Embedded Payment Form

MorPOS With Embedded Payment Form card information is collected through MorPOS's secure interface.

Endpoint

POST /v1/EmbeddedPayment/CreatePaymentForm

Headers

Key

Type

Description

Example

x-ClientID

String

Unique identifier for the API client

your-client-id

x-ClientSecret

String

Secret key for the API client

your-secret-key

x-GrantType

String

Type of access token used

client_credentials

x-Scope

String

API scope

pf_write, pf_read

x-Timestamp

String

Request timestamp (ISO 8601)

2024-12-17T12:34:56Z

Request Body

Field

Required

Type

Description

Example

merchantId

✅

String

Unique identifier for the merchant

100000000000004

returnUrl

✅

URL

Redirect URL after successful transaction

https://www.example.com/success

failUrl

✅

URL

Redirect URL after failed transaction

https://www.example.com/error

paymentMethod

✅

String

Payment method

EMBEDDEDPAYMENT

paymentInstrumentType

✅

String

Payment instrument type

CARD

language

✅

String

Transaction language

conversationId

✅

String

Unique identifier for tracking

MP20240305001

sign

✅

String

Digital signature of the request

ABC123...

transactionDetails.transactionType

✅

String

Transaction type

SALE

transactionDetails.installmentCount

✅

Integer

Number of installments (0 = single payment)

transactionDetails.amount

✅

Decimal

Transaction amount

1.00

transactionDetails.currencyCode

✅

Integer

Currency code (TRY = 949)

949

transactionDetails.vftFlag

❌

Boolean

VFT usage status

false

extraParameter.pFSubMerchantId

❌

String

Sub-merchant ID

12345

Example Request

{
  "merchantId": "100000000000004",
  "returnUrl": "https://www.example.com/success",
  "failUrl": "https://www.example.com/error",
  "paymentMethod": "EMBEDDEDPAYMENT",
  "paymentInstrumentType": "CARD",
  "language": "en",
  "conversationId": "MSD2024030500000000115",
  "sign": "AAVWY3RZKJVVCEAD8LDQB4KWJL4QX/IQQRGQ3XIWAAG=",
  "transactionDetails": {
    "transactionType": "SALE",
    "installmentCount": 0,
    "amount": "1.00",
    "currencyCode": "949",
    "vftFlag": false
  },
  "extraParameter": {
    "pFSubMerchantId": "12345"
  }
}

Example Response

{
    "code": "B0000",
    "message": "SUCCESS",
    "conversationId": "MSD28729399188493475",
    "paymentFormContent": "                    <div id='finagopay-container'>jscode</div>                    <script  src='https://finagopay-pf-ui-merchant.prp.morpara.com/embedded/finagopayPayment.js'></script>                       <script>                                                let isPaymentStarted = false;                        const paymentDateTime = new Date('2026-01-27 10:28:40');                         const now = new Date();                        const timePassed = paymentDateTime -now;                        const expireTime = Math.max(0, timePassed);                        function postRedirect(url, dataObj) {                            let form = document.createElement('form');                            form.method = 'POST';                            form.action = url;                            for (const key in dataObj) {                                if (dataObj.hasOwnProperty(key)) {                                    let input = document.createElement('input');                                    input.type = 'hidden';                                    input.name = key;                                    input.value = dataObj[key];                                    form.appendChild(input);                                }                            }                            document.body.appendChild(form);                            form.submit();                        }                        let finagopayPayment = new FinagopayPayment({                            container: '#finagopay-container',                    baseUrl:'https://finagopay-pf-api-gateway.prp.morpara.com/v1/EmbeddedPayment',                            clientSecret:'MjEyYTFmYzA4NTVhMWNiNDA1YzllNjM3Mzk3NDBjNzVmYjZmMDJlODI5NWU1ZmQ4ZTZhMmY1ZTA5NGFhYjZiYw==',                            clientId:'cx+eQAPE6JJAaJrGDDl2',                            timestamp:'20260127101840',                            merchantId:'5000000017',                            amount:'1.00',                            conversationId:'YBS28729399188493475',                            language:'en',                            onSuccess: function(payload) {                                                                isPaymentStarted = true;                                let request = {                                    RequestData: 'usZND1SEut9/Il3R2FwU/cIhDzw3NZpFfLEjfymUUj/qEnxBt0PqJk7WJmWrLT9u9GLpCnRQAzcMbPFIUu+ZM4fE9ngZxxrzp36C1tfo98plQux5NjjyV58uOIg02jeBDSxSD4borOvyanfV0+LhTy2lbhvJgVGJCVsOOw7GE+g4sWQZshwQ9piSjAgUu/zZUHkP/rHWSMP08C9XAtrgmdzrkayOZLyxI7mg3REHQlVI6Zjocz4pMbwVuduSUprt8VfvCxu8rZWeDEeG6DOga8+fUkGQL8RTVFSVgGUNwrXlApAQwtaNMteYef/0Kd7QMb0c2y+rqT9yUmQePJvQuZNXPRKXEGcMtKC/0XtSXM2D4Es4X9uTRGNP3MWDpNG502yI25mIkjcfI2UDOO2iVPZPWFnN5F0BuQSWfCV49eBTGemkrOmSLN/C3ubyLrvkAvB1WokeTi/h9cTuQnluPsVazXw7z8kWM6lyl6/kGTq+l5Ai+FgrCOIdNJABt7bs9ctD9CtUChiuLpBKIOsHT01QQ55/Uz5xgnMwqOM1uCne71BLrp1+Pc6+Xa6+y/F+7A4yEBlD1kKV98ro3e3T4MqiVL9KiTIhH1GWeGKUZ4Obeela6Wz6JNiVEHuJqW1suPXoNvQ5kp7ylmwztRZC080nffntk7w7CT+BdBv7an/IkmYyGvIkcsye38qmHi/jsKyUNrc40PGvg0uoz00+BA==æe6yK94u/Z3ye4r2frkolqQ==',                                    PaymentPageTransactionGuid:'vJGv1A+C9HJ1F6EAGdp2mEd8ltt0U7+VM565KqQptB4=æUm3LGMAvV21tZ1ySvXzjfQ==',                                    CardToken: payload.token                                };                                fetch('https://finagopay-pf-api-gateway.prp.morpara.com/v1/EmbeddedPayment/processPayment', {                                    method: 'POST',                                    headers: {                                        'Content-Type': 'application/json',                                        'X-ClientSecret': 'MjEyYTFmYzA4NTVhMWNiNDA1YzllNjM3Mzk3NDBjNzVmYjZmMDJlODI5NWU1ZmQ4ZTZhMmY1ZTA5NGFhYjZiYw==' ,                                        'X-ClientId': 'cx+eQAPE6JJAaJrGDDl2' ,                                        'X-GrantType': 'client_credentials' ,                                        'X-Scope': 'pf_write pf_read',                                         'X-Timestamp': '20260127101840',                                     },                                    body: JSON.stringify(request)                                })                               .then(response => response.json())                               .then(data => {                                    if (data.use3d)                                        {                                        if (data.htmlForm) {                                            const decodedHtmlContent = atob(data.htmlForm);                                            document.open();                                            document.write(decodedHtmlContent);                                            document.close();                                         }                                         else {                                                postRedirect(data.failUrl, {Code: 'R0099',Message: 'Failed to obtain the HTML content required for 3D Secure authentication'});                                             }                                        }                                    else                                        {                                            let targetUrl = (data.code === 'B0000') ? data.returnUrl : data.failUrl;                                            postRedirect(targetUrl, data);                                        }                                                                 })                               .catch(error => {                                         postRedirect('{baseUrl}/fail-response', { error: error.message || 'Unknown error'});                                });                            }                        });                     setTimeout(() => {                           if (!isPaymentStarted) {                                const container = document.querySelector('#finagopay-container');                                if (container) {                                    container.innerHTML = '<p>Payment time has expired. Please try again.</p>';                                }                            }                        }, expireTime);                                       </script>",
    "paymentFormExpireTime": "2026-01-27T10:28:40.4442155+03:00",
    "returnUrl": "https://www.example.com/success",
    "failUrl": "https://www.example.com/unsuccessful"
}

Operational Notes

Card information is not transmitted to the merchant system
Card data is collected via the payment provider's embedded payment interface through
PCI-DSS scope is significantly reduced
According to the transaction result, the user returnUrl or failUrl is redirected to the address

PreviousIntegration Methods NextHosted Payment Page

Last updated 1 month ago

hashtagEndpoint

hashtagHeaders

hashtagRequest Body

hashtagExample Request

hashtagExample Response

hashtagOperational Notes

Endpoint

Headers

Request Body

Example Request

Example Response

Operational Notes