Start Session
Cortina uses the Start Sessioncommand to notify the integrator about the initialization of the transaction request with the Cortina payment provider.
Request
Nayax's servers send a POST request to your configured StartSessionendpoint, which would be of the following format:
(customer's URL)/Cortina/StartSession
The payload includes the following details:
{
"TokenId": "string",
"RandomNumber": "string",
"DynamicURL": "string",
"CustomData": {
"DirectActor": "String",
"Operator": "String",
"Distributor": "String",
"Actor": "String",
"Machine": "String",
"SoftDecline": "String"
}
}Request Parameters
The table below describes all the parameters of the request:
Field | Type | Required | Description |
|---|---|---|---|
| String | Yes | 3rd party Secret Token reference number |
| String | Yes | Nayax will create 27 char Random Number |
| String(255) | No | Supports different URLs. |
| String | No | Direct actor custom data (String in json format). |
| String | No | Operator custom data (String in json format). Contact Nayax TPOC to define. |
| String | No | Distributor custom data (String in json format)
. |
| String | No | Actor custom data (String in json format). Contact Nayax TPOC to define. |
| String | No | Machine custom data (String in json format). Contact Nayax TPOC to define. |
| String | No | Soft Decline custom data (String in json format). Contact Nayax TPOC to define. |
Response
The Start Session Response that the customer's payment method would send to Nayax's servers.
The payload should look as follows:
{
"TranIDCipher": "string",
"Status": {
"Verdict": "string",
"Code": 0,
"StatusMessage": "string",
"CustomDeclineCode": "string"
}
}Request Parameters
The table below describes all the parameters of the request:
Field | Type | Required | Description |
|---|---|---|---|
| String(36) | Yes | The Integrator Generates transaction ID of 36 Chars (or 288 bits). The Integrator then appends the char = and RandomNumber to create the ciphertext of 64 chars Format TransactionId=RandomNumber The integrator encrypts the ciphertexts with the Secret Token in AES ECB. The AES key will be the last (right most) 256 bits (or 32 chars) of the Secret Token the matches the TokenID provided in the request. Nayax will AES ECB decrypt and extract transaction id The transaction Id value will then be used for all further requests. Information regarding how to generate the TranIDCipher (via encrypting the token alongside the Random Number and the customer's Transaction ID can be reviewed under Start Session authentication process |
| String | Yes | Const string. |
| Int(32) | No | Conditional - Only if verdict value is declined. Valid decline codes (must be a code from this list): 1 - Insufficient funds 2 - Transaction ID unknown 3 - Cardholder exceeded daily / weekly / monthly transaction count limit 4 - Cardholder exceeded transaction amount limit 5 - Suspected Fraud 6 - General system failure 7 - Invalid amount 8 - Request cannot be parsed (format error) 9 - Transaction not allowed to cardholder 40 - For Nayax internal use only. 990 - CertificateFileName not found 991 - Failed to decipher message body 992 - Timeout exception 994 - Card Brand not supported 996 - Transaction ID Unknown / Duplicate Transaction ID (Start Session Error) 997 - Missing mandatory parameters 998 - Validation / request cannot be parsed 999 - General exception 1010 - Public Key Certificate not found 1011 - Method not Implemented |
| String(255) | No | Transaction status message free text field / additional varying data |
| String | No | This field is used for specifying a custom decline code (i.e. Soft Decline or Switch Interface). The value might be the same as the acquirer's response code or composed by other data. |
Updated about 8 hours ago