Transaction Authorisation¶

This is one of the most crucial steps you have to implement in order to complete the checkout integration.

After the customer completed the payment on Tamara checkout, the transaction will be at approved state and in the meantime Tamara backend will send a notification (Http POST request) to your backend via the notification url you provided us in the create checkout session payload or subscribed webhook endpoint for the approved event.

In order to test the communication, we recommend using a tool like https://webhook.site to see how it works.

The notification payload will look like this:

Request Payload

{
"order_id": "8c5e39bb-698d-4c9a-bf9b-efe9bb133fca",
"order_reference_id": "123456",
"order_status": "approved",
"data": []
}

order_reference_id is your order id that you have shared with us in the create checkout session payload.

Curl Sample

curl -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <tamaraToken>" \
--data '{"data":[],"order_id":"<tamaraOrderId>","order_reference_id":"<yourRefOrderId>","order_status":"approved"}' \
"<theNotiticationUrlParamInCreateCheckoutRequest>?tamaraToken=<tamaraToken>"

<tamaraToken> is the encoded JWT token using HS256 algorithm and you can use our provided Notification Token to decode it to ensure the request to you Notification endpoint comes from Tamara (security aspect).

After receiving the notification from us, your backend has to acknowledge us by calling our Authorisation API

This backend to backend communication will also help to avoid the frontend redirection issue during the checkout. For instance, after the customer completed the payment successfully from Tamara side and couldn't redirect back to your frontend website/apps due to the networking/connection problem, your system will still receive the notification from us in background.

Once we receive the authorisation call-back, the transaction will be moved to authorised status, and you can start shipping the items.

If we don't receive the authorisation callback from your end, the order/transaction on our side will be stuck at approved status, and you cannot trigger the capture call for that payment later, also that payment is implicitly excluded from your next settlement. Therefore, please implement and test this flow carefully on our sandbox environment before going live.