY` value of the `type` parameter |\n\n`positions` array:\n\n| Parameter | Type | Parameter required | Description |\n|-------------------|-----------------------------------------------|-|-|\n| `name` | string | `YES` | Product name |\n| `code` | string | `YES` | Product code |\n| `quantity` | number | `YES` | Quantity. The **minimum value is 0** |\n| `unit` | string | `YES` | Unit |\n| `grossAmount` | integer | `YES` | Gross unit value |\n| `taxStake` | string | `YES` | Tax rate. Available values: `TAX_23`, `TAX_22`, `TAX_8`, `TAX_7`, `TAX_5`, `TAX_3`, `TAX_0`, `TAX_EXEMPT`, `TAX_NOT_LIABLE`, `TAX_REVERSE_CHARGE`, `TAX_EXCLUDING` |\n| `taxAmount` | integer | `YES` | Value of tax in pennies |\n| `discountAmount` | integer | `NO` | Discount value |\n\n### Example data structure\n\n```php\n$invoiceData = [\n \"invoiceId\" =\u003e \"04/12/23\",\n \"buyer\" =\u003e [\n \"type\" =\u003e \"COMPANY\",\n \"idType\" =\u003e \"VAT_ID\",\n \"idNumber\" =\u003e \"5354235387\",\n \"email\" =\u003e \"nazwafirmy@example.com\",\n \"fullName\" =\u003e \"Nazwa firmy\",\n \"street\" =\u003e \"Ulica\",\n \"city\" =\u003e \"Miasto\",\n \"postalCode\" =\u003e \"12-345\",\n \"countryCodeAlpha2\" =\u003e \"PL\",\n \"idCountryCodeAlpha2\" =\u003e \"PL\"\n ],\n \"positions\" =\u003e [\n [\n \"name\" =\u003e \"Produkt\",\n \"code\" =\u003e \"produkt-01\",\n \"quantity\" =\u003e 1,\n \"unit\" =\u003e \"Sztuki\",\n \"taxStake\" =\u003e \"TAX_23\",\n \"grossAmount\" =\u003e 12300,\n \"taxAmount\" =\u003e 2300\n ],\n ],\n];\n```\n\nThe above parameters should be taken into account when calculating the signature in accordance with the section [Authorisation](#topic-authorisation)\n\n### Preparing the invoice object\n\n### Using the PHP function\nThe data collected from the above parameters should be encoded using the function:\n`base64_encode(gzencode(json_encode($invoiceData), 5));` \n\nwhere:\n\n`$invoiceData` - previously prepared parameters\n\n```php\n$invoiceData = [\n \"invoiceId\" =\u003e \"04/12/23\",\n \"buyer\" =\u003e [\n \"type\" =\u003e \"COMPANY\",\n \"idType\" =\u003e \"VAT_ID\",\n \"idNumber\" =\u003e \"5354235387\",\n \"email\" =\u003e \"nazwafirmy@example.com\",\n \"fullName\" =\u003e \"Nazwa firmy\",\n \"street\" =\u003e \"Ulica\",\n \"city\" =\u003e \"Miasto\",\n \"postalCode\" =\u003e \"12-345\",\n \"countryCodeAlpha2\" =\u003e \"PL\",\n \"idCountryCodeAlpha2\" =\u003e \"PL\"\n ],\n \"positions\" =\u003e [\n [\n \"name\" =\u003e \"Produkt\",\n \"code\" =\u003e \"produkt-01\",\n \"quantity\" =\u003e 1,\n \"unit\" =\u003e \"Sztuki\",\n \"taxStake\" =\u003e \"TAX_23\",\n \"grossAmount\" =\u003e 12300,\n \"taxAmount\" =\u003e 2300\n ],\n ],\n];\n$invoice = base64_encode(gzencode(json_encode($invoiceData), 5));\n\n$fields = [\n 'serviceId' =\u003e '63f574ed-d90d-4abe-9cs1-39117584a7b7',\n 'merchantId' =\u003e '6yt3gjtm9p1odfgx8491',\n 'amount' =\u003e '12300',\n 'currency' =\u003e 'PLN',\n 'orderId' =\u003e 'Split payment',\n 'orderDescription' =\u003e 'Split payment',\n 'customerFirstName' =\u003e 'Jan',\n 'customerLastName' =\u003e 'Kowalski',\n 'customerEmail' =\u003e 'jan.kowalski@example.com',\n 'customerPhone' =\u003e '501501501',\n 'visibleMethod' =\u003e 'wt',\n 'urlSuccess' =\u003e 'https://domain.com/success',\n 'urlFailure' =\u003e 'https://domain.com/failure',\n 'urlReturn' =\u003e 'https://domain.com/return',\n 'invoice' =\u003e $invoice,\n];\n$serviceKey = 'eAyhFLuHgwl5hu-32GM8QVlCVMWRU0dGjH1c';\n$hashMethod = 'sha256';\n$signature= createSignature(\n $fields,\n $serviceKey,\n $hashMethod\n) . ';' . $hashMethod;\n```\n\n### Example of an encoded invoice object\n\n```php\nH4sIAAAAAAAACm2QXU+DMBSG/4rp9eaAQjRcSfBmiUOSodE4s3TQaUM/EE51jPDfPe3inZfneT/6phMR+tuImq8bkpIg3q3CaLeKKFmQgx15T9KJwNhxFPPHTZkVr6iIprqg56zar+89Kaw6ODtJaBJHNKG3N8i5YkIi1Oz8w46iV+MdPzHVSX5dG4WGo5WyYMqVFc5z5U0oDNBzDoifpKgZglrAiOdGsAEM3p0ZgMncNC4bRksaJ85lrIZ+dDiT3SeLUCwf/ML8f2n2VQKE0QNJ3ybc6ueUvWlsC77Tv9FdwDIIkX1ZpsEvChfEauGWbs9gW4EisNMWWOtCVfay97/50ZthyJTbgJmIBoH3/REH5vf5FyK2JcWPAQAA\n```\n### Example HTML form content\n\n```html\n\u003cinput type=\"hidden\" value=\"63f574ed-d90d-4abe-9cs1-39117584a7b7\" name=\"serviceId\"\u003e\n\u003cinput type=\"hidden\" value=\"6yt3gjtm9p1odfgx8491\" name=\"merchantId\"\u003e\n\u003cinput type=\"hidden\" value=\"12300\" name=\"amount\"\u003e\n\u003cinput type=\"hidden\" value=\"PLN\" name=\"currency\"\u003e\n\u003cinput type=\"hidden\" value=\"Split payment\" name=\"orderId\"\u003e\n\u003cinput type=\"hidden\" value=\"Split payment\" name=\"orderDescription\"\u003e\n\u003cinput type=\"hidden\" value=\"Jan\" name=\"customerFirstName\"\u003e\n\u003cinput type=\"hidden\" value=\"Kowalski\" name=\"customerLastName\"\u003e\n\u003cinput type=\"hidden\" value=\"jan.kowalski@example.com\" name=\"customerEmail\"\u003e\n\u003cinput type=\"hidden\" value=\"501501501\" name=\"customerPhone\"\u003e\n\u003cinput type=\"hidden\" value=\"wt\" name=\"visibleMethod\"\u003e\n\u003cinput type=\"hidden\" value=\"https://domain.com/success\" name=\"urlSuccess\"\u003e\n\u003cinput type=\"hidden\" value=\"https://domain.com/failure\" name=\"urlFailure\"\u003e\n\u003cinput type=\"hidden\" value=\"https://domain.com/return\" name=\"urlReturn\"\u003e\n\u003cinput type=\"hidden\" value=\"\u003c?= $invoice ?\u003e\" name=\"invoice\"\u003e\n```\n"},{"title":"Multipayout","content":"This option is available when the multi-payment function is enabled. An additional `multipayout` table with the following parameters should be attached to the basic request:\n\n| Parameter | Type | Required parameter | Description |\n|---------------------|---------------|--------------------|----------------|\n| `ban` | string | `YES` | Bank account number |\n| `amount` | integer | `YES` | Amount of transaction in the smallest currency unit, e.g. **pennies** |\n| `label` | string(70) | `YES` | Recipient's name, **allowed characters**: A-Za-z0-9-',. and space character(0x20) and characters from the UNICODE range 00C0 - 02C0 (including Polish diacritics) |\n| `title` | string(105) | `NO` | Transfer title, **allowed characters**: A-Za-z0-9#\u0026_-\"',.and space character(0x20) and characters from the UNICODE 00C0 - 02C0 range (including Polish diacritics). \u003cbr\u003e Its presence causes the given transaction to be extracted from the recipient's account. \u003cbr\u003e Specifying the parameter for one element determines the necessity of providing it for the other elements. |\n\nEach payment included in the form below should contain consecutive indices **numbered from 0**.\n\nExample HTML form content:\n\n```html\n\u003cinput type=\"hidden\" value=\"63f574ed-d90d-4abe-9cs1-39117584a7b7\" name=\"serviceId\"\u003e\n\u003cinput type=\"hidden\" value=\"6yt3gjtm9p1odfgx8491\" name=\"merchantId\"\u003e\n\u003cinput type=\"hidden\" value=\"300\" name=\"amount\"\u003e\n\u003cinput type=\"hidden\" value=\"PLN\" name=\"currency\"\u003e\n\u003cinput type=\"hidden\" value=\"123\" name=\"orderId\"\u003e\n\u003cinput type=\"hidden\" value=\"Example transaction\" name=\"orderDescription\"\u003e\n\u003cinput type=\"hidden\" value=\"John\" name=\"customerFirstName\"\u003e\n\u003cinput type=\"hidden\" value=\"Doe\" name=\"customerLastName\"\u003e\n\u003cinput type=\"hidden\" value=\"johndoe@domain.com\" name=\"customerEmail\"\u003e\n\u003cinput type=\"hidden\" value=\"501501501\" name=\"customerPhone\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/success\" name=\"urlSuccess\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/failure\" name=\"urlFailure\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/return\" name=\"urlReturn\"\u003e\n\u003cinput type=\"hidden\" value=\"card,pbl\" name=\"visibleMethod\"\u003e\n\u003cinput type=\"hidden\" value=\"72105000028166973380325415\" name=\"multipayout[0][ban]\"\u003e\n\u003cinput type=\"hidden\" value=\"100\" name=\"multipayout[0][amount]\"\u003e\n\u003cinput type=\"hidden\" value=\"Nazwa firmy 0\" name=\"multipayout[0][label]\"\u003e\n\u003cinput type=\"hidden\" value=\"58105000025503268251444948\" name=\"multipayout[1][ban]\"\u003e\n\u003cinput type=\"hidden\" value=\"200\" name=\"multipayout[1][amount]\"\u003e\n\u003cinput type=\"hidden\" value=\"Nazwa firmy 1\" name=\"multipayout[1][label]\"\u003e\n\u003cinput type=\"hidden\" value=\"1a466af99a18c4691576bbbf5b935e2ac082285ae28a88f8686ac3317836a6f5;sha256\" name=\"signature\"\u003e\n```\n\n## Example data structure\n\n```php\n$fields = [\n 'merchantId' =\u003e '6yt3gjtm9p1odfgx8491',\n 'serviceId' =\u003e '63f574ed-d90d-4abe-9cs1-39117584a7b',\n 'amount' =\u003e '300',\n 'currency' =\u003e 'PLN',\n 'orderId' =\u003e '123',\n 'orderDescription' =\u003e 'Example transaction',\n 'customerFirstName' =\u003e 'John',\n 'customerLastName' =\u003e 'Doe',\n 'customerEmail' =\u003e 'johndoe@domain.com',\n 'customerPhone' =\u003e '501501501',\n 'urlSuccess' =\u003e 'https://your-shop.com/success',\n 'urlFailure' =\u003e 'https://your-shop.com/failure',\n 'urlReturn' =\u003e 'https://your-shop.com/return',\n 'multipayout' =\u003e [\n [\n 'ban' =\u003e '72105000028166973380325415',\n 'amount' =\u003e '100',\n 'label' =\u003e 'Nazwa firmy 0',\n ],\n [\n 'ban' =\u003e '58105000025503268251444948',\n 'amount' =\u003e '200',\n 'label' =\u003e 'Nazwa firmy 1',\n ],\n ],\n];\n```\n\nThe above parameters should be taken into account when calculating the signature in accordance with the section [Authorisation](#topic-authorisation).\n"},{"title":"ING Księgowość","content":"This option is available when the ING Księgowość service is **enabled**. An `invoice` object must be attached to the basic request creating the transaction as described in the section [Creating a payment](#topic-creating-a-payment). This object consists of a `buyer` object and a `positions` array with the following parameters:\n\n`buyer` object:\n\n| Parameter | Type | Parameter required | Description |\n|-------------------|-----------------------------------------------|-|-|\n| `type` | string | `YES` | It takes the value `PERSON` *individual buyer* or `COMPANY` *company* |\n| `email` | string(200) | `YES` | E-mail address in the format compliant with RFC 5322 and RFC 6531 |\n| `fullName`| string(200) | `YES` | Buyer's name/company name |\n| `street` | string(200) | `YES` | Street |\n| `city` | string(100) | `YES` | City\n| `postalCode` | string(30) | `YES` | Postal code |\n| `countryCodeAlpha2` | string(2) | `YES` | Country code `Alpha2` |\n| `idCountryCodeAlpha2` | string(2) | `NO` | `Alpha2` country code identifier. Required for the `VAT_ID` value of the `idType` parameter |\n| `idType` | string | `NO` | Identification number type. Required for the `COMPANY` value of the `type` parameter. Takes the value of ID *TIN* or VAT_ID *CRN*. |\n| `idNumber`| string(30) | `NO` | CRN or TIN number. Required for the `COMPANY` value of the `type` parameter. |\n\n`positions` array:\n\n| Parameter | Type | Parameter required | Description |\n|-------------------|-----------------------------------------------|-|-|\n| `name` | string | `YES` | Product name |\n| `code` | string | `YES` | Product code |\n| `quantity` | number | `YES` | Quantity. **The minimum value is 0** |\n| `unit` | string | `YES` | Unit |\n| `grossAmount` | integer | `YES` | Gross unit value |\n| `taxStake` | string | `YES` | Tax rate. **Available values:** \u003cbr\u003e `TAX_23` \u003cbr\u003e `TAX_22` \u003cbr\u003e `TAX_8` \u003cbr\u003e `TAX_7` \u003cbr\u003e `TAX_5` \u003cbr\u003e `TAX_3` \u003cbr\u003e `TAX_0` \u003cbr\u003e `TAX_EXEMPT` \u003cbr\u003e `TAX_NOT_LIABLE` \u003cbr\u003e `TAX_REVERSE_CHARGE` \u003cbr\u003e `TAX_EXCLUDING` |\n| `discountAmount` | integer | `NO` | Discount value |\n\nIn the case of tax exemption, the relevant data should be provided in the request using the `basisForVatExemption` object with the following parameters:\n\n| Parameter | Type | Parameter required | Description |\n|-----------|--------|--------------------|-------------|\n| `type` | string | `NO` | **Available values:** \u003cbr\u003e `DENTAL_TECHNICAN_SERVICES`, \u003cbr\u003e `DOCTOR_DENTIST_SERVICES`, \u003cbr\u003e `PHYSIOTHERAPY_SERVICES`, \u003cbr\u003e `NURSING_SERVICES`, \u003cbr\u003e `PSYCHOLOGICAL_SERVICES`, \u003cbr\u003e `MEDICAL_TRANSPORT_SERVICES`, \u003cbr\u003e `CARE_SERVICES`, \u003cbr\u003e `TUTORING`, \u003cbr\u003e `TEACHING_FOREIGN_LANGUAGES`, \u003cbr\u003e `ARTISTS`, \u003cbr\u003e `RENTING_PROPERTY`, \u003cbr\u003e `INSURANCE_SERVICES`, \u003cbr\u003e `CREDITS_AND_LOANS_SERVICES`, \u003cbr\u003e `GUARANTIEES`, \u003cbr\u003e `SPECIAL_CONDITIONS_FOR_EXEMPTION`, \u003cbr\u003e `UE_TRANSACTIONS`, \u003cbr\u003e `SUBJECTIVE_EXEMPTIONS`, \u003cbr\u003e `OTHER`, \u003cbr\u003e `OTHER_OBJECTIVE_EXEMPTIONS` |\n| `text` | string | `NO` | Description. This parameter is required when the value `OTHER` is specified in the `type` parameter. |\n\n\nAdditionally, it is possible to specify whether the invoice should be sent automatically using the parameter:\n\n| Parameter | Type | Parameter required | Description |\n|----------------|---------|--------------------|------------------------------|\n| `issueInvoice` | boolean | `NO` | Automatic invoice sending |\n\n## Example data structure\n\n```php\n$invoiceData = [\n \"buyer\" =\u003e [\n \"type\" =\u003e \"PERSON\",\n \"email\" =\u003e \"jan.kowalski@example.com\",\n \"fullName\" =\u003e \"Jan Kowalski\",\n \"street\" =\u003e \"Street\",\n \"city\" =\u003e \"City\",\n \"postalCode\" =\u003e \"12-345\",\n \"countryCodeAlpha2\" =\u003e \"PL\",\n ],\n \"positions\" =\u003e [\n [\n \"name\" =\u003e \"Produkt\",\n \"code\" =\u003e \"produkt-01\",\n \"quantity\" =\u003e 1,\n \"unit\" =\u003e \"Sztuki\",\n \"taxStake\" =\u003e \"TAX_23\",\n \"grossAmount\" =\u003e 12300,\n ],\n ],\n];\n```\n\nThe above parameters should be taken into account when calculating the signature in accordance with the section [Authorisation](#topic-authorisation).\n\n## Preparing the invoice object\n\n### Using PHP functions\nThe data collected from the above parameters should be encoded using the following functions:\n\n```\nbase64_encode(gzencode(json_encode($invoiceData), 5));\n```\n\nwhere:\n\n`$invoiceData` - previously prepared parameters\n\n```php\n$invoiceData = [\n \"buyer\" =\u003e [\n \"type\" =\u003e \"PERSON\",\n \"email\" =\u003e \"jan.kowalski@example.com\",\n \"fullName\" =\u003e \"Jan Kowalski\",\n \"street\" =\u003e \"Street\",\n \"city\" =\u003e \"City\",\n \"postalCode\" =\u003e \"12-345\",\n \"countryCodeAlpha2\" =\u003e \"PL\",\n ],\n \"positions\" =\u003e [\n [\n \"name\" =\u003e \"Produkt\",\n \"code\" =\u003e \"produkt-01\",\n \"quantity\" =\u003e 1,\n \"unit\" =\u003e \"Sztuki\",\n \"taxStake\" =\u003e \"TAX_23\",\n \"grossAmount\" =\u003e 12300,\n ],\n ],\n];\n$invoice = base64_encode(gzencode(json_encode($invoiceData), 5));\n\n$fields = [\n 'serviceId' =\u003e '63f574ed-d90d-4abe-9cs1-39117584a7b7',\n 'merchantId' =\u003e '6yt3gjtm9p1odfgx8491',\n 'amount' =\u003e '12300',\n 'currency' =\u003e 'PLN',\n 'orderId' =\u003e '123',\n 'orderDescription' =\u003e '#Example transaction',\n 'customerFirstName' =\u003e 'Jan',\n 'customerLastName' =\u003e 'Kowalski',\n 'customerEmail' =\u003e 'jan.kowalski@example.com',\n 'customerPhone' =\u003e '515515515',\n 'urlSuccess' =\u003e 'https://your-shop.com/success',\n 'urlFailure' =\u003e 'https://your-shop.com/failure',\n 'urlReturn' =\u003e 'https://your-shop.com/return',\n 'invoice' =\u003e $invoice,\n];\n$serviceKey = 'eAyhFLuHgwl5hu-32GM8QVlCVMWRU0dGjH1c';\n$hashMethod = 'sha256';\n$signature= createSignature(\n $fields,\n $serviceKey,\n $hashMethod\n) . ';' . $hashMethod;\n```\n## Example of an encoded invoice object\n\n```php\nH4sIAAAAAAAAA0WOQQvCNAyF/4rkPGWbenAnh3gTFedBEJGqVcu6dq4pOMf+u8MYeAnJl/fy0sDF17KCpAGsSwkJbJe7bLOGAGQhlCaA0uGcy6jUhO9e67UoZL8zcCHssJISfzAiclVY9zNNpXUo9MLe2BjFw/KkyhrrDVY141SXTxHzAytoO71CZY2D5NiA+QfGna07M6P25YXBLikKwBvFL2Qf9LmiJYp3hiJn7T49nENCj8o6lxacS5ZpGLan9gsKdX5sBQEAAA==\n```\n## Example HTML form content\n\n```html\n\u003cinput type=\"hidden\" value=\"63f574ed-d90d-4abe-9cs1-39117584a7b7\" name=\"serviceId\"\u003e\n\u003cinput type=\"hidden\" value=\"6yt3gjtm9p1odfgx8491\" name=\"merchantId\"\u003e\n\u003cinput type=\"hidden\" value=\"300\" name=\"amount\"\u003e\n\u003cinput type=\"hidden\" value=\"PLN\" name=\"currency\"\u003e\n\u003cinput type=\"hidden\" value=\"123\" name=\"orderId\"\u003e\n\u003cinput type=\"hidden\" value=\"Example transaction\" name=\"orderDescription\"\u003e\n\u003cinput type=\"hidden\" value=\"John\" name=\"customerFirstName\"\u003e\n\u003cinput type=\"hidden\" value=\"Doe\" name=\"customerLastName\"\u003e\n\u003cinput type=\"hidden\" value=\"johndoe@domain.com\" name=\"customerEmail\"\u003e\n\u003cinput type=\"hidden\" value=\"501501501\" name=\"customerPhone\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/success\" name=\"urlSuccess\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/failure\" name=\"urlFailure\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/return\" name=\"urlReturn\"\u003e\n\u003cinput type=\"hidden\" value=\"\u003c?= $invoice ?\u003e\" name=\"invoice\"\u003e\n```\n"},{"title":"ING Lease Now","content":"This option is available when the ING Lease Now service is enabled. \nThe basic request creating the payment must be accompanied by a `cart` object with an `items` array containing the following parameters:\n\n| Parameter | Type | Required parameter | Description |\n|-------------------|-----------------------------------------------|-|-|\n| `id` | string | `YES` | Product identifier |\n| `name` | string | `YES` | Name of the product |\n| `amount` | integer | `YES` | Unit value of the net product in the smallest unit of currency - **pennies**. The value `0` is also allowed. |\n| `tax` | integer | `YES` | Tax unit value|\n| `taxStake` | string | `YES` | Tax rate. **Available values**: `23`, `22`, `8`, `7`, `5`, `3`, `0`, `TAX_EXEMPT`, `TAX_NOT_LIABLE`, `TAX_REVERSE_CHARGE`, `TAX_EXCLUDING` |\n| `quantity` | integer | `YES` | Quantity. **Minimum value is 0** |\n| `url` | string | `YES` | The url for the product in question |\n| `categoryId` | string | `YES` | Category identifier |\n| `unit` | string | `NO` | unit |\n| `state` | integer | `NO` | Product state. **available values**: `NEW`, `USED` |\n| `discount.amount` | integer | `NO` | Value of discount |\n| `discount.tax` | integer | `NO` | Discount tax value |\n\nThe minimum value for a single product in Leasing is PLN 1,000, while the value of the entire basket must be at least PLN 5,000. The amounts given are **net** amounts.\n\n## Example data structure\n\n```php\n$cart = [\n 'items' =\u003e [\n [\n 'id' =\u003e 1,\n 'categoryId' =\u003e 'category123',\n 'name' =\u003e 'Product name',\n 'amount' =\u003e 1000,\n 'tax' =\u003e 230,\n 'taxStake' =\u003e 23,\n 'quantity' =\u003e 1,\n 'unit' =\u003e 'szt',\n 'url' =\u003e 'https://product.url',\n 'state' =\u003e 'NEW',\n 'discount' =\u003e [\n 'amount' =\u003e 100,\n 'tax' =\u003e 23,\n ]\n ]\n ]\n];\n```\n\nThe above parameters should be taken into account when calculating the signature in accordance with the section [Authorisation](#topic-authorisation).\n\n## Preparing the cart object\n\n### Using the PHP function\nThe data collected from the above parameters should be encoded using the function:\n\n```\nbase64_encode(gzencode(json_encode($cart), 5));\n``` \n\nwhere:\n\n`$cart` - previously prepared parameters\n\n```php\n$cart = [\n 'items' =\u003e [\n [\n 'id' =\u003e 1,\n 'categoryId' =\u003e 'category123',\n 'name' =\u003e 'Product name',\n 'amount' =\u003e 500000,\n 'tax' =\u003e 115000,\n 'taxStake' =\u003e 23,\n 'quantity' =\u003e 1,\n 'unit' =\u003e 'szt',\n 'url' =\u003e 'https://product.url',\n 'state' =\u003e 'NEW',\n 'discount' =\u003e [\n 'amount' =\u003e 100,\n 'tax' =\u003e 23,\n ],\n ],\n ],\n];\n$cart = base64_encode(gzencode(json_encode($cart), 5));\n\n$fields = [\n 'serviceId' =\u003e '63f574ed-d90d-4abe-9cs1-39117584a7b7',\n 'merchantId' =\u003e '6yt3gjtm9p1odfgx8491',\n 'amount' =\u003e '615000',\n 'currency' =\u003e 'PLN',\n 'orderId' =\u003e '123',\n 'orderDescription' =\u003e '#Example transaction',\n 'customerFirstName' =\u003e 'Jan',\n 'customerLastName' =\u003e 'Kowalski',\n 'customerEmail' =\u003e 'jan.kowalski@example.com',\n 'customerPhone' =\u003e '515515515',\n 'urlSuccess' =\u003e 'https://your-shop.com/success',\n 'urlFailure' =\u003e 'https://your-shop.com/failure',\n 'urlReturn' =\u003e 'https://your-shop.com/return',\n 'cart' =\u003e $cart,\n];\n$serviceKey = 'eAyhFLuHgwl5hu-32GM8QVlCVMWRU0dGjH1c';\n$hashMethod = 'sha256';\n$signature = createSignature(\n $fields,\n $serviceKey,\n $hashMethod\n) . ';' . $hashMethod;\n```\nUsing the additional parameter `visibleMethod` with the value `lease` will display only Leasing on the gateway. This allows you to extract a given method as a separate item in the summary.\n\n## Example form content\n\n```html\n\u003cinput type=\"hidden\" value=\"63f574ed-d90d-4abe-9cs1-39117584a7b7\" name=\"serviceId\"\u003e\n\u003cinput type=\"hidden\" value=\"6yt3gjtm9p1odfgx8491\" name=\"merchantId\"\u003e\n\u003cinput type=\"hidden\" value=\"300\" name=\"amount\"\u003e\n\u003cinput type=\"hidden\" value=\"PLN\" name=\"currency\"\u003e\n\u003cinput type=\"hidden\" value=\"123\" name=\"orderId\"\u003e\n\u003cinput type=\"hidden\" value=\"Example transaction\" name=\"orderDescription\"\u003e\n\u003cinput type=\"hidden\" value=\"John\" name=\"customerFirstName\"\u003e\n\u003cinput type=\"hidden\" value=\"Doe\" name=\"customerLastName\"\u003e\n\u003cinput type=\"hidden\" value=\"johndoe@domain.com\" name=\"customerEmail\"\u003e\n\u003cinput type=\"hidden\" value=\"501501501\" name=\"customerPhone\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/success\" name=\"urlSuccess\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/failure\" name=\"urlFailure\"\u003e\n\u003cinput type=\"hidden\" value=\"https://your-shop.com/return\" name=\"urlReturn\"\u003e\n\u003cinput type=\"hidden\" value=\"\u003c?= $cart ?\u003e\" name=\"cart\"\u003e\n```\n"},{"title":"Sandbox","content":"Imoje offers a sandbox test mode to verify the correctness of the integration.\n\nThe sandbox test environment can be found [here](https://sandbox.imoje.ing.pl).\n\u003cbr\u003e\u003cbr\u003eTo create a new account, click `Create Merchant Account`, then enter your e-mail address, to which a link to activate your account will be sent.\nAfter activating your account, simply log in with the generated login and the previously assigned password.\nA test shop will be assigned to your account, which will have its own integration data.\n\n## Cards in the sandbox environment\nTo test card payments, use the following details:\n\n| Card issuer | Card number | Month | Year | CVV | 3-D Secure | Description |\n|-------------|------------------|-------|------|-----|-------------|----------------------------------------------------------------------------|\n| Visa | 4111111111111111 | 12 | 29 | 123 | no | **Positive authorization** - profile transaction completed |\n| Visa | 4485201817664006 | 12 | 29 | 123 | no | **Positive authorization** - profile transaction rejected, dcc rejected |\n| Visa | 4444333322221111 | 12 | 29 | 123 | no | **Negative authorisation** |\n| Visa | 4012001037141112 | 12 | 29 | 123 | yes | **Positive authorization** - profile transaction completed |\n| Visa | 4749601201390567 | 12 | 29 | 123 | yes | **Positive authorization** - profile transaction rejected |\n| Visa | 4934403892699132 | 12 | 29 | 123 | yes | **Negative authorisation** |\n| Visa | 4012001007002005 | 12 | 29 | 123 | no | **Provider error** |\n| Visa | 4282513338596268 | 12 | 29 | 123 | no | **Positive authorization** - profile provider transaction error |\n\n## PBL and BLIK transactions in the sandbox environment.\nIn order to test PBL or BLIK transactions, send the appropriate value of the `orderDescription` parameter in the basic request with the [Creating a payment](#topic-creating-a-payment) point.\n\n| orderDesription | Description |\n|---------------|-----------------------------------------------|\n| `TEST-100000` | Standard - Refund settled, default action |\n| `TEST-100010` | Provider error |"}]}