...
Data is sent as a server-to-server request, authenticated with standard HTTP Basic Authentication Header. All server-to-server requests use UTF-8 charset.
If payment method is chosen in web store, see https://sveapayments.atlassian.net/wiki/spaces/DOCS/pages/1657012315/Payment+API#Choosing-the-payment-method
A new payment request (https://sveapayments.atlassian.net/wiki/spaces/DOCS2022/pages/1657012476/Create+Payment#Request-(S2S-HTTP-POST) ) is sent by the web store software (with no payer browser intervention).
The success response (https://sveapayments.atlassian.net/wiki/spaces/DOCS2022/pages/1657012476/Create+Payment#Response-(XML) ) is in XML document with root element
<pmt>.These values are usually the same as in the request:
pmt_action, pmt_version, pmt_id, pmt_reference, pmt_amount, pmt_currencypmt_paymenturlThis is the address where the payer can be redirected instantly to continue the payment process
or this address could be used as "payment link" that is sent to the payer for example by email
or this link can be shown somewhere in the web store.
Payer is redirected to the
pmt_paymenturl.When the payer returns to the web store after payment, web store must validate the payment confirmation and make sure it was not fabricated by a malicious user. Use Payment Status Query instantly to validate the payment.
OPTIONAL (yet recommended): Later a callback request (Callback functions) from Svea’s server is made to web store. If payment has not yet been confirmed earlier, web store must use Payment Status Query to validate the payment.
OPTIONAL:
pmt_paymenturlexpiration time can be updated Payment URL and URL Expiration
...