The callback_url will be called x times for y hours until we receive an HTTP 200 confirmation from the partner's webserver. We only allow SSL encrypted URLs (https://...). The callback_url (one) is defined per partner during the setup of the partner and stored within the partner config in Klarna's systems (MoMA).
The following will be notified on in any case of a status change (cp. Merchant Account Status):
POST callback_url { "merchant_id": "A100001", "notification_type": "STATUS_UPDATE", "status": { "current": "TRANSACTIONS_ENABLED", "reason": "APPROVED", "last_modified_at": "2017-05-08T15:24:59.000Z" } }
CopyThe following notification will be sent if the merchant does the first live transaction (meaning the creation of an order in production - not the capture):
POST callback_url { "merchant_id": "A100001", "notification_type": "LIVE_TRANSACTION", "occurred_at": "2017-12-19T15:23:12.000Z" }
CopyReceive confirmation requests for sensitive data updates
The confirmation_callback_url will be called x times for y hours until we receive an HTTP 200. The response should include the "acknowledgment" that will be checked on Klarna's side for validity before the associated change will take effect.
We only allow SSL encrypted URLs (https://...). The confirmation_callback_url (one) is defined per partner during the setup of the partner together with the shared_secret and stored within the partner config in Klarna's systems (MoMA).
Request (to partner’s system)
POST confirmation_callback_url
{
"merchant_id": "A100001",
"notification_type": "REQUEST_FOR_ACKNOWLEDGEMENT",
"changed_data": "CREDENTIALS",
"requested_at": "2017-05-08T15:24:59.000Z"
}
CopyResponse
The "acknowledgment" value is calculated by hashing the request data that is appended with the shared_secret (without whitespaces, line breaks) through sha512:
acknowledgement_value = sha512("{"merchant_id\":\"A100001\",\"notification_type\":\"REQUEST_FOR_ACKNOWLEDGEMENT\",\"changed_data\":\"CREDENTIALS\",\"requested_at\":\"2017-05-08T15:24:59.000Z\",\"shared_secret\":\"partner-secret\"}");
CopyHTTP 200
{
"acknowledgement": "8fe077cddb158a5250a05b92283751c88548a55c461843f8c656fb3b31625dc47af567ee2da12444ca6a0176a5bb3f42051eaa7331a084c0e947d5b0f2031b4e"
}
CopyChanges in sensitive data will only take effect on Klarna's side if the "acknowledgment" can be reproduced by Klarna's systems.
To get the information if Klarna has successfully reproduced the "acknowledgment" and the associated change has been stored, another confirmation is sent to the confirmation_callback_url indicating the result
Request (to partner’s system)
The "result" could either be "ACCEPTED" (acknowledgment could be reproduced and changes are stored) or "DECLINED" (acknowledgment could not be reproduced or was missing and changes are not stored):
POST confirmation_callback_url
{
"merchant_id": "A100001",
"notification_type": "ACKNOWLEDGEMENT_RESULT",
"result": "ACCEPTED"
}
CopyResponse
HTTP 200
Copy