Hesabe Payment Integration Guide
This guide will walk you through integrating Hesabe payment gateway into your application. Hesabe offers two integration methods: Direct Integration and Indirect Integration.
Prerequisites
Before you begin, make sure you have:
- Merchant account credentials from Hesabe
- Access token for API authentication
- Test environment access (for development)
Integration Methods
1. Direct Integration
Direct integration allows you to handle the payment process within your application's interface. This method gives you more control over the payment flow and user experience.
Features
- Complete control over the payment form
- Custom UI/UX design
- Higher level of customization
- PCI DSS compliance required
Implementation Steps
- Create a payment form in your application
- Collect payment details securely
- Send payment request to Hesabe API
- Process the response
- Handle success/failure scenarios
2. Indirect Integration
Indirect integration redirects customers to Hesabe's secure payment page. This method is simpler to implement and doesn't require PCI DSS compliance.
Features
- Quick implementation
- No PCI DSS compliance needed
- Hesabe-hosted payment page
- Automatic security handling
Implementation Steps
- Create payment request
- Redirect to Hesabe payment page
- Handle the response callback
API Endpoint
The base URL for Hesabe API v2.0 is:
https://api.hesabe.com/v2
Integration Steps
1. Create Payment Request
To initiate a payment, send a POST request to:
POST /payment
Request Headers
{
"Authorization": "Bearer YOUR_ACCESS_TOKEN",
"Content-Type": "application/json"
}
Request Body
{
"amount": 10.000,
"currency": "KWD",
"order_id": "ORDER123",
"description": "Product purchase",
"response_url": "https://your-domain.com/callback",
"failure_url": "https://your-domain.com/failure"
}
Response
{
"status": true,
"code": 200,
"message": "Success",
"response": {
"token": "PAYMENT_TOKEN",
"checkout_url": "https://checkout.hesabe.com/pay/PAYMENT_TOKEN"
}
}
2. Handle Payment Response
After the payment is completed, Hesabe will redirect to your response_url
with the following parameters:
https://your-domain.com/callback?payment_token=TOKEN&status=SUCCESS
3. Verify Payment Status
To verify the payment status, send a GET request:
GET /payment/status?token=PAYMENT_TOKEN
Response
{
"status": true,
"code": 200,
"message": "Success",
"response": {
"order_id": "ORDER123",
"amount": 10.000,
"currency": "KWD",
"status": "CAPTURED",
"transaction_id": "TXN123456"
}
}
Payment Status Codes
Status Code | Description |
---|---|
CAPTURED | Payment successful |
FAILED | Payment failed |
PENDING | Payment pending |
CANCELLED | Payment cancelled |
Error Handling
Handle the following common error scenarios:
- Invalid token
- Expired token
- Invalid amount
- Network errors
- System maintenance
Testing
Use the following test card details in the sandbox environment:
Card Number: 4111 1111 1111 1111
Expiry: Any future date
CVV: Any 3 digits
Security Considerations
- Always validate the payment response on your server
- Use HTTPS for all API calls
- Keep your access token secure
- Implement proper error handling
- Log all transactions for audit purposes
- Ensure PCI DSS compliance if using Direct Integration
Support
For technical support or questions, contact Hesabe support:
- Email: support@hesabe.com
- Phone: +965 xxxx xxxx
- Documentation: https://developer.hesabe.com