Prerequisites and Notes for the /openOrder
Request
- The server-side
/openOrder
API request does the following:- Authenticates your Nuvei merchant credentials.
(You can log in to the Nuvei Control Panel using your username and password to find your credentials here.) - Sets up the authenticated order in the Nuvei system, and returns a
sessionToken
which is needed to send other requests in the session.
- Authenticates your Nuvei merchant credentials.
- Always send the
/openOrder
request from your backend server because thechecksum
parameter calculation includes your secret key, which should NOT be exposed on the client side.
Sending an /openOrder
Request
On the server side, send an /openOrder request with its mandatory parameters, and include the following:
checksum
This is a SHA-256 encrypted string that you create, which is used for request authentication. You can calculate it by performing a SHA-256 encryption on a string of these concatenated fields, in the following order:
merchantId
,merchantSiteId
,clientRequestId
,amount
,currency
,timeStamp
, and yourmerchantSecretKey
at the end.country
andemail
If these are not provided here, then they must be included later in acreatePayment()
/authenticate3d()
request.urlDetails.notificationUrl
(recommended)
The URL to which DMNs can be sent.preventOverride
=”1” (optional)
This prevents future requests from over-writing values contained in these classes:userDetails
,billingAddress
, orshippingAddress
.sessionCardDeclineLimit
(optional)
This parameter controls the number of transaction declines that can be received during a single session. If this limit of declines is reached, the session expires immediately.