Version Guide Testverktyg. Merchant Swish Simulator. Datum: 2015/12/10

Similar documents
Cloud Elements! Marketing Hub Provisioning and Usage Guide!

QIWI Wallet Pull Payments API

Issue 1. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

Server and Direct Shared Protocols

Internet Payment Gateway Response Codes

Web Services Credit Card Errors A Troubleshooter

Smart Card Authentication Client. Administrator's Guide

Web Services Credit Card Errors A Troubleshooter

VPN Client User s Guide Issue 2

Web Services Credit Card Errors A Troubleshooter

PaperCut Payment Gateway Module - RBS WorldPay Quick Start Guide

Merchant Interface Online Help Files

Order Notifications - reporting a payment status

Cloud Elements ecommerce Hub Provisioning Guide API Version 2.0 BETA

Deltek Touch Time & Expense for Vision 1.3. Release Notes

Setting Up epayment Processing

Grandstream Networks, Inc. GXP2130/2140/2160 Auto-configuration Plug and Play

API Guide v /11/2013

Frequently Asked Questions: Cisco Jabber 9.x for Android

Advanced HTTP API Documentation

API documentation - 1 -

Platform Error Messages

Smart Card Authentication. Administrator's Guide

C&A AR Online Credit Card Processor Installation and Setup Instructions with Process Flow

Web Connect Guide MFC-J825DW MFC-J835DW. Version 0 USA

SOPG (Service Oriented Prepaid Gateway - xml based protocol) Documentation. Version Date Description Author

Nokia Internet Modem User Guide

Quest Soft Token for Windows Phone User Guide

User Guide. SafeNet MobilePASS for Windows Phone

Magento Troubleshooting

Working With Virtual Hosts on Pramati Server

Bank and SecurePay Response Codes

Netswipe Processing Implementation

Merchant Implementation Guide

Cathay Business Online Banking Quick Guide

GP webpay - Practical Examples

Saferpay Implementation Guide

Global Transport Secure ecommerce. Web Service Implementation Guide

IBM i Version 7.3. Security Digital Certificate Manager IBM

HTTP Protocol. Bartosz Walter

GoCoin: Merchant integration guide

AIRTEL INDIA OPEN API. Application Developer Guide for OAuth2 Authentication and Authorization. Document Version 1.1

Micros Troubleshooting & Error Message Guide.

Type Message Description Probable Cause Suggested Action. Fan in the system is not functioning or room temperature

Setup Guide Access Manager Appliance 3.2 SP3

Technical documentation

TMS Phone Books Troubleshoot Guide

Turnitin User Guide. Includes GradeMark Integration. January 2014 (revised)

E-payment. Service description

Qualys API Limits. July 10, Overview. API Control Settings. Implementation

SMTP-32 Library. Simple Mail Transfer Protocol Dynamic Link Library for Microsoft Windows. Version 5.2

Global Iris Integration Guide ecommerce Remote Integration

CyberSource Credit Card Reason Codes

Content Filtering Client Policy & Reporting Administrator s Guide

Corporate Telephony Toolbar User Guide

Table of Contents. Open-Xchange Authentication & Session Handling. 1.Introduction...3

Configure Microsoft Dynamics AX Connector for Mobile Applications

The IVE also supports using the following additional features with CA certificates:

BMC Track-It! Web. Web Services API Guide. Version 11.3

UpCloud API Documentation. API version Updated Aug 13, 2013

IBM Cloud Manager with OpenStack. REST API Reference, version 4.1

VeriSign Payment Services

Managing Users and Identity Stores

Secure XML API Integration Guide. (with FraudGuard add in)

ipayment Gateway API (IPG API)

Error Code Quick Reference Guide Updated 01/28/2015

Getting Started Guide

PingFederate. Windows Live Cloud Identity Connector. User Guide. Version 1.0

ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example

Daisy Chain Series DVD/CD Duplicator System

Creating International Wire Transfer Payments Reference Guide

Setup Guide Access Manager 3.2 SP3

Password Reset Server User Guide

Credit Card Retrieval API Implementation Guide This guide illustrates how to implement the Credit Card Retrieval API.

AS DNB banka. DNB Link specification (B2B functional description)

Fairsail REST API: Guide for Developers

Recurring Payments Manual

MONETA.Assistant API Reference

RoomWizard Synchronization Software Manual Installation Instructions

NetIQ Advanced Authentication Framework - Client. User's Guide. Version 5.1.0

SafeGuard Enterprise Web Helpdesk. Product version: 6 Document date: February 2012

Application Note Configuring Department of Defense Common Access Card Authentication on McAfee. Firewall Enterprise

System Administrator Training Guide. Reliance Communications, Inc. 603 Mission Street Santa Cruz, CA

DIRECT INTEGRATION GUIDE DIRECT INTEGRATION GUIDE. Version: 9.16

PaperCut Payment Gateway Module PayPal Website Payments Standard Quick Start Guide

MyGate Response Codes. Version 2.1

Automated Inventory System

HPSM Integration Guide

vcloud Air Platform Programmer's Guide

Integration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with Apache HTTP Server

Management Reporter Integration Guide for Microsoft Dynamics AX

TRUST Online u s e r g u i d e v e r s i o n 8. 4 O c t o b e r

Payment Response Guide. Version 4.3 September 2012 Business Gateway

Configuring Network Load Balancing with Cerberus FTP Server

JobReady. E-signatures

Advantech WebAccess Device Driver Guide. BwSNMP Advantech WebAccess to SNMP Agent (Simple Network Management Protocol) Device Driver Guide

Alpha e-pay v2 Merchant User Manual (v1.9)

Server-to-Server Credit Card Implementation Guide

Astaro User Portal: Getting Software and Certificates Astaro IPsec Client: Configuring the Client...14

Transcription:

Version 0.9.8.1 Guide Testverktyg Merchant Swish Simulator Datum: 2015/12/10

Table of content 1 Document Versions... 3 2 Background... 3 3 Prerequisites... 4 3.1 URLs of MSS... 4 3.2 TLS certificates... 4 3.3 TLS for the callback endpoint... 4 4 Create payment request... 4 4.1 Payment request object... 4 4.2 Example positive test cases... 5 4.2.1 E-Commerce... 5 4.2.2 M-Commerce... 6 4.3 Example negative test cases... 7 4.4 HTTP status codes... 7 4.5 Error codes... 8 5 Retrieve payment confirmation callback... 9 5.1 Example retrieve payment confirmation callback... 9 5.2 Example retrieve payment confirmation callback negative... 10 5.3 HTTP status codes... 10 6 Create refund request... 11 6.1 Refund request object... 11 6.2 Example positive test cases... 12 6.3 Example negative test cases... 12 6.4 HTTP status codes... 13 6.5 Error codes... 14 7 Retrieve refund confirmation callback... 15 7.1 Example retrieve refund confirmation callback... 15 7.2 HTTP status codes... 15 8 Test Tips... 16 Swish 2

1 Document Versions Date Version Name Description 2015-11-05 0.9.8 AT First release to publish 2015-12-10 0.9.8.1 CS Renamed document to Guide Testverktyg 3.3 Added information about port. 4.2.1 Changed example callback url. 4.2.2 Changed example callback url. 4.3 Changed example callback url. 4.5 Deleted error codes AC05, AC06, AC07, AC15, AM04, AM14, AM21, and DS0K. Added error code RF07. 5.1 Changed example callback url. 5.2 Changed example callback url. 6.2 Changed example callback url. 6.3 Changed example callback url. 6.5 Deleted error codes AC05, AC06, AC07, AC15, AM04, AM14, AM21, and DS0K. Added error code RF07. Deleted note related to error code RF04. Added error code RF07. 7.1 Changed example callback url. 2 Background Merchant Swish Simulator (MSS) is a test tool to offer a way for merchants to verify the format of and content in the API calls to Swish without any backward integration to other system components by returning an error message or a correctly formatted response message. Merchants are MSS User Guide target reader group. Merchants will able to send requests to MSS in order to validate positive and negative test cases. Swish 3

3 Prerequisites 3.1 URLs of MSS HTTPS://mss.swicpc.bankgirot.se/swish-cpcapi/api/v1/paymentrequests/ HTTPS://mss.swicpc.bankgirot.se/swish-cpcapi/api/v1/refunds/ 3.2 TLS certificates In order to communicate with the Swish server use the Swish client TLS certificate in the file Swish Merchant Test Certificate 1231181189.p12. The file contains the Swish Merchant Test Certificate together with the complete chain of trust and the private key. The password for the private key is swish. The test certificate is used together with the Swish number in the file name, e.g. 123 118 11 89. It is necessary to provide the Swish client TLS certificate together with all CA certificates up to the Swish Root CA in order to correctly set up a TLS session with the Swish API. It is recommended to require verification of the Swish server TLS certificate and not to ignore this verification, in case your server allows you to disable server certificate verification. The Swish server TLS certificate is issued under the same Swish Root CA as the Swish Merchant Test Certificate (i.e. Test Swish Root CA v1 Test ). The Swish Root CA certificate is available in the file mentioned above but also in a separate file Test Swish Root CA v1 Test.pem. 3.3 TLS for the callback endpoint The callback endpoint has to use HTTPS on port 443 and it is highly recommended to use IP filtering as well. For the callback Swish will be acting client and the merchant server is acting server. Swish will validate the merchant callback server TLS certificate against a list of commonly recognized CAs. 4 Create payment request Merchants can create payment request for both E-Commerce and M-Commerce to MSS. Once MSS receives a create payment request call from merchants, there are two answers that will be returned from MSS. The first answer is synchronous, the second one is asynchronous. Please note the following: 1. MSS directly returns Payment request created response to the merchants. In case of M- Commerce the response will also contain a Token, unique for each payment request. 2. MSS sends a Payment confirmation to the merchant s callback URL after some delay, default is five seconds. The delay is only configurable by Getswish. In order to create payment request to MSS, Payment request object need to be POST to URL: HTTPS://mss.swicpc.bankgirot.se/swish-cpcapi/api/v1/paymentrequests/ 4.1 Payment request object Swish 4

The Payment Request Object is used in all payment request operations. The fields marked as mandatory in the list below have to be present in the Create operation. Property Type Mandatory/ Optional Description payeepaymentreference string O Payment reference of the payee, which is the Merchant that receives the payment. This reference could be order id or similar. callbackurl string M URL that Swish will use to notify caller about the outcome of the Payment request. The URL has to use HTTPS. payeralias string O The registered Cell phone number of the person that makes the payment. It can only contain numbers and has to be at least 8 and at most 15 numbers. It also needs to match the following format in order to be found in Swish: country code + cell phone number (without leading zero). E.g.: 46712345678 payeealias string M The Swish number of the payee. It needs to match with Merchant Swish number. amount string M The amount of money to pay. The amount cannot be less than 1 SEK and not more than 999999999999.99 SEK. Valid value has to be all numbers or with 2 digit decimal currency string M The currency to use. Only supported value currently is SEK. message string O Merchant supplied message about the payment/order. Max 50 chars. Allowed characters are the letters a-o, A-Ö, the numbers 0-9 and the special characters :;.,?!(). For MSS, errorcode as defined in section 0 can be set in the message property in order 4.2 Example positive test cases 4.2.1 E-Commerce Swish 5

A create payment request call from merchants with the payer s mobile telephone number is for E- Commerce. curl -v --request POST https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/paymentrequests \ { }! --header "Content-Type: application/json" \ --data @- <<! "payeepaymentreference": "0123456789", "callbackurl": "https://example.com/api/swishcb/paymentrequests", "payeralias": "4671234768", "payeealias": "1231181189", "amount": "100", "currency": "SEK", "message": "Kingston USB Flash Drive 8 GB" < HTTP/1.1 201 Created < Location: https://mss.swicpc.bankgirot.se/swishcpcapi/v1/paymentrequests/ab23d7406ece4542a80152d909ef9f6b 4.2.2 M-Commerce A create payment request call from merchants without the payer s mobile telephone number is for M- Commerce. curl -v --request POST https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/paymentrequests \ --header "Content-Type: application/json" \ --data @- <<! { "payeepaymentreference": "0123456789", "callbackurl": "https://example.com/api/swishcb/paymentrequests", "payeealias": "1231181189", "amount": "100", "currency": "SEK", "message": "Kingston USB Flash Drive 8 GB" }! < HTTP/1.1 201 Created < Location: Swish 6

https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/paymentrequests/ab23d7406ece4542a80152d909ef9f6b < PaymentRequestToken: f34ds34lfd0d03fddselkfd3ffk21 4.3 Example negative test cases A create payment request call from merchants with errorcode in property 'message'. curl -v --request POST https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/paymentrequests/ \ --header "Content-Type: application/json" \ --data @- <<! { "payeepaymentreference": "0123456789", "callbackurl": "https://example.com/api/swishcb/paymentrequests", "payeealias": "1231181189", "amount": "100", "currency": "SEK", "message": "BE18" }! < HTTP/1.1 422 Unprocessable Entity < Content-Type: application/json < Transfer-Encoding: chunked < [{"errorcode":"be18","errormessage":"in this case incorrect MSISDN","additionalInformation":null}] 4.4 HTTP status codes Potential HTTP status codes returned for create payment response: HTTP status codes Returned scenarios 201 Created Returned when Payment request was successfully created. Will return a Location header and if it is M-Commerce case, it will also return PaymentRequestToken header. 400 Bad Request Returned when the Create Payment Request operation was malformed. 401 Unauthorized Returned when there are authentication problems with the certificate. Or the Swish number in the certificate is not enrolled. Will return nothing else. Swish 7

403 Forbidden Returned when the payeealias in the payment request object is not the same as Merchants Swish-number. 415 Unsupported Media Type 422 Unprocessable Entity Returned when Content-Type header is not "application/json". Will return nothing else. Returned when there are validation errors. Will return an Array of Error Objects. 500 Internal Server Error Returned if there was some unknown/unforeseen error that occurred on the server, this should normally not happen. Will return nothing else. 4.5 Error codes Potential Error codes which can be set on Create payment request 'message' to simulate validation failure in the Payment request created response (HTTP status code 422 is returned for the first answer): Error codes Description FF08 RP03 BE18 RP01 PA02 AM06 AM02 AM03 RP02 RP06 ACMT03 ACMT01 ACMT07 PayeePaymentReference is invalid Callback URL is missing or does not use Https Payer alias is invalid Payee alias is missing or empty Amount value is missing or not a valid number Amount value is too low Amount value is too large Invalid or missing Currency Wrong formatted message Another active PaymentRequest already exists for this payeralias. Only applicable for E-Commerce. Payer not Enrolled Counterpart is not activated Payee not Enrolled Potential Error codes which can be set on Create payment request 'message' to simulate failed Payment confirmation (HTTP status code 422 is returned for the second answer): Error codes Description Swish 8

RF07 BANKIDCL FF10 TM01 DS24 Transaction declined Payer cancelled BankId signing Bank system processing error Swish timed out before the payment was started Swish timed out waiting for an answer from the banks after payment was started. Note: If this happens Swish has no knowledge of whether the payment was successful or not. The Merchant should inform its consumer about this and recommend them to check with their bank about the status of this payment. 5 Retrieve payment confirmation callback Merchants can retrieve payment confirmation callback by sending GET HTTP to URL: HTTPS://mss.swicpc.bankgirot.se/swish-cpcapi/api/v1/paymentrequests/{id} The URL is the Location defined in a response of create payment request, check section 5.1 and 5.2 for an example (blue marked areas). Once MSS receives Retrieve payment confirmation callback from merchants, MSS sends a Payment confirmation to the merchant s callback URL. It is possible to simulate all possible values of Payment status by providing the Payment request id of a call made earlier that leads to that outcome. Remark: MSS stores the necessary information about each incoming Payment request in a cache which automatically expires every 24 hours or when the MSS server is restarted. 5.1 Example retrieve payment confirmation callback curl -v --request GET https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/paymentrequests/ab23d7406ece4542a80152d909ef9f6b < HTTP/1.1 200 OK { "id": "AB23D7406ECE4542A80152D909EF9F6B", "payeepaymentreference": "0123456789", "paymentreference": "6D6CD7406ECE4542A80152D909EF9F6B", "callbackurl": "https://example.com/api/swishcb/paymentrequests", "payeralias": "07211234567", "payeealias": "1231234567890", "amount": "100", "currency": "SEK", "message": "Kingston USB Flash Drive 8 GB", "status": "PAID", Swish 9

} "datecreated": "2015-02-19T22:01:53+01:00", "datepaid": "2015-02-19T22:03:53+01:00" 5.2 Example retrieve payment confirmation callback negative curl -v --request GET https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/paymentrequests/88c45305089d4186bd4ac141d0911d55 < HTTP/1.1 200 OK { } "id":"88c45305089d4186bd4ac141d0911d55", "payeepaymentreference":"0123456789", "paymentreference":null, "callbackurl":"https://example.com/api/swishcb/paymentrequests", "payeralias":null, "payeealias":"1231181189", "amount":100.00, "currency":"sek", "message":"ac05", "status":"error", "datecreated":"2015-10-20t10:01:31.784z", "datepaid":null, "errorcode":"ac05", "errormessage":"payers bank account is closed" 5.3 HTTP status codes Potential HTTP status codes returned for retrieve payment confirmation callback response: HTTP status codes Returned scenarios 200 OK Returned when Payment request was found. Will return Payment Request Object. 401 Unauthorized Returned when there are authentication problems with the certificate. Or the Swish number in the certificate is not enrolled. Will return nothing else. Swish 10

404 Not found Returned when the Payment request was not found or it was not created by the Merchant. Will return nothing else. 500 Internal Server Error Returned if there was some unknown/unforeseen error that occurred on the server, this should normally not happen. Will return nothing else. 6 Create refund request Merchants can create refund request to MSS. Once MSS receives a Refund request call from a merchant, it validates that the Refund request refers to an available Payment request with status PAID. If validation passes, there are two answers that will be returned from MSS. The first answer is synchronous, the second one is asynchronous. Please note the following: 1. MSS directly returns a Refund response to the merchant. 2. MSS sends a Refund confirmation to the merchant s callback URL after some delay, default is 10 seconds. The delay is configurable by GetSwish. In order to create refund request to MSS, Refund request object need to be POST to URL: HTTPS://mss.swicpc.bankgirot.se/swish-cpcapi/api/v1/refunds/ 6.1 Refund request object The Refund request object is used in all refund operations. The fields marked as mandatory in the list below have to be present in the Create operation. Property Type Mandatory/ Optional Description payerpaymentreference string O Payment reference supplied by the Merchant. This could be order id or similar. originalpaymentreference string M Payment reference to the original payment that this refund is for. paymentreference string O Payment reference, from the bank, of the refund payment that occurred based on the created refund. Only available if status is PAID. callbackurl string M URL that Swish will use to notify caller about the outcome of the Refund. The URL has to use HTTPS. payeralias string M The Swish number of the Merchant that makes the refund payment. payeealias string O The Cell phone number of the person that receives the refund payment. Swish 11

amount string M The amount of money to refund. The amount cannot be less than 1 SEK and not more than 999999999999.99 SEK. Moreover, the amount cannot exceed the remaining amount of the original payment that the refund is for. currency string M The currency to use. Only supported value currently is SEK. message string O Merchant supplied message about the refund. Max 50 chars. Allowed characters are the letters a- o, A- Ö, the numbers 0-9 and the special characters :;.,?!(). For MSS, errorcode as defined in section 6.5 can be set in the message property in order to simulate negative test cases. 6.2 Example positive test cases curl -v --request POST https:// mss.swicpc.bankgirot.se/swishcpcapi/api/v1/refunds \ --header "Content-Type: application/json" \ --data @- <<! { "payerpaymentreference": "0123456789", "originalpaymentreference": "6D6CD7406ECE4542A80152D909EF9F6B", "callbackurl": "https://example.com/api/swishcb/refunds", "payeralias": "1231234567890", "amount": "100", "currency": "SEK", "message": "Refund for Kingston USB Flash Drive 8 GB" }! < HTTP/1.1 201 Created < Location: https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/refunds/abc2d7406ece4542a80152d909ef9f6b 6.3 Example negative test cases curl -v --request POST https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/refunds \ Swish 12

{ }! --header "Content-Type: application/json" \ --data @- <<! "payerpaymentreference": "0123456789", "originalpaymentreference": "6D6CD7406ECE4542A80152D909EF9F6B", "callbackurl": "https://example.com/api/swishcb/refunds", "payeralias": "1231234567890", "amount": "100", "currency": "SEK", "message": "ACMT07" < HTTP/1.1 422 Unprocessable Entity < Content-Type: application/json < Transfer-Encoding: chunked < [{"errorcode":"acmt07","errormessage":"payee not Enrolled","additionalInformation":null}] 6.4 HTTP status codes Potential HTTP status codes returned for create refund response: HTTP status codes Returned scenarios 201 Created Returned when Refund was successfully created. Will return a Location header. 400 Bad Request Returned when Create refund POST operation was malformed. 401 Unauthorized Returned when there are authentication problems with the certificate. Or the Swish number in the certificate is not enrolled. Will return nothing else. 403 Forbidden Returned when the payeralias in the refund object is not the same as Merchants Swish- number. 415 Unsupported Media Type 422 Unprocessable Entity 500 Internal Server Error Returned when Content- Type header is not "application/json". Will return nothing else. Returned when there are validation errors. Will return an Array of Error Objects. Returned if there was some unknown/unforeseen error that occurred on the server, this should normally not happen. Will return nothing else. Swish 13

504 Gateway Timeout Returned when the Bank validation answers take too long and Swish times out. This rarely happens. 6.5 Error codes Potential Error codes which can be set on create refund request 'message' to simulate validation failure in Refund response (Http status code 422 is returned on the first answer): Error codes Description FF08 RP03 PA02 AM06 RF08 AM03 RP01 RP02 ACMT07 ACMT01 PayerPaymentReference is invalid Callback URL is missing or does not use Https Amount value is missing or not a valid number Amount value is too low Amount value is too large or amount exceeds the amount of the original payment minus any previous refunds. Note: the remaining available amount is put into the additional information field. Invalid or missing Currency Payer alias is missing or empty Invalid Message text Payee not Enrolled Counterpart is not activated RF02 Original Payment not found or original payment is more than than 13 months old RF03 RF04 RF06 RF07 FF10 BE18 Payer alias in the refund does not match the payee alias in the original payment. Payer organization number does not match original payment payee organization number. The Payee SSN (personnummer) in the original payment is not the same as the SSN for the current Payee. Note: Typically this means that the Mobile number has been transferred to another person. Transaction declined Bank system processing error Invalid contact details error Potential Error codes which can be set on Create refund request 'message' to simulate failed Refund confirmation (HTTP status code 422 is returned for the second answer): Swish 14

Error codes Description DS24 Swish timed out waiting for an answer from the banks after payment was started. Note: If this happens Swish has no knowledge of whether the payment was successful or not. The Merchant should inform its consumer about this and recommend them to check with their bank about the status of this payment. 7 Retrieve refund confirmation callback Merchants can retrieve refund confirmation callback by sending GET HTTP to URL: HTTPS://mss.swicpc.bankgirot.se/swish-cpcapi/api/v1/refunds/{id} The URL is the Location defined in a response of create refund request, check section 7.1 for an example. 7.1 Example retrieve refund confirmation callback curl -v --request GET https://mss.swicpc.bankgirot.se/swishcpcapi/api/v1/refunds/abc2d7406ece4542a80152d909ef9f6b < HTTP/1.1 200 OK { "id": "ABC2D7406ECE4542A80152D909EF9F6B", "payerpaymentreference": "0123456789", "originalpaymentreference": "6D6CD7406ECE4542A80152D909EF9F6B", "callbackurl": "https://example.com/api/swishcb/refunds", "payeralias": "1231234567890", "payeealias": "07211234567", "amount": "100", "currency": "SEK", "message": "Refund for Kingston USB Flash Drive 8 GB", "status": "PAID", "datecreated": "2015-02-19T22:01:53+01:00", "datepaid": "2015-02-19T22:03:53+01:00" } 7.2 HTTP status codes Potential HTTP status codes returned for retrieve refund confirmation callback: HTTP status codes Returned scenarios Swish 15

200 OK Returned when refund was found. Will return Refund Object.. 401 Unauthorized Returned when there are authentication problems with the certificate. Or the Swish number in the certificate is not enrolled. Will return nothing else. 404 Not found Returned when no refund was found or it was not created by the Merchant. Will return nothing else. 500 Internal Server Error Returned if there was some unknown/unforeseen error that occurred on the server, this should normally not happen. Will return nothing else. 8 Test Tips In addition to using the Message element for simulating errors in the synchronous and asynchronous responses other methods can be used. These are described below: HTTP communication o Provide an incorrect address e.g. i.e. remove s in paymentrequests HTTP 404 Not Found o Remove client certificate Received fatal alert: handshake_failure Payment Request o "payeepaymentreference" Provide too long FF08","errorMessage":"Payment Reference is invalid" Provide NULL FF08","errorMessage":"Payment Reference is invalid" o "amount" Provide, e.g. 12,09 PA02","errorMessage":"Amount value is missing or not a valid number Provide less than 1 e.g. 0.5 - "AM06","errorMessage":"Specified transaction amount is less than agreed minimum" Provide 3 decimals e.g. 100.777 PA02","errorMessage":"Amount value is missing or not a valid number o "payeealias" Provide a number that does not match the value in the certificate PA01","errorMessage":"Parameter is not correct." o "payeralias" Provide a too long or short number - "BE18","errorMessage":"Payer alias is invalid" o "currency" Provide another value than SEK - :"AM03","errorMessage":"Invalid or missing Currency" Callback confirmation o Provide an invalid ID - HTTP/1.1 404 Not Found Refund o "payerpaymentreference" Provide too long reference FF08","errorMessage":"Payment Reference is invalid" Provide NULL FF08","errorMessage":"Payment Reference is invalid" o "originalpaymentreference" This value is taken from the Payment Request callback element paymentreference Swish 16

o o o Use a value that is not valid i.e. change a value - "RF02","errorMessage":"Original Payment not found or original payment is more than than 13 months old" "payeralias" Provide a number that does not match the value in the certificate PA01","errorMessage":"Parameter is not correct." "amount" Provide an amount that is greater than the original payment - "RF08","errorMessage":"Amount value is too large or amount exceeds the amount of the original payment minus any previous refunds" Note in production the payment balance is updated after each refund but in this simulator only the original amount is used in the validation Provide, e.g. 12,09 PA02","errorMessage":"Amount value is missing or not a valid number Provide less than 1 e.g. 0.5 - "AM06","errorMessage":"Specified transaction amount is less than agreed minimum" Provide 3 decimals e.g. 100.777 PA02","errorMessage":"Amount value is missing or not a valid number "currency" Provide another value than SEK - :"AM03","errorMessage":"Invalid or missing Currency" Swish 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information