Environment

Env	URL	Description
Test	https://iframe.hipay.world
STG	None
Prod	Not published

Merchant Authorization and Authentication Process

iframe front-end docking

Authorization

iframe authorization URL

https://iframe.hipay.world/en-US/alogin/?key=MerchantAPIKey&ticket=MerchantAuthenticationMark

Request method

GET

Request Parameters

Fields	Data Types	illustrate	Effect
key	String	Requesting an API KEY	Identify and distinguish white label users
ticket	String	Merchant authentication mark	Merchant self-certification or authentication identification
en-US	String	Language. The URL does not need to carry a language identifier. The default is en-US.	Supported languages:zh-CN/en-US

iframe routing

illustrate

iframe supports loading pages individually, but the key and ticket need to be carried on the URL. When loading a single page, the authorization prompt will appear on the current interface. After authorization, it can be used normally.
Example:https://iframe.hipay.world/aLogin?key=d1f1a482-6aba-4b6d-bcfe-1050c8cbabfc&ticket=13

Module Routing

Log in

Login：https://iframe.hipay.world/aLogin

Card

Card List：https://iframe.hipay.world/

Card assets：https://iframe.hipay.world/card

Card-Full Information：https://iframe.hipay.world/card/info/[accountCardId]

Card bill：https://iframe.hipay.world/card/bill

Card Statement-Details：https://iframe.hipay.world/card/bill/[id]

Application card list：https://iframe.hipay.world/card/list

Card Details：https://iframe.hipay.world/card/details/[ditchCardId]

My Cards：https://iframe.hipay.world/card/my

Deposit/mortgage：https://iframe.hipay.world/card/recharge

Card Record：https://iframe.hipay.world/card/record

Card Record-Details：https://iframe.hipay.world/card/record/[id]

Address

Address List：https://iframe.hipay.world/address

Add an address：https://iframe.hipay.world/address/add

Edit Address：https://iframe.hipay.world/address/edit/[id]

iframe work flow

Card Opening Work Flow：

Register/Login (Registered Customer)：API
Card List：iframe
Card Details：iframe
Card Application：iframe
Open card payment：API
Card opening information：iframe
Phone number：API
Mail：API
Cardholder address：iframe
Submit for review：iframe
Card assets：iframe

Top Up Work Flow:

Register/Login (Registered Customer)：API
My Cards：iframe
Recharge Application：iframe
Recharge payment：API
Recharge submission completed：iframe

Merchant Authorization

Merchants need to provide a self-authentication interface, which is configured on the Broker management platform.

Location:

Settings->Access Management->Authorized Addresses

Implement the main process:

iframe requests the merchant based on the set address
Merchants use the merchant authentication identification Ticket to perform self-authentication and authentication:
- If rejected, an error is returned directly
- If it passes, call the "Register Customer" in the OpenApi interface to perform UPay authentication
- Registering customer service is done by mobile phone number or email address in the default customer group
Once authentication is completed, the temporary ticket issued by UPay is returned to the merchant. The merchant needs to return the temporary ticket information to the merchant user of the IFrame.
Merchant users exchange temporary tickets for authentication tokens

Authorization interface

Request method

POST

Request Parameters

Fields	Data Types	illustrate	Effect
ticket	String	Merchant authentication mark	Merchant self-certification or authentication identification

{
    "ticket": "eff46b37-ee08-473e-a94b-c8b05069320b"
}

Return

Fields	Data Types	illustrate	Effect
ticket	String	UPay temporary bill	Used to exchange IFrame for Token

The merchant successfully authenticates and returns a temporary UPay ticket:

{
    "data": {
        "ticket": "eff46b37-ee08-473e-a94b-c8b05069320b"
    },
    "code": 0,
    "msg": "success"
}

Returned when merchant authentication is rejected or failed

{
    "data": null,
    "code": 500,
    "msg": "fail"
}