Standard parameters

The DIBS Payment window requires an amount of parameters which are sent as hidden fields in a form

When posting to the payment window the case of the parameters is ignored, though we highly recommend using below casing as standard for easy readability and seamless support.

You will have to post using UTF-8 to the DIBS Payment Window. DIBS will reply in UTF-8 to the accepturl and the callback.

The DIBS Payment Window is "started" by sending a HTTP POST to the following URL:

https://payment.dibspayment.com/dpw/entrypoint

For security reasons, HTTP GET is not supported.

Aside from below parameters, shops are allowed to send their own parameters to the DIBS Payment Window. However, the names of all such extraneous parameters must begin with "s_" and only contain the characters "a-zA-Z0-9_". All parameters unknown to us and not pre-fixed with "s_" will be discarded at the entry point and not added to the MAC-calculation or returned in the response.

Examples

<form type="button" method="post" action="https://payment.dibspayment.com/dpw/entrypoint">
    <input type="hidden" name="acceptReturnUrl" value="https://domain.com/accept"/>
    <input type="hidden" name="amount" value="125"/>
    <input type="hidden" name="currency" value="208"/>
    <input type="hidden" name="merchant" value="123456789" />
    <input type="hidden" name="orderId" value="my_orderid-1234"/>
    <input type="hidden" name="billingAddress" value="Kings str. 21"/>
    <input type="hidden" name="billingAddress2" value="6th"/>
    <input type="hidden" name="billingEmail" value="testmail@domain.com"/>
    <input type="hidden" name="billingFirstName" value="Andy"/>
    <input type="hidden" name="billingLastName" value="Testname"/>
    <input type="hidden" name="billingMobile" value="+99123456789"/>
    <input type="hidden" name="billingPostalCode" value="98765"/>
    <input type="hidden" name="billingPostalPlace" value="Denmark"/>
    <input type="hidden" name="MAC" value="4a25050c229ab07ed61a2c3ef454f597246eda96f5b1512fec90dcb74f761a70"/>
    <input type="hidden" name="oiTypes" value="QUANTITY;UNITCODE;DESCRIPTION;ITEMID;AMOUNT;VATPERCENT" />
    <input type="hidden" name="oiRow1" value="1;pcs;ACME band;427;100;2500" />
</form>

Essential

Parameter Type Description

MAC

String. Max 64 hexadecimal characters, which fits a SHA-256 code.

Contains the calculated HMAC value for the used parameters. If this is sent along, HMAC verification will be forced, ensuring that the data sent from the shop to DIBS has not been tampered with. Please refer to the HMAC calculation page for more information.

acceptReturnUrl *

String. max 1024 characters

If the purchase is approved, a redirect to the value of acceptReturnUrl is made. The return parameters will be returned as a POST. It is possible to use GET parameters as well, but beware of browser restrictions regarding URL lengths.

acceptReturnUrl = "http://www.yourDomain.com/acceptedPayment?var1=YES&var2=JohnDoe"

If the payment is accepted, the the customer will be redirected to

"http://www.yourDomain.com/acceptedPayment?var1=YES&var2=JohnDoe"

It is recommended (but not required) to use HTTPS.

amount *

Long - Minimum value of 1 - maximum value 1715000000

The smallest unit of an amount in the selected currency, following ISO4217 (see the minor unit list here). Example:

Smallest unit for EUR is "cent" thus setting 'amount="150"' leads to the amount being 1,50 EUR
Smallestunit for JPY is "yen" thus setting 'amount="150"' leads to the amount being 150 JPY

billingAddress2

String

Customers billing street address (continued).

billingAddress

String

Customers billing street address. If the acquirer requires the adress to be entered, then billingAddress is used to prepopulate the address field. If acquirer returns a different address, billingAddress will be overwritten.

billingEmail

String. Max 128 characters

Customers email address. Can be passed along to the acquirer if applicable.

billingFirstName

String

Customers billing first name.

billingLastName

String

Customers billing last name.

billingMobile

String.Max 1024 characters

Customers mobile number. Can be passed along to the acquirer if applicable. Note: We only accept a row of digits and spaces optionally prepended by a '+'

billingPostalCode

String

Customers billing postal code

billingPostalPlace

String

Customers billing postal place (city, town, etc).

callbackUrl

String. Max length 1024. Format is validated by java's java.net URL class.

An optional (but recommended) ”server-to-server” call. This can be used for many purposes, the most important being able to register the order in your own system without depending on the customers browser hitting a specific page of the shop. Only the following ports are allowed:

  • 80 (HTTP)
  • 443 (HTTPS)
  • 20080

Example:

callbackurl = "http://www.yourDomain.com/callback?var1=YES&var2=JohnDoe"

If the payment is processed, then the server to server responce will go to

"http://www.yourDomain.com/callback?var1=YES&var2=JohnDoe"

currency *

String. 3 characters.

Currency is defined using the ISO4217 standard (see the currency list here). Both numeric and upper case letter codes are accepted.

Example:

currency="SEK"
currency="752"

merchant *

String. 36 characters

The Merchant ID is the DIBS Customer ID that appears in the e-mail received from DIBS during registration with DIBS, on your contract, or in the invoice from DIBS. If you do not have you Merchant ID, please contact our support department.

oiRow(1..n)

String. Max 1024 characters

Order information data row. Used to add order information to the purchase to be shown in the DIBS Administration. Please refer to the Order information page or more information.

oiTypes

String. Max 1024 characters

Order information column types must be in upper case. The data should be delimited by a semicolon. The order is significant and should match the other rows. Please refer to the Order information page or more information.

orderId *

String. Max 50 characters. Reg-ex format ^[a-zA-Z0-9\._-|]+$

The shops order number for this particular purchase. This is the cross reference between the shop and DIBS Payment Services (both numerals and letters may be used). The actual length of the orderid shown on the bank settlement report may differ from acquirer to acquirer.

* : These parameters are always validated by DIBS

Optional

Parameter Type Description
addFee Integer. Only the value 1 is allowed If set to 1, the acquirers transaction fee will automatically be added to the amount of the payment. Note: If you wish to use this parameter, please take contact to our support department to ensure the right fees are registered on your account.
cancelReturnUrl String. max 1024 characters. Format is validated by java's java.net.URL class. The URL of the page to be displayed if the customer cancels the payment. The return parameters will be sent using HTTP POST. Example:
cancelurl = "http://www.yourDomain.com/cancelPayment?var1=YES&var2=JohnDoe"
If the payment is cancelled, then the customer will be redirected to
"http://www.yourDomain.com/cancelPayment?var1=YES&var2=JohnDoe"
captureNow Integer. Only the value 1 is allowed. If the value 1 is sent, a capture request is automatically carried out after the authorization, following the normal capture process of the specific acquirer. This function can only be utilized in the event that there is no actual physical delivery of any items.
createTicket Integer. Only the value 1 is allowed.

If set to 1, a ticket will be created rather than a normal payment. Ticket registrations are not available in the transaction overview in DIBS Administration. You cannot use the 'capturenow' parameter while using 'createTicket'.

Note: createTicket functionality will have to be activated by DIBS.

createTicketAndAuth Integer. Only the value 1 is allowed.

If set to 1 we will first attempt to create an authorization. If successful, we will save information about the card for continuous authorizations and afterwards do a normal autorization for the specified amount. DIBS will return both a “ticket” and a “transaction” value if the request is successful. This parameter cannot be sent if createTicket is sent.

Note: createTicket functionality will have to be activated by DIBS.

expandOrderInformation

Integer. Only the value 1 is allowed.

If set to 1, the specified order information (given by the oiTypes and ioRow1..n parameters) will be shown by default. Alternatively, the customer will have to click "Show more information".

language String

Contains the code of the language and locale to be used in DIBS Payment Window (default is "en_US"). Supported language codes are:

Code Language
da_DK Danish
de_DE German
en_GB English (GB)
en_US English (US)
es_ES Spanish
fi_FI Finnish
fr_FR French
it_IT Italian
nb_NO Norwegian (Bokmål)
nl_NL Dutch
pl_PL Polish
pt_PT Portuguese
sv_SE Swedish


Shorthand codes are also accepted, ie. "en", "da", "sv" and "nb" will be interpreted as "en_US", "da_DK", "sv_SE" and "nb_NO" respectively.

The default is used if this parameter is omitted or if the language code given does not match any of the above codes.

payType String. A comma separated list of payment type short names. Used to control the payment methods available in the payment window. Only these payment types will be shown and accepted. This list must be comma separated with no spaces in between. Example:
<input type="hidden" name="payType" value="VISA,MC" /> 

Please refer to the Toolbox section for more information on paytypes.

shippingAddress2 String Customers shipping street address (continued).
shippingAddress String Customer's shipping street address. If acquirer supports delivery to address specified by merchant, this parameter can be used to parse the information to the acquirer.
shippingFirstName String Customers first name.
shippingLastName String Customers last name.
shippingPostalCode String Customers shipping postal code.
shippingPostalPlace String Customers shipping postal place (town, city, etc.).
socialSecurityNumber String Social security number. If not sent as input parameter to the payment window, the customer may be prompted for it in the DIBS invoice payment flow.
test Integer. Only the value 1 is allowed This field is used when tests are being conducted on the shop.
If set to 1, a test purchase will be done to the shop. When this field is declared, the transaction is not dispatched to the card issuer, but is instead handled by the DIBS test environment. Please refer to the Toolbox section for test information to be used when conducting tests.

 

Do you have a question or need help?
Follow us
DIBS Payment Services
Stockholm +46 (0)8-527 525 00
Göteborg +46 031-600 800
København +45 7020 3077
Oslo +47 21 55 44 00