Skip to content

BLIK

BLIK is the most popular mobile payment system in Poland and it’s convenient and safe. It enables users to make instant payments using their banking app, entering the BLIK and confirming the transaction with the pin in the banking app.

Payment optionCategoryCountriesCurrenciesFeaturesIntegrations
BLIKOnline bankingPolandPLNOneClick/Without a code
Partial refund
Refunds
Cancellation
Virtual Terminal
API
Payment Form
Prestashop Plugin
WooCommerce Plugin
Magento Plugin

How to use BLIK

After you create the order and the shopper selects BLIK on your website:

  1. The buyer has to enter a secure BLIK code in the payment form;
  2. He gets this six-digit code from his baking application and enters it on your checkout page. The BLIK code expires in 120 seconds;
  3. Once the shopper chooses Pay, BLIK sends a push notification to their banking app;
  4. The shopper must confirm the payment on their banking app within 45 seconds for the payment to go through.
Notification

Check here the instructions to perform BLIK without a code.

How it works

Before you start, you should create the order request with BLIK as payment method.

After that, you should make a BLIK purchase as detailed below:

EnvironmentURLOperation Method & EndpointOperation Description
PRODapi.sibsgateway.comPOST
api/v1/payments/:transactionId/blik/purchase
Perform the client redirection to BLIK payment system in order to perform client code collection and payment confirmation.
TESTstargate-cer.qly.site[1|2].sibs.ptPOST
api/v1/payments/:transactionId/blik/purchase
Perform the client redirection to BLIK payment system in order to perform client code collection and payment confirmation.

The message below represents the BLIK payment:

Path id

string

Mandatory

Used to identify the transaction.

Show more
Header parameters
Content-type

string

Mandatory

Application/json.

Show more
Authorization

string

Mandatory

Authorization digest.

Show more
Request parameters
Info

object

Mandatory

Object that defines the transaction additional information.

Show more
deviceInfo

object

Mandatory

Object that defines the customer device information.
Not present if the object was sent in Order Creation.

Show more
browserAcceptHeader

String <= 40 characters

Optional

Browser Accept Header

Show more
browserJavaEnabled

String <= 40 characters

Optional

Browser Java Enabled.

Show more
browserLanguage

String <= 40 characters

Mandatory

Browser Language.

Show more
browserColorDepth

String <= 40 characters

Mandatory

Browser Color Depth.

Show more
browserScreenHeight

String <= 40 characters

Mandatory

Browser Screen Height.

Show more
browserScreenWidth

String <= 40 characters

Mandatory

Browser Screen Width

Show more
browserTZ

String <= 40 characters

Mandatory

Browser Time Zone

Show more
browserUserAgent

String <= 40 characters

Mandatory

Browser User Agent.

Show more
systemFamily

String <= 40 characters

Mandatory

System Family

Show more
systemVersion

String <= 40 characters

Mandatory

System Version.

Show more
systemArchitecture

String <= 40 characters

Mandatory

System Architecture

Show more
deviceManufacturer

String <= 40 characters

Mandatory

Device Manufacturer.

Show more
deviceModel

String <= 40 characters

Mandatory

Device Model.

Show more
deviceID

String <= 40 characters

Mandatory

Device Unique Identification.

Show more
applicationName

String <=40 characters

Mandatory

Application Name.

Show more
applicationVersion

String <= 40 characters

Mandatory

Application Version.

Show more
geoLocalization

String <= 40 characters

Mandatory

Geolocation.

Show more
ipAddress

String <= 40 characters

Mandatory

IP Address.

Show more
customerInfo

object

Mandatory

Key value tuple array.

Show more
Key

String

Mandatory

Show more
Value

String

Mandatory

Show more
BLIKcode

String

Optional

BLIK Code. With 6 digit pattern. Mandatory for BLIK Purchase. Not present if token value is presented in request (for BLIK One Click Purchase).

Show more

Here is an example of a BLIK purchase:

Request URL:
https://stargate-cer.qly.site1.sibs.pt/api/v1/payments/{transactionID}/blik/purchase
Request Headers:
Authorization: Digest {transactionSignature}
X-IBM-Client-Id: b4480347-9fc8-4790-b359-100a99c60ea3
Content-Type: application/json
{
 "info": {
 "deviceInfo": {
 "browserAcceptHeader": "application/json, text/plain, */*",
 "browserJavaEnabled": "false",
 "browserLanguage": "en",
 "browserColorDepth": "24",
 "browserScreenHeight": "1080",
 "browserScreenWidth": "1920",
 "browserTZ": "-60",
 "browserUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
 },
 "customerInfo": [
 {
 "key": "customerName",
 "value": "Test Name"
 },
 {
 "key": "customerEmail",
 "value": "email@provider.com"
 }
 ]
 },
 "merchant": {
 "merchantURL": "https://www.pay.sibs.com/eng/documentation/sibs-gateway-3//integration/server-to-server/blik/"
 },
 "BLIKCode": "777001"
}
Notification

For testing purposes, all 6-digit BLIK codes starting with 777 (e.g., 777001) are considered valid. These codes are shared, so if any of them are temporarily invalid, please choose another code sequence starting with 777.

Upon completing the purchase operation, you should receive a pending paymentStatus

The message below represents a response that you get from our server.

{
 "transactionID": "83GdUDUv2ykTTJUzsB9G",
 "execution": {
 "startTime": "2023-06-20T09:20:02.862Z",
 "endTime": "2023-06-20T09:20:05.048Z"
 },
 "paymentStatus": "Pending",
 "returnStatus": {
 "statusCode": "000",
 "statusMsg": "Success",
 "statusDescription": "Success"
 },
 "actionResponse": {
 "data": {
 "params": []
 }
 }
}

To obtain the latest update, it is necessary to subsequently perform a “Get Status” operation.

The Authorization HTTP header is set to the Bearer token as it was used in the initial Checkout.

GET {transactionID}/status
Request URL:
https://stargate-cer.qly.site1.sibs.pt/api/v1/payments/{transactionID}/status
Request Headers:
Authorization: ‘Bearer <AuthToken>’
X-IBM-Client-Id: ‘<ClientId>’
Content-Type: application/json

A successful technical response comprises of an HTTP-200 status and a returnStatus.statusCode=”000″.

Here are some examples of the possible result codes:

Result CodestatusMsgDescriptionAction
HTTP-200SuccessSuccess responseN/A
HTTP-400Bad RequestThe JSON payload is not matching the API definition or some mandatory HTTP headers are missing.Please check in API Market for the correct syntax.
HTTP-401UnauthorizedOn the Authorization, Bearer token is invalid/expired or not associated with the Terminal used.Please check in SIBS Backoffice under the Credentials if the token is valid and create a new one if needed.
HTTP-403ForbiddenThe ClientID set on the X-IBM-Client-Id HTTP header is not valid or does not possess a valid subscription to the API.Please check in SIBS Backoffice under the SPG APP 2.0 if the ClientID is correct. If the problem persists contact SIBS Gateway support for a ClientID reset.
HTTP-405Method Not AllowedThe HTTP Method used is not matching any of the API definitions available.Please check in API Market for the correct HTTP Method.
HTTP-429Too Many RequestsThe API calls rate limit has been exceeded.Please check in API Market for information on the rate limits that apply to the API.
HTTP-500Internal Server ErrorThe API call has failed… and its most likely on our side.You should retry the operation, and if the problem persists contact SIBS Gateway support for assistance.
HTTP-503Service UnavailableThe API call is not currently available. Usually we are always on, but short availability issues may occur during scheduled maintenance.You should wait and try again later.