giropay is a German payment method that simplifies online purchases through fast, secure and guaranteed bank transfers.
It is an online banking-based payment method that allows customers to complete transactions online, with funds directly debited from their bank accounts. Depending on their bank, customers may confirm payments using a second-factor authentication or a PIN.
Payment option | Category | Country | Currency | Features | Integrations |
---|---|---|---|---|---|
giropay | Online Banking | Germany | EUR | Partial refund Refunds Cancellation | API Payment form Prestashop plugin WooCommerce plugin Magento plugin |
How to use giropay
The journey proceeds as follows:
- On the merchant’s website, the customer chooses to pay online via giropay.
- The customer is guided to a page where they can select their preferred bank and is redirected to the bank’s online banking page.
- Following this, the customer securely logs in to their chosen bank using their account credentials.
- A transaction summary is then presented to the customer, enabling them to review all transaction details prior to authorizing the payment.
- Once authorized, a transaction confirmation promptly reassures the customer, while the consumer is redirected to the merchant’s website.
- Merchant is notified of the successful payment.
How it works
Below you will find a detailed overview of the key steps essential for integrating the giropay payment method.
Step 1: Create the Order
Step 2: Get the Payment Link
Step 3: Get the Payment Status
Step 1: Create the Order
Ensure you have initiated the order request with giropay (“GRPY”) selected as the designated payment method (transaction.paymentMethod) and configured the customer’s language preference in customerInfo.customerLanguage.
Step 2: Get the Payment Link
Follow the instructions provided to obtain the payment link, to redirect the customer to a secure payment page for authentication and payment authorization.
Please be aware that the request below requires an Authorization Header containing the transactionSignature obtained on the previous step.
Endpoints:
Environment | URL | Operation Method & Endpoint | Operation Description |
---|---|---|---|
PROD | api.sibsgateway.com | POST {version-id}/payments/{id}/pbl/payment-link | Perform the transaction and redirect user to Payment Host. |
TEST | stargate-cer.qly.site[1|2].sibs.pt | POST {version-id}/payments/{id}/pbl/payment-link | Perform the transaction and redirect user to Payment Host. |
Ensure that you include these essential elements as specified:
Location | Data Element | Type | Condition | Description |
---|---|---|---|---|
Path | id | String | Mandatory | Used to identify the transaction |
Header parameters:
Location | Data Element | Type | Condition | Description |
---|---|---|---|---|
Request Header | Content-Type | String | Mandatory | application/json |
Request Header | Authorization | String | Mandatory | Authorization Digest |
Request parameters:
Location | Data Element | Type | Condition | Description |
---|---|---|---|---|
Request Body | userAcceptanceIndicator | Boolean | Mandatory | Indicates if the user has accepted the Terms and Conditions, in order to continue with the payment. |
Request Body | gatewayId | String | Mandatory | Payment Channel identifier for the channel the Customer is going to use for their payment. Value: ‘giropay’ – giropay; |
Request Body | info | Info | Mandatory | Object that defines the transaction additional information. |
Request Body.info | deviceInfo | DeviceInfo | Optional | Object that defines the customer device information. |
Request Body.info.deviceInfo | browserAcceptHeader | string | Optional | Browser Accept Header |
Request Body.info.deviceInfo | browserJavaEnabled | string | Optional | Browser Java Enabled |
Request Body.info.deviceInfo | browserLanguage | string | Optional | browser Language |
Request Body.info.deviceInfo | browserColorDepth | string | Optional | browser Color Depth |
Request Body.info.deviceInfo | browserScreenHeight | string | Optional | browser Screen Height |
Request Body.info.deviceInfo | browserScreenWidth | string | Optional | browser Screen Width |
Request Body.info.deviceInfo | browserTZ | string | Optional | Browser Time Zone |
Request Body.info.deviceInfo | browserUserAgent | string | Optional | Browser User Agent |
Request Body.info.deviceInfo | systemFamily | string | Optional | System Family |
Request Body.info.deviceInfo | systemVersion | string | Optional | System Version |
Request Body.info.deviceInfo | systemArchitecture | string | Optional | System Architecture |
Request Body.info.deviceInfo | deviceManufacturer | string | Optional | Device Manufacturer |
Request Body.info.deviceInfo | deviceModel | string | Optional | Device Model |
Request Body.info.deviceInfo | deviceID | string | Optional | Device Unique Identification |
Request Body.info.deviceInfo | applicationName | string | Optional | Application Name |
Request Body.info.deviceInfo | applicationVersion | string | Optional | Application Version |
Request Body.info.deviceInfo | geoLocalization | string | Optional | Geolocation |
Request Body.info.deviceInfo | ipAddress | string | Optional | IP Address |
Request Body | customerInfo | CustomerInfo | Optional | Key Value tuple array. |
Request Body.customerInfo | key | string | Mandatory | Used to supply “customerName”, “customerEmail”. |
Request Body.customerInfo | value | string | Mandatory | Used to supply “customerName”, “customerEmail”. |
Request Body | merchant | Merchant | Optional | Merchant Data |
Request Body.merchant | merchantURL | string | Mandatory | Merchant Shop URL for redirect. |
Request Body.info | accountInfo | AccountInfo | Optional | Account related data. Applicable when gatewayId is ‘giropay’, |
Request Body.info.accountInfo | holderName | Max100Text | Optional | Account Holder Name. UTF-8 Format. |
Request Body.info.accountInfo | customerCountry | Country Code | Optional | Customer Country Code. Alpha2 |
Here’s a model of how to get the payment link:
{
"userAcceptanceIndicator": true,
"gatewayId": "giropay",
"info": {
"deviceInfo": {
"browserAcceptHeader": "application/json, text/plain, */*",
"browserJavaEnabled": "false",
"browserLanguage": "en",
"browserColorDepth": "24",
"browserScreenHeight": "1080",
"browserScreenWidth": "1920",
"browserTZ": "-60",
"browserUserAgent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36",
"geoLocalization": "Lat: 38.7350528 | Long: -9.2143616",
"systemFamily": "Windows",
"systemVersion": "Windows",
"deviceID": "498bfd4c3a3645b38667a7037b616c18",
"applicationName": "Chrome",
"applicationVersion": "106"
},
"customerInfo": [
{
"key": "customerName",
"value": "Test Name"
},
{
"key": "customerEmail",
"value": email@provider.com
}
],
"accountInfo": {
"holderName": "Test Name",
"customerCountry": "DE"
}
},
"merchant": {
"merchantURL": https://egadget2.azurewebsites.net/#/returns?id={{transactionId}}
}
}
After successfully completing the operation, a ‘pending’ paymentStatus is received.
The user is then redirected to a payment confirmation environment before being seamlessly returned to the merchant’s URL.
Step 3: Get the Payment Status
You can perform a “Get Status” operation to check the status at any time.
The Authorization HTTP header is set to the Bearer token as it was used in the initial Checkout.
GET {transactionID}/status
Request URL:
https://stargate-cer.qly.site1.sibs.pt/api/v1/payments/{transactionID}/status
Request Headers:
Authorization: ‘Bearer <AuthToken>’
X-IBM-Client-Id: ‘<ClientId>’
Content-Type: application/json
A successful technical response comprises of an HTTP-200 status and a returnStatus.statusCode=”000″.
Here are some examples of the possible result codes:
Result Code | statusMsg | Description | Action |
---|---|---|---|
HTTP-200 | Success | Success response | N/A |
HTTP-400 | Bad Request | The JSON payload is not matching the API definition or some mandatory HTTP headers are missing. | Please check in API Market for the correct syntax. |
HTTP-401 | Unauthorized | On the Authorization, Bearer token is invalid/expired or not associated with the Terminal used. | Please check in SIBS Backoffice under the Credentials if the token is valid and create a new one if needed. |
HTTP-403 | Forbidden | The ClientID set on the X-IBM-Client-Id HTTP header is not valid or does not possess a valid subscription to the API. | Please check in SIBS Backoffice under the SPG APP 2.0 if the ClientID is correct. If the problem persists contact SIBS Gateway support for a ClientID reset. |
HTTP-405 | Method Not Allowed | The HTTP Method used is not matching any of the API definitions available. | Please check in API Market for the correct HTTP Method. |
HTTP-429 | Too Many Requests | The API calls rate limit has been exceeded. | Please check in API Market for information on the rate limits that apply to the API. |
HTTP-500 | Internal Server Error | The API call has failed… and its most likely on our side. | You should retry the operation, and if the problem persists contact SIBS Gateway support for assistance. |
HTTP-503 | Service Unavailable | The API call is not currently available. Usually we are always on, but short availability issues may occur during scheduled maintenance. | You should wait and try again later. |