SagePay gateway guide
Additional notes |
---|
SagePay iFrame based accounts do not work with Spreedly. Please note that the “Spreedly iFrame” is supported and works well with SagePay. |
Contact Spreedly when you are ready to go live. SagePay typically requires a test transaction to be run before your account can be enabled for live transactions. We can contact SagePay for you to get it all sorted without needing a test transaction; we just need to know your vendor name. This is typically a 24 hour end-to-end task. In order to setup recurring transactions, the merchant will need to obtain a Continuous Authority merchant number from their merchant acquirer. Once you have the Continuous Authority number, you can add it to your SagePay account (https://www.sagepay.co.uk/support/12/38/adding-more-merchant-numbers). SagePay does not support IPv6 format for customer transaction IP addresses. Contact Spreedly Support to enroll on Version 4. |
Adding a SagePay gateway
With your SagePay integration prepared, you can add a SagePay gateway like so:
curl https://core.spreedly.com/v1/gateways.xml \
-u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
-H 'Content-Type: application/xml' \
-d '<gateway>
<gateway_type>sage_pay</gateway_type>
<login>Your Vendor Name</login>
</gateway>'
<gateway>
<token>4RGEQimnj4xvjjy4zjtKzJh8MKQ</token>
<gateway_type>sage_pay</gateway_type>
<name>SagePay</name>
<description nil="true"/>
<login>Your Vendor Name</login>
<characteristics>
<supports_purchase type="boolean">true</supports_purchase>
<supports_authorize type="boolean">true</supports_authorize>
<supports_capture type="boolean">true</supports_capture>
<supports_credit type="boolean">true</supports_credit>
<supports_general_credit type="boolean">false</supports_general_credit>
<supports_void type="boolean">true</supports_void>
<supports_verify type="boolean">true</supports_verify>
<supports_reference_purchase type="boolean">true</supports_reference_purchase>
<supports_purchase_via_preauthorization type="boolean">false</supports_purchase_via_preauthorization>
<supports_offsite_purchase type="boolean">false</supports_offsite_purchase>
<supports_offsite_authorize type="boolean">false</supports_offsite_authorize>
<supports_3dsecure_purchase type="boolean">true</supports_3dsecure_purchase>
<supports_3dsecure_authorize type="boolean">true</supports_3dsecure_authorize>
<supports_store type="boolean">false</supports_store>
<supports_remove type="boolean">false</supports_remove>
<supports_fraud_review type="boolean">false</supports_fraud_review>
</characteristics>
<credentials>
<credential>
<name>login</name>
<value>Your Vendor Name</value>
</credential>
</credentials>
<gateway_specific_fields>
<gateway_specific_field>gift_aid_payment</gateway_specific_field>
<gateway_specific_field>apply_avscv2</gateway_specific_field>
<gateway_specific_field>repeat</gateway_specific_field>
<gateway_specific_field>account_type</gateway_specific_field>
</gateway_specific_fields>
<payment_methods>
<payment_method>credit_card</payment_method>
</payment_methods>
<state>retained</state>
<redacted type="boolean">false</redacted>
<created_at type="dateTime">2019-03-28T18:57:22Z</created_at>
<updated_at type="dateTime">2019-03-28T18:57:22Z</updated_at>
</gateway>
Gateway Specific 3D Secure 2
With the latest SagePay API version all transaction are in scope for 3DS2. The following fields are required
when using gateway specific 3DS2 on SagePay.
browser_info
accept_header
language
user_agent
java
# if true the below fields are requiredheight
depth
width
timezone
browser_size
For more detailed information to the 3DS2 gateway specific, refer to this documentation.
Stored Credentials
For SagePay gateway, sending stored credential fields can be done using Spreedly's first class support. Sending stored credential data is simple. For any Authorize
, Purchase
, or Verify
request, you need to include these fields which tell Spreedly a little bit more about the nature of the transaction:
Field | Description | Required by stored_credential_reason_type |
---|---|---|
recurring_expiry | Date the agreement expires in YYYY-MM-DD. | recurring & installment |
recurring_frequency | Number of days between charges (ex: an annual renewal is 365). | recurring & installment |
installment_data | Number of payments required to complete installment. | installment |
Learn more about how Spreedly enables seamless use of stored credentials by reviewing our Stored Credentials Guide.
Gateway Specific Fields
When interacting with a SagePay gateway to run transactions, there are some gateway specific fields you can specify when making a purchase or authorize call.
SagePay allows you to specify an optional gift_aid_payment
field to indicate that the payment is a Gift Aid charitable donation and the customer has agreed to donate the tax. SagePay also allows you to fine tune the AVS/CV2 checks and rule set you’ve defined at a transaction level using the apply_avscv2
field. This is useful in circumstances where direct and trusted customer contact has been established and you wish to override the default security checks.
SagePay allows you to specify an optional account_type
field used to select which merchant account to use.
These fields can be specified like so:
curl https://core.spreedly.com/v1/gateways/LlkjmEk0xNkcWrNixXa1fvNoTP4/purchase.xml \
-u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
-H 'Content-Type: application/xml' \
-d '<transaction>
<payment_method_token>56wyNnSmuA6CWYP7w0MiYCVIbW6</payment_method_token>
<amount>100</amount>
<currency_code>USD</currency_code>
<gateway_specific_fields>
<sage_pay>
<gift_aid_payment>1</gift_aid_payment>
<apply_avscv2>1</apply_avscv2>
<repeat>true</repeat>
<account_type>E</account_type>
</sage_pay>
</gateway_specific_fields>
</transaction>'
<transaction>
<on_test_gateway type="boolean">true</on_test_gateway>
<created_at type="dateTime">2019-03-28T18:57:22Z</created_at>
<updated_at type="dateTime">2019-03-28T18:57:22Z</updated_at>
<succeeded type="boolean">true</succeeded>
<state>succeeded</state>
<token>IVgKk20lBPcrXJdH35lWXI2P7TA</token>
<transaction_type>Purchase</transaction_type>
<order_id nil="true"/>
<ip nil="true"/>
<description nil="true"/>
<email nil="true"/>
<merchant_name_descriptor nil="true"/>
<merchant_location_descriptor nil="true"/>
<gateway_specific_fields>
<sage_pay>
<gift_aid_payment>1</gift_aid_payment>
<apply_avscv2>1</apply_avscv2>
<repeat>true</repeat>
<account_type>E</account_type>
</sage_pay>
</gateway_specific_fields>
<gateway_specific_response_fields>
</gateway_specific_response_fields>
<gateway_transaction_id>54</gateway_transaction_id>
<gateway_latency_ms type="integer">21</gateway_latency_ms>
<amount type="integer">100</amount>
<currency_code>USD</currency_code>
<retain_on_success type="boolean">false</retain_on_success>
<payment_method_added type="boolean">false</payment_method_added>
<message key="messages.transaction_succeeded">Succeeded!</message>
<gateway_token>T11bJAANtTWnxl36GYjKWvbNK0g</gateway_token>
<gateway_type>test</gateway_type>
<shipping_address>
<name>Newfirst Newlast</name>
<address1 nil="true"/>
<address2 nil="true"/>
<city nil="true"/>
<state nil="true"/>
<zip nil="true"/>
<country nil="true"/>
<phone_number nil="true"/>
</shipping_address>
<response>
<success type="boolean">true</success>
<message>Successful purchase</message>
<avs_code nil="true"/>
<avs_message nil="true"/>
<cvv_code nil="true"/>
<cvv_message nil="true"/>
<pending type="boolean">false</pending>
<result_unknown type="boolean">false</result_unknown>
<error_code nil="true"/>
<error_detail nil="true"/>
<cancelled type="boolean">false</cancelled>
<fraud_review nil="true"/>
<created_at type="dateTime">2019-03-28T18:57:22Z</created_at>
<updated_at type="dateTime">2019-03-28T18:57:22Z</updated_at>
</response>
<api_urls>
</api_urls>
<payment_method>
<token>1rpKvP8zOUhj4Y9EDrIoIYQzzD5</token>
<created_at type="dateTime">2017-06-26T17:04:38Z</created_at>
<updated_at type="dateTime">2019-03-28T14:40:24Z</updated_at>
<email>[email protected]</email>
<data>
<my_payment_method_identifier>448</my_payment_method_identifier>
<extra_stuff>
<some_other_things>Can be anything really</some_other_things>
</extra_stuff>
</data>
<storage_state>retained</storage_state>
<test type="boolean">true</test>
<metadata>
<key>string value</key>
</metadata>
<callback_url nil="true"/>
<last_four_digits>1111</last_four_digits>
<first_six_digits>411111</first_six_digits>
<card_type>visa</card_type>
<first_name>Newfirst</first_name>
<last_name>Newlast</last_name>
<month type="integer">3</month>
<year type="integer">2032</year>
<address1 nil="true"/>
<address2 nil="true"/>
<city nil="true"/>
<state nil="true"/>
<zip nil="true"/>
<country nil="true"/>
<phone_number nil="true"/>
<company nil="true"/>
<full_name>Newfirst Newlast</full_name>
<eligible_for_card_updater nil="true"/>
<shipping_address1 nil="true"/>
<shipping_address2 nil="true"/>
<shipping_city nil="true"/>
<shipping_state nil="true"/>
<shipping_zip nil="true"/>
<shipping_country nil="true"/>
<shipping_phone_number nil="true"/>
<payment_method_type>credit_card</payment_method_type>
<errors>
</errors>
<verification_value></verification_value>
<number>XXXX-XXXX-XXXX-1111</number>
<fingerprint>e3cef43464fc832f6e04f187df25af497994</fingerprint>
</payment_method>
</transaction>
Gateway Specific Response Fields
A response from the SagePay gateway may contain the security_key
, vps_auth_code
, bank_auth_code
, and decline_code
fields, which you can find in the gateway_specific_response_fields
. For example, a transaction response could look something like this:
<transaction>
<token>LgpTNGjsWQs9DwdxcbreUVz0R8p</token>
<transaction_type>Purchase</transaction_type>
<gateway_specific_response_fields>
<sage_pay>
<security_key>abc123</security_key>
<vps_auth_code>abc123</vps_auth_code>
<bank_auth_code>abc123</bank_auth_code>
<decline_code>05</decline_code>
</sage_pay>
</gateway_specific_response_fields>
</transaction>
To request any gateway_specific_fields
or gateway_specific_response_fields
, please contact Support with your request and the gateway documentation for the fields of interest.
Updated 4 months ago