LPS API v1
Lateral Payment Solutions provide an online credit card/debit card processing solution for e-commerce businesses. We provide a highly sophisticated fraud screening process to reduce the risk posed to online merchants in the ‘card not present’ environment.
We provide a 256 bit SSL interface for secure transmission of data over the internet. A secure reporting and administration system to provide real time information available.
This document explains the technical integration requirements and procedures. It is of a technical nature and should be read as such.
INTRODUCTION
The merchant’s server makes a request through a HTTP POST and receives the result of the processing request as the response to the POST request. Both the request & response are made through a single TCP/IP connection. Your server opens an SSL protected socket connection to the LPS payment engine and the LPS system posts the result of the transaction back on the same connection.
TRANSACTION FLOW DIAGRAM
Transactions are sent via a Synchronous HTTP POST, the response is received on the same TCP/IP connection. The transaction flow is depicted in the following diagram given below:
-
CUSTOMER TO MERCHANTS WEBSITE
Customer submits payment request encrypted over SSL; -
MERCHANTS SERVER TO LPS SERVER
Contains all the necessary card data and card holder details. This is sent over secure encrypted SSL; -
a. LPS SERVER TO MERCHANTS SERVER
LPS gateway performs data, velocity and fraud checks. If any fail, the transaction process is stopped and a failure code is returned;b. LPS SERVER TO BANK
The transaction is sent from the LPS gateway to the bank; -
LPS TO MERCHANTS SERVER
LPS sends the bank response details to merchant server; -
MERCHANT SERVER TO END USER
Merchant updates database and notifies customer of success or failure of the transaction; -
LPS SERVER TO END USER
LPS can send an e-mail receipt to customers where the transaction is successful. Merchant can receive a copy of the e-mail for customer support or account management purposes;
INTEGRATION IN DETAIL
NB. For questions or help at any stage of integration, please send an email to technical@lpsmail.com
- OVERVIEW
The merchant’s server makes a request through a HTTP POST and receives the result of the processing request as the response to the POST request. Both the request & response are made through a single TCP/IP connection. Your server opens an SSL protected socket connection to the LPS payment engine and the LPS system posts the result of the transaction back on the same connection.
- MERCHANT SERVER TO LPS SERVER
To process a payment, request all mandatory fields found in Schedule 2A need to be posted via SSL to LPS payment gateway URL which will be provided by LPS. All communication between LPS and the merchant is via SSL only. The merchant server makes a request through an HTTP POST to the LPS server LPS receives the payment request, performs fraud screening and returns to the merchant a result of either fraudscreening (failed) or the bank response (if passed fraud screening).
Points to note about the POST to LPS
- LPS provide the merchant_user_id and merchantpwd
- Replace spaces in the user details with +. You do not however have to do a full URL-encode of the request string.
- Post amounts as 2 decimal places only. Applies to amount field. i.e. 125.03
- A payment request will not be accepted for processing if the mandatory fields in Schedule 2A are missing.
If a payment request does not contain all the mandatory fields then the system will return the fraudscreening_status value of 9001 and an LPS_Transaction_id of –1.
- LPS SERVER BACK TO MERCHANT SERVER
Using the synchronous method your server opens an SSL protected connection to the LPS server and awaits a HTTP response from the server. If the data is sent successfully (HTTP Status 200) you need to retrieve the Response to the payment request. This will be returned as a query string with the variables described in Schedule 2B. Two response types may be returned; either fraud screening failed or bank transaction status.
Points to note about the LPS return POST
- LPS generates a unique transaction id for each transaction. This is returned to the merchant’s server along with the merchant reference number.
- Merchants must use the LPS_transaction_id for any transaction enquiries with LPS • LPS response includes an id and password in the string for merchant server authentication purposes; this is the user name & password you supply to LPS and is different from the LPS supplied pair in the original post to Schedule 2A.
- If mandatory fields are missing then the system will not accept the transaction for processing. The details will be logged, and the system will return a Fraudscreening_status of 9001 & an LPS_transaction_id of –1.
- LPS TO END USER
LPS send an e-mail receipt to the customer for each authorised payment request. The receipt contains all transaction details and an email address for customer enquiries. The email is sent from the merchants chosen address and not from LPS e.g. support@merchant.com. The merchant will receive a copy of the receipt sent to the customer
When the customer is redirected to a URL on LPS Gateway after 3D SECURE authentication, it will match the transaction Id passed with the existing pending transaction. The status of the transaction will be updated to “3D SECURE Response Returned” and the 3D SECURE response will then be transferred back to a merchant’s URL which will return the customer back to the merchant site along with the details given in Table 2E.
The merchant should extract the 3D SECURE response and update the status of the transaction as 3D SECURE Response received. Note at this stage neither LPS nor the merchant know if the 3D SECURE authentication is successful. They will then open synchronous connection back to LPS payment gateway with the transaction details as shown in Table 2F.
Folders contain information about the items contained inside of them, including files and other folders. There is also a set of metadata such as who owns the folder and when it was modified that is also returned. When accessing other resources that make reference to folders, a ‘mini folder’ object will be used.
{folderid}/items{folderId}{folderId}{folderId}{folderId}/copy{folderid}/itemsRetrieves the files and/or folders contained within this folder without any other metadata about the folder.
Any attribute in the full files
or folders objects can be passed in with
the fieldsparameter to get specific attributes, and only those specific attributes back; otherwise, the mini format is returned for each item by default. Multiple attributes can be passed in separated by commas e.g. fields=name,created_at. Paginated results can be retrieved using thelimit and offset parameters.
Path variables
Folder identifier
Request parameters
Attribute(s) to include in the response
The number of items to return (default=100, max=1000)
The item at which to begin the response (default=0)
Responses
Body
An collection of items contained in the folder is returned. An error is thrown if the folder does not exist, or if any of the parameters are invalid.
Sorting object
Used to create a new empty folder. The new folder will be created inside of the specified parent folder
Request body
The desired name for the folder
The parent folder
The ID of the parent folder
Responses
Body
{folderId}Retrieves the full metadata about a folder, including information about when it was last updated as well as the files and folders contained in it. The root folder of a Box account is always represented by the id “0″.
Path variables
Responses
Body
{folderId}Used to update information about the folder. To move a folder, update the ID of its parent. To enable an email address that can be used to upload files to this folder, update thefolder_upload_email attribute. An optional If-Match header can be included to ensure that client only updates the folder if it knows about the latest version.
Path variables
Request body
Used to update information about the folder. To move a folder, update the ID of its parent. To enable an email address that can be used to upload files to this folder, update thefolder_upload_email attribute. An optional If-Match header can be included to ensure that client only updates the folder if it knows about the latest version.
The name of the folder
The description of the folder.
The parent folder of this file.
Parent object id
An object representing this item’s shared link and associated permissions.
The level of access required for this shared link. Can be open,company, collaborators.
The day that this link should be disabled at. Timestamps are rounded off to the given day.
The set of permissions that apply to this link.
The email-to-upload address for this folder.
Can be open or collaborators.
The user who owns the folder. Only used when moving a collaborated folder that you are not the owner of to a folder you are the owner of. Not a substitute for changing folder owners, please reference collaborations to accomplish folder ownership changes.
The ID of the user, should be your own user ID.
Whether Box Sync clients will sync this folder. Values ofsynced or not_synced can be sent, whilepartially_synced may also be returned.
All tags attached to this folder. To add/remove a tag to/from a folder, you can first get the folder’s current tags (be sure to specify?fields=tags, since the tags field is not returned by default); then modify the list as required; and finally, set the folder’s entire list of tags.
Responses
Body
{folderId}Used to delete a folder.
Path variables
Request parameters
Whether to delete this folder if it has items inside of it.
A recursive parameter must be included in order to delete folders that have items inside of them. An optional If-Match header can be included to ensure that client only deletes the folder if it knows about the latest version.
Responses
{folderId}/copyUsed to create a copy of a folder in another folder. The original version of the folder will not be altered.
Path variables
Request body
Object representing the new location of the folder
The ID of the destination folder
An optional new name for the folder
Responses
Body
File objects represent that metadata about individual files in Box, with attributes describing who created the file, when it was last modified, and other information. The actual content of the file itself is accessible through the /files/{id}/content endpoint. Attributes listed in green will not appear in default file requests and must be explicitly asked for using the fields parameter.
{fileId}{fileId}{fileId}Used to retrieve the metadata about a file.
Path variables
Request parameters
wdgwre
wer
Responses
Body
{fileId}Used to update individual or multiple fields in the file object, including renaming the file, changing it’s description, and creating a shared link for the file. To move a file, change the ID of its parent folder. An optional If-Match header can be included to ensure that client only updates the file if it knows about the latest version.
Path variables
Request body
Used to update individual or multiple fields in the file object, including renaming the file, changing it’s description, and creating a shared link for the file. To move a file, change the ID of its parent folder. An optional If-Match header can be included to ensure that client only updates the file if it knows about the latest version.
The name of the file
The new description for the file.
The parent folder of this file.
Parent folder id
An object representing this item’s shared link and associated permissions.
The level of access required for this shared link. Can be open,company, collaborators.
The day that this link should be disabled at. Timestamps are rounded off to the given day.
The set of permissions that apply to this link.
All tags attached to this file. To add/remove a tag to/from a file, you can first get the file’s current tags (be sure to specify ?fields=tags, since the tags field is not returned by default); then modify the list as required; and finally, set the file’s entire list of tags.
Responses
Body
Comments are messages generated by Box users. Each message is tied to a specific file. You can create comments independently or create them as responses to other comments.
{commentId}{commentId}Used to update the message of the comment.
Path variables
cometd
Request parameters
3r 2 e
Request body
Used to update the message of the comment
The desired text for the comment message
Responses
Body
Used to add a comment by the user to a specific file or comment (i.e. as a reply comment).
Request body
Used to add a comment by the user to a specific file or comment (i.e. as a reply comment).
The item that this comment will be placed on.
The type of the item that this comment will be placed on. Can be file or comment
The id of the item that this comment will be placed on.
The text body of the comment
Responses
Body
Folders contain information about the items contained inside of them, including files and other folders. There is also a set of metadata such as who owns the folder and when it was modified that is also returned. When accessing other resources that make reference to folders, a ‘mini folder’ object will be used.
For folders is ‘folder’
The folder’s ID.
A unique ID for use with the /events endpoint.
May be null for some folders such as root or trash.
A unique string identifying the version of this folder.May be null for some folders such as root or trash.
The name of the folder.
The time the folder was created.
May be null for some folders such as root or trash.
The time the folder or its contents were last modified.
May be null for some folders such as root or trash.
The description of the folder.
The folder size in bytes. Be careful parsing this integer, it can easily go into EE notation: see IEEE754 format.
The path of folders to this item, starting at the root.
The user who created this folder.
The user who last modified this folder.
The user who owns this folder.
The shared link for this folder. Null if not set.
The upload email address for this folder. Null if not set.
The folder that contains this one.
May be null for folders such as root, trash and child folders whose parent is inaccessible.
Whether this item is deleted or not.
A collection of mini file and folder objects contained in this folder.
All tags applied to this folder.
approvedWhether this folder will be synced by the Box sync clients or not. Can besynced, not_synced, or partially_synced.
Whether this folder has any collaborators.
The permissions that the current user has on this folder.
File objects represent that metadata about individual files in Box, with attributes describing who created the file, when it was last modified, and other information. The actual content of the file itself is accessible through the /files/{id}/content endpoint
For files is ‘file’
The folder’s ID.
A unique ID for use with the /events endpoint.
May be null for some folders such as root or trash.
A unique string identifying the version of this folder.May be null for some folders such as root or trash.
The name of this file.
When this file was created on Box’s servers.
When this file was last updated on the Box servers.
The description of the file.
The path of folders to this item, starting at the root.
The user who created this folder.
The user who last modified this folder.
The user who owns this folder.
The shared link for this folder. Null if not set.
The folder that contains this one.
May be null for folders such as root, trash and child folders whose parent is inaccessible.
Whether this item is deleted or not.
All tags applied to this folder.
approvedThe permissions that the current user has on this folder.
The sha1 hash of this file.
When this file was last moved to the trash.
When this file will be permanently deleted.
When the content of this file was created (more info).
When the content of this file was last modified (more info).
The version of the file.
The number of comments on a file.
Shared link
Comments are messages generated by Box users. Each message is tied to a specific file. You can create comments independently or create them as responses to other comments.
For comments is ‘comment’
A unique string identifying this comment
Whether or not this comment is a reply to another comment
The comment text that the user typed
A mini user object representing the author of the comment
The object this comment was placed on
The string representing the comment text with @mentions included. @mention format is @[id:username]. Field is not included by default.