Accept Unzer Invoice with server-side-only integration
Build your own payment form to add Unzer Invoice to your checkout page
If you are using payment types invoice or invoice-secured, note that these methods are now deprecated. They are currently supported but there are no further developments planned for them.
If you want to access the relevant documentation, see Unzer Invoice and Unzer Invoice Secured.
Overview
With Unzer Invoice you need to provide information about the customer via the customer resource and the purchased products via Basket resource when you make the transaction. This is required for customer assessment and transaction approval. You will also need the customer information to create the invoice document. You are responsible for gathering this data during the checkout.
Before you begin
- Check the basic integration requirements.
- Familiarize yourself with the general Server-side-only integration guide.
Step 1: Create a payment type resource server side
When creating the payment type paylater-invoice, you need to send a request to the Unzer API. The response will contain an id , this is later referred to as typeId. You will need this typeId to perform the transaction.
POST https://api.unzer.com/v1/types/paylater-invoice
{
}
$unzer = new Unzer('s-priv-xxxxxxxxxx');
$paylaterInvoice = $unzer->createPaymentType(new PaylaterInvoice());
Currently not supported.
The response looks similar to the following example:
{
"id": "s-piv-voi3gcbwinos",
"method": "/paylater-invoice",
"recurring": false,
"geoLocation": {
"clientIp": "127.0.0.1",
"countryIsoA2": "DE"
}
}
For a full description of Unzer Invoice payment type creation, check the API reference.
Step 2: Make a payment server side
Besides an always mandatory step of creating the paymentType resource, Unzer paylater-invoice also requires a customer and a basket resource.
Create the customer resource
This step is applicable only if you didn’t create a customer resource yet, on the client side.
B2C customer creation
To process transactions for B2C customers, the following customer fields are mandatory:
| Parameter | Type | Description |
|---|---|---|
firstname (required) |
string | The customer’s first name |
lastname(required) |
string | The customer’s last name |
salutation |
string | Specify the customer’s Salutation. Available values are mr, mrs, unknown |
customerId |
string | Customer’s Unique ID. It identifies the customer and can be used within the GET request. It must be unique. |
birthDate (required) |
string | The birth date of the customer in ‘YYYY-MM-DD’ format. |
email (required) |
string | The customer’s email address |
billingAddress (required) |
object | The customer’s billing address |
billingAddress.name |
string | The customer’s name for the billing address |
billingAddress.street |
string | The customer’s street including house number |
billingAddress.state |
string | The customer’s state |
billingAddress.zip |
string | The customer’s postal code |
billingAddress.city |
string | The customer’s city |
billingAddress.country |
string | The customer’s country in ISO country code ISO 3166 ALPHA-2 (only for billing address) |
shippingAddress (required if different from the billing address) |
object | The customer’s shipping address. |
shippingAddress.name |
string | Name of person for the shipping address |
shippingAddress.street |
string | The customer’s street including house number |
shippingAddress.state |
string | The customer’s state |
shippingAddress.zip |
string | The customer’s postal code |
shippingAddress.city |
string | The customer’s city |
shippingAddress.country |
string | The customer’s country in ISO country code ISO 3166 ALPHA-2 |
shippingAddress.shippingType |
string | The shipping type, valid values are equals-billing,different-address,branch-pickup,post-office-pickup,pack-station |
POST https://api.unzer.com/v1/customers
{
"lastname": "Paylater",
"firstname": "Peter",
"salutation": "mr",
"company": "unzer GmbH",
"customerId": "{{customer_external_id}}",
"birthDate": "1987-12-20",
"email": "John.Doe@heidelpay.com",
"phone": "+49 6221 64 71 100",
"mobile" : "+49 172 123 456",
"language": "de",
"billingAddress" : {
"name" : "Peter Paylater",
"street" : "Hugo-Junkers-Str. 5",
"state" : "DE",
"zip" : "60386",
"city" : "Frankfurt am Main",
"country" : "DE"
},
"shippingAddress" : {
"name" : "Peter Paylater",
"street" : "Hugo-Junkers-Str. 5",
"state" : "DE",
"zip" : "60386",
"city" : "Frankfurt am Main",
"country" : "DE",
"shippingType": "equals-billing"
}
}
The response looks similar to the following example:
{
"id":"s-cst-c552940bca23"
}
B2B customer creation
To process transactions for B2B customers, the following customer fields are mandatory:
| Parameter | Type | Description |
|---|---|---|
firstname (required) |
string | The customer’s first name |
lastname (required) |
string | The customer’s last name |
salutation (required) |
string | Specify the customer’s salutation. Available values are mr, mrs, unknown |
company(required) |
string | The customer’s company name |
customerId |
string | Customer’s Unique ID. It identifies the customer and can be used within the GET request. It must be unique. |
birthDate (required) |
string | The birth date of the customer in ‘YYYY-MM-DD’ format |
email (required) |
string | The customer’s email address |
billingAddress (required) |
object | The customer’s billing address |
billingAddress.name |
string | The customer’s name for the billing address |
billingAddress.street |
string | The customer’s street |
billingAddress.state |
string | The customer’s state |
billingAddress.zip |
string | The customer’s postal code |
billingAddress.city |
string | The customer’s city |
billingAddress.country |
string | The customer’s country in ISO country code ISO 3166 ALPHA-2 (only for billing address) |
shippingAddress (required if different from the billing address) |
object | The customer’s shipping address. |
shippingAddress.name |
string | Name of the customer for the shipping address |
shippingAddress.street |
string | The customer’s street including house number |
shippingAddress.state |
string | The customer’s state |
shippingAddress.zip |
string | The customer’s postal code |
shippingAddress.city |
string | The customer’s city |
shippingAddress.country |
string | The customer’s country in ISO country code ISO 3166 ALPHA-2 |
shippingAddress.shippingType |
string | The shipping type, valid values are equals-billing, different-address, branch-pickup, post-office-pickup, pack-station |
companyInfo.companyType |
string | The company type. Valid values are authority, association, sole, company, other |
companyInfo.registrationType |
string | B2B is registered or not registered as a customer |
companyInfo.function |
string | Must be OWNER for NOT_REGISTERED, restricted ‘<’ and ‘>’ |
companyInfo.commercialSector |
string | Mandatory if companyInfoModel.registrationType is REGISTERED, restricted ‘<’ and ‘>’ |
companyInfo.owner.firstname (required) |
string | The first name of the company owner |
companyInfo.owner.lastname (required) |
string | The last name of the company owner |
companyInfo.owner.birthDate (required) |
string | The birth date of the company owner |
POST https://api.unzer.com/v1/customers
{
"firstname": "John",
"lastname": "Doe",
"salutation": "mr",
"company": "Unzer GmbH",
"customerId": "12345678",
"birthDate": "1987-12-20",
"email": "John.Doe@unzer.com",
"billingAddress": {
"name": "John Doe",
"street": "Hugo-Junkers-Str. 5",
"state": "DE-BO",
"zip": "60386",
"city": "Frankfurt am Main",
"country": "DE"
},
"shippingAddress": {
"name": "John Doe",
"street": "Hugo-Junkers-Str. 5",
"state": "DE-BO",
"zip": "60386",
"city": "Frankfurt am Main",
"country": "DE",
"shippingType": "equals-billing"
},
"companyInfo": {
"registrationType": "not_registered",
"function": "OWNER",
"commercialSector": "AIRPORT",
"companyType": "sole",
"owner": {
"firstname": "SoleFirst",
"lastname": "SoleLast",
"birthdate": "1995-06-21"
}
}
}
$unzer = new UnzerSDK\Unzer('s-priv-xxxxxxxxxx');
$shippingAddress = (new Address())
->setName('John Doe')
->setStreet('Hugo-Junkers-Str. 5')
->setZip('60386')
->setCity('Frankfurt am Main')
->setCountry('DE')
->setState('DE-BO')
->setShippingType(ShippingTypes::EQUALS_BILLING);
$billingAddress = (new Address())
->setName('John Doe')
->setStreet('Hugo-Junkers-Str. 5')
->setZip('60386')
->setCity('Frankfurt am Main')
->setCountry('DE')
->setState('DE-BO');
$companyOwner = (new CompanyOwner())
->setFirstname("SoleFirst")
->setLastname("SoleLast")
->setBirthdate("1995-06-21");
$customer = CustomerFactory::createNotRegisteredB2bCustomer(
'John',
'Doe',
'2001-12-12',
$billingAddress,
'John.Doe@unzer.com',
'Unzer GmbH',
CompanyCommercialSectorItems::AIR_TRANSPORT
);
$customer->setShippingAddress($shippingAddress);
$customer->getCompanyInfo()->setOwner($companyOwner);
$unzer->createCustomer($customer);
Currently not supported.
The response looks similar to the following example:
{
"id": "s-cst-b9acaba781f3"
}
For a full description of customer resource, refer to the relevant server-side-integration documentation page: Manage customer (direct API calls).
Create a basket resource
The basket resource stores information about the purchased products, used vouchers as well as the shipment costs.
POST https://api.unzer.com/v2/baskets
{
"currencyCode": "EUR",
"basketItems": [
{
"basketItemReferenceId": "item-1",
"quantity": 1,
"amountPerUnitGross": 40,
"vat":"1",
"title": "Phone"
},
{
"basketItemReferenceId": "item-2",
"quantity": 3,
"amountPerUnitGross": 20,
"vat":"1",
"title": "Cables"
}
]
}
$unzer = new UnzerSDK\Unzer('s-priv-xxxxxxxxxx');
$basketItem = (new UnzerSDK\Resources\EmbeddedResources\BasketItem())
->setTitle('Notebook pro')
->setSubTitle('basket item subtitle')
->setBasketItemReferenceId('item-1')
->setQuantity(1)
->setTotalValueGross(2000)
->setVat(19.0)
->setType(UnzerSDK\Constants\BasketItemTypes::GOODS)
->setUnit('pc');
$basket = (new UnzerSDK\Resources\Basket())
->setTotalValueGross(2000)
->setCurrencyCode('EUR')
->setOrderId('O-12345-AB')
->setNode('basket note')
->addBasketItem($basketItem);
$unzer->createBasket($basket);
Currently not supported
The response looks similar to the following example:
{
"id": "s-bsk-49277b9f7ee0"
}
For a full description of basket resource, refer to the relevant server-side-integration documentation page: Direct API integration.
Add the ThreatMetrix script
We use ThreatMetrix for fraud prevention to protect your business from potential fraudsters. For this, insert a code snippet with a unique(!) parameter on your payments page and later, send this parameter as threatMetrixId in the authorize request to us. The next steps are managed by us and no additional steps are required from you.
- Define a 128 byte long and unique variable as identifier for this transaction. Make sure it only consists of the following characters:
- upper and lowercase English letters ([a-z], [A-Z])
- digits (0-9)
- underscore (_)
- hyphen (-)
- Use this variable in the ThreatMetrix script (next step) in the GET parameter session_id and store it temporarily so that you can also send it in the authorize request later on.
- Add the ThreatMetrix script to your payment page. To get full fraud protection, use both the JavaScript part in the section and the iFrame version in the body section of your page.
<html>
<head>
<script type="text/javascript" async
src="https://h.online-metrix.net/fp/tags.js?org_id=363t8kgq&session_id=[SessionID]">
</script>
</head>
<body>
<noscript>
<iframe
style="width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"
src="https://h.online-metrix.net/fp/tags?org_id=363t8kgq&session_id=[SessionID]">
</iframe>
</noscript>
</body>
Step 3: Check status of the payment server side
Once the transaction is made, you can fetch the payment details from the API, by using the resources.paymentId from the charge response above to handle the payment according to its status, such as s-pay-124. Check all possible payment states here.
GET: https://api.unzer.com/v1/payments/s-pay-xxxxxxx
$unzer = new UnzerSDK\Unzer('s-priv-xxxxxxxxxx');
$payment = $unzer->fetchPayment('s-pay-xxxxxxx');
Currently not supported
Step 4: Display the payment result client side
Use the information from the Check status of the payment step to show payment result to your customer.
This can be the success or error page of your shop. If something went wrong you can use the client message from the API response and show it to the customer.
Manage payment server side
For more details on managing Unzer Invoice payments, see Manage Unzer Invoice payments.
Notifications
We recommend subscribing to the payment event to receive notifications about any changes to the payment resource. As soon as the event is triggered you should fetch the payment and update the order status in your shop according to its status.
{
"event":"payment.pending",
"publicKey":"s-pub-xxxxxxxxxx",
"retrieveUrl":"https://api.unzer.com/v1/payments/s-pay-774",
"paymentId":"s-pay-774"
}
For more details on implementing webhooks to receive notifications, see Notifications page.
Error handling
All requests to the API can result in an error that should be handled. Refer to the Error handling guide to learn more about Unzer API (and other) errors and handling them.
Test & go live
You should always test your integration before going live. First perform test transactions using test data. Next, check against Integration checklist and Go-live checklist to make sure the integration is complete and you’re ready to go live.