This documentation is deprecated and only available for supporting old/legacy integrations using for example hashes.">This documentation is deprecated and only available for supporting old/legacy integrations using for example hashes.

New documentation can be found here: [DOCS:Home]">New documentation can be found here: [DOCS:Home]



Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

The API is available at https://europe-west2-svea-payments.cloudfunctions.net

Integration handlers

/references (get-references.ts)

This handler will provide additional functionality for Svea payments app to, after payments, check and associate one or more (copes with none) Svea system IDs and internal Shopify IDs for external reporting. Caller must know the store's secret from Svea system to calculate a hash of the payload.

This handler will take in the order identifiers and return a mapping of the internal IDs and reference numbers.

GET references

  • ?shop is the Shopify shop domain of the calling store (<store>.myshopify.com)

  • ?test flag tells, if test credentials (true) or production credentials (false) should be used. Missing/invalid defaults to false. The desired credentials must also be saved in the configuration for the system to be able to use them for verification!

  • ?ids parameter with one or more IDs (pmt_id in Svea system), separated using comma (,): ?ids=ID1,ID2,IDN

  • ?internal parameter with one or more Shopify internal IDs, separated using comma (,): ?internal=INT1,INT2,INTN

  • ?signature is an uppercase sha256 hash calculated over the arguments used, with appended key being the customer secret obtained from Svea (same secret that's inserted into the admin application's Merchant Key field)

?signature

When calculating the sha256 hash, each query parameter's value is used, separated by ampersand (&). The order of the parameters must be alphabetical by the keys (ids, internal, shop, test) but the order in the URL isn't meaningful. Missing query parameters won't be used for the signature calculation.

This process is analogous to the Svea API convention. Note, that the hashed value must end with the shared secret and additional ampersand and resulting hash must be uppercase.

Responses

If the request is proper, and the signature is calculated properly and with credential information found in the system, 200 OK response with a JSON response is returned:

GET /references?shop=my-store.myshopify.com&test=true&ids=nDPGXbmrlTe9jmXqS5m,Invalid_ID&internal=nfzEJM7DOw0D5laQeUkuFGJCN,Invalid_Internal&signature=...

{
    "ids": {
        "nDPGXbmrlTe9jmXqS5m": {
			"internal": "nDPGXbmrlTe9jmXqS5mXPy9Rn",
			"reference": "00000000009544178350"
		}
    },
    "internal": {
        "nfzEJM7DOw0D5laQeUkuFGJCN": {
			"id": "nfzEJM7DOw0D5laQeUk",
			"reference": "00000000004675838917"
		}
    }
    "invalid": [
        "Invalid_ID", "Invalid_Internal"
    ]
}

.internal[] is a key-value object with all successfully mapped internal IDs. .ids[] like wise is a key-value object mapping internal IDs to Svea IDs. .invalid will contain all IDs, that for some reason weren't found for the particular store.

If any of the query parameters are invalid, 401 Unauthorized is returned. In other error cases, HTTP 4xx or 500 may be returned.

  • No labels