Integration with some of CoriunderCloud payment services requires generating a hashed signature, notice the difference between signature creation for Hosted Page and Server to Server.
Make sure you keep the order of the parameters in your request string identicle to the order of the values in your signature
https://uiservices.coriunder.cloud/hosted/default.aspx?merchantID=3771097&url_redirect=¬ification_url=&trans_comment=&trans_refNum=&Brand=&trans_installments=1&amount_options=&ui_version=8&trans_type=0&trans_amount=15&trans_currency=EUR&disp_paymentType=&disp_payFor=Product-name&disp_recurring=0&disp_lng=en-gb&client_fullName=john+smith&client_email=test%40test.com&client_phoneNum=%2b972547880123&client_idNum=067823012&client_billaddress1=barkat+13&client_billcity=HOLON&client_billzipcode=5447778&client_billstate=D&client_billcountry=IL&signature=c5vpVHZ6FhDpKqROjV0io2RJZ1K2maEMXouqhItJqSU%3d
For Hosted Page signature we use all the values from all fields that are included in the request 377109718015EURProduct-name0en-gbjohn+smithtest%40test.com%2b972547880123067823012barkat+13HOLON5447778DIL + Your Hash key
For Server to server we use specific fields for the validation Field values to use: CompanyNum + TransType + TypeCredit + Amount + Currency + CardNum + RefTransID + PersonalHashKey
377109710015EUR45800000000000001432842-shdfjhs + Your Hash key
As shown in the example here above be sure to URL encode any param that might hold special charecthers in it, for example: url_redirect, notification_url, client_billaddress1, client_email, client_phoneNum and even client_fullName or any other field that you include in the request, this will ensure the signature would be valid in any use case.
Once you have all the param Values ready in the correct order and urlencoded you can start with the first step of SHA256 the values along with the hash key provided to you for the integration, this should look something like this(for the example we used 999999 as the hashkey:
SHA256("377109718015EURProduct-name0en-gbjohn+smithtest%40test.com%2b972547880123067823012barkat+13HOLON5447778DIL999999")
The next stage would be to Base64 the value returned from the SHA256 function, this would look something like this
Base64(SHA256("377109718015EURProduct-name0en-gbjohn+smithtest%40test.com%2b972547880123067823012barkat+13HOLON5447778DIL999999"))
The final stage would be to urlencode the value returned from the Base64 function to avoid any spaces that might be included in the base64 value created, this would look something like this
urlencode(Base64(SHA256("377109718015EURProduct-name0en-gbjohn+smithtest%40test.com%2b972547880123067823012barkat+13HOLON5447778DIL999999")))
var Siganture = CryptoJS.SHA256(MerchantNumber + TransType + trans_comment + trans_refNum + trans_installments + trans_amount + trans_currency + payFor + client_email + client_fullName + client_phoneNum + client_billAddress1 + client_billAddress2 + client_billCity + client_billZipcode + client_billState + client_billCountry + PLID + trans_storePm + disp_lng + ui_version + Brand + url_redirect + notification_url + PersonalHashKey); var Base64Siganture = Siganture.toString(CryptoJS.enc.Base64); var hash = encodeURIComponent(Base64Siganture);
$val = urlencode( base64_encode( hash("sha256", "8081905https://yoururl.com?method=callbackCU9808_1231231050USDPurchase0en-gbautoMFF23ZGI2F", true) ) );
Learn about the reply codes and their meaning.
Review the testing flows and cards to build your integration.
Use our test cards in order to complete the integration.