Contents

Basic usage

Solinor payment method works more or less as other payment methods; it will be present in payment_methods array in restaurant’s data, and when the payment has been processed by our system, like with other payment methods, it will return an url which client is supposed to redirect customer to, open it in new browser or in embedded web view, for example. This page will instruct customer how to pay the payment, i.e. by giving her credit card information for Solinor so they can do the charge.

This can be cumbersome to do again and again, especially in mobile environments. For this kind of cases, Solinor has support for card tokenization which creates unique identifier for the card, which is then stored in our system. Using this identifier, customer can do a payment without inserting the card again. Because customer may have more cards than only one, there is some actions below to handle the logic of token payment.

/customer/cards

This action returns cards customer has saved when using Solinor payment method. The identifiers returned by this call is only valid for the customer and contains only public portions of the card (last digits of the card and expiry time), which can be stored without extra measures as per PCI DSS.

Fiidmi services nor its operator SLM Finland Oy does not save any credit card information, credit card handling is done solely by Solinor payment highway.

The cards here could for example shown in customer’s user information (account settings), where customer can see the cards and decide whether she wants to remove or modify the cards.

In order process (/restaurant/make_order), if customer has chosen Solinor payment method, this action can be used to look whether customer has any saved cards and then shown to customer in order to choose whether she wants to use a saved card or add new card (resulting to no token_id in /restaurant/make_order data) and pay with that.

Request

POST nameValueRequired?
session_idhash returned by loginYes

Response

[
  {
    "comment":"The id that can be passed to /restaurant/make_order to tell that this card should be used for the payment.",
    "id":"123456",
    "comment":"Optional name that can be given by customer for the card using /customer/cards/modify.",
    "name":"Nya",
    "comment":"Last (usually four) digits of the card which can be shown to customer so customer can see which card this is.",
    "partial_pan":"1234",
    "type":"visa",
    "year":"0001",
    "month":"01"
  },
  ".."
]

Expectable errors

See error conventions section for explanation how error system works.

Label Additional data Description
NO_CARDSNoneReturned if customer has no cards.

/customer/cards/modify

This can be used to modify a card. Currently only changing the name customer has given to the card is supported.

Request

POST nameValueRequired?
session_idhash returned by loginYes
card_idcard id from /customer/cardsYes
nameName of the card. If not given, it won’t be changed. If empty, current name will be removed.No

Response

ResponseJSON
Success:"success"
Failure:error array

Expectable errors

See error conventions section for explanation how error system works.

Label Additional data Description
INVALID_CARD_IDNoneClient tried to modify card that it was not allowed to modify, or problem in the server. Contact the person in charge of the API.

/customer/cards/delete

This action can be used to delete a card customer has saved to the system.

Request

POST nameValueRequired?
session_idhash returned by loginYes
card_idcard id from /customer/cardsYes

Response

ResponseJSON
Success:"success"
Failure:error array

Expectable errors

See error conventions section for explanation how error system works.

Label Additional data Description
INVALID_CARD_IDNoneClient tried to delete card that it was not allowed to modify, or problem in the server. Contact the person in charge of the API.