- 18 Sep 2024
- 9 Minutes to read
- Print
- DarkLight
Refunding payments with SEPA Credit Transfer (pacs.007 and pacs.002)
- Updated on 18 Sep 2024
- 9 Minutes to read
- Print
- DarkLight
This tutorial describes how you can refund (reverse) SEPA Credit Transfer (SCT) payments with the Refund API (also known as the pacs.007 endpoint of the Payments Hub API).
For this tutorial, consider a scenario where you are a payment provider, and your merchant in Cádiz has a customer in Lisbon who purchases an item for which they later want a refund. The Refund API can be used to reverse the EUR transfer and return part of the money from the merchant account to the customer's account.
This tutorial describes, in 2 separate sections, how:
You can initiate a refund for an SCT payment using the ISO pacs.007 message.
You can receive a notification of the refund, allowing you to retrieve its status using the ISO pacs.002 message.
Note
The instructions in this tutorial apply to the sandbox environment.
Prerequisites
Before obtaining the access token, make sure you have a public-private key pair that you can use to sign JWT Bearer tokens.
Click here to email your public key, along with the kid and iss claim values you will use in your JWT Bearer tokens.
Note
The public key must be created with RSA and sent in PEM format, without password encryption, and must have a length of at least 2048 bits. If these criteria are not met, the token will be rejected.
If you don't have a public-private key pair yet, you can use a predefined JWT Bearer token in the sandbox with no need to create or sign your own tokens for authentication:
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ikh1YnRlc3RfcHJvX3NhbmRib3gifQ.eyJzdWIiOiJxTWtaOTBxb0hBTjVJbkE2V2xNYVZBaE41dDhBQWVPeCIsImlzcyI6IlNhbnRhbmRlciIsImlhdCI6MTY2MTMyNzQyNSwibmJmIjoxNjYxMzI3NDI1LCJleHAiOjE2OTI4NjM0MjUsImp0aSI6IjRmMjM0ZmIxLWM3ODAtNGVhNS05YmI5LTBkMTZiYzU3MmFmNyJ9.lz19moa2xSUeBoz4-55qF15CY_LU-1Vb7bh14Q1pGjqR7hEL3OdxK9-EnWSP4eDMivMZWTHOXbFTj9WcH0eiX1u7fNJVVhyWTUqvIfI5Qcpal2j2pQElLe9mv7bytMGPbDpK-9kNqkuNX4J_LB7qLZJtPwSbsFtICORpLrBeMHwqWLRnaFVOMuiMM14CXG31YaKNVphowthVA_21CuE0P5Tl5iIlJIx0MENoq_pbmQpFkuN0VlxW7gv9Zrqo44Vd4TtoZiF4uY-PgbT3JDnbEe5pRa7C4vF-LHrdgfpNW9fjW9kut-ZuyeEIH240t6emstsdtcFAC18TpZjo9HM3sw
In the sandbox environment, you can use a predefined test SCA JWT Bearer token:
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6InByb1BheW1lbnRzSHViU2IifQ.eyJoZCI6Ik1NNVh4Y1pHaGE5bnc3M1ByTkJHdXZuRkJMRnNTWDBka3lJeG8xZ3FMNlE9Iiwibm9uY2UiOiI2NDQ2M2NhNGJiMGUxYmYxY2I4MyIsImFsZyI6IlNIQTI1NiIsImlhdCI6MTcxMjMxMTQzMywibmJmIjoxNzEyMzExNDMzLCJleHAiOjE3NDM4NDc0MzMsImp0aSI6ImFiYzhmN2I5LTNlYTEtNDA1Yi1iYTRiLWJmMzU2MTlkMzYzOCJ9.WC3uTar9aSJYrIwp1o2mCCD2HhBsawvAiuDVYp7281HkAZwfYBMbxdgsvhd3nZ0zLlc-RLhmgOHgynEUKbtlkUVH6HaeCptjMHmJWjhXVIZUzO29qa3ww_0_R98NDVIPP7nI5PcxhYRJRk2ipa5iLGEJzmMpV2ak_t9J5uotrXkG4rCdwP1fnS1I43DMFOCF8o890hk3PkQRSN2PFF4q9dV1OX2OkMV3ccq7aYn6Q1xXO-M2aXw62Sob2kbRKmkZXAYyk7kS6GP6ckG3R9mE0wG9lrl1QVpi1xAO-3HG4jkYQXrwOgs17kcGvLJ2SakbcGqItOKiX1T7XnS_2DJEmA
1. Authenticate to get an access token
The Payments Hub API endpoints (including the Refund API) are protected with OAuth 2.0 JWT Bearer grant. To use the API, you must create a JWT Bearer token and use it to get an access token:
To create a JWT Bearer token, see the Appendix in Authentication guide . For a predefined token that you can use in the sandbox for testing purposes, see the Prerequisites in Authentication guide .
For detailed instructions on how to get the access token, see Authentication guide .
2. Refund the payment
A customer is not happy with their purchase and they request a refund from your merchant, who forwards the request to you. You can then initiate the payment refund using the pacs.007 HTTP request.
This section describes how to make a partial refund via a pacs.007 HTTP request to the Refund API. It also illustrates a successful response.
Request
Create and send a request using the following operation:
POST https://sandbox.api.pagonxt.com/payments/pacs007/v08
Headers
The request must contain the headers shown in the following table.
Table: Refund the payment - Required request headers.
Header name | Description | Required/ Optional | Values |
---|---|---|---|
Authorization | Authorization security header | Required | Bearer <Access token> |
X-Client-Id | Client ID | Required | <Client ID> |
Content-Type | Format of the request body | Required | application/json |
sca-token |
| Required | <SCA token> |
Accept | Format of the response body | Required | application/json |
Request body
The request must include a JSON payload object in the request body. The JSON payload is a pacs.007 ISO message with the fIToFIPmtRvsl root element, and it contains the request details for refunding a payment.
The following table only provides information about some especially important fields. For details on all the required and optional message fields, see Message field definition for pacs.007 .
Table: Refund the payment - Relevant request body elements.
Message field | Description | Data type | Required/Optional |
---|---|---|---|
grpHdr.msgId | Message ID, which must uniquely identify each request you send. This ID is used internally for idempotency of the API. | String | Required |
grpHdr.creDtTm | Date and time of the payment refund request | String | Required |
grpHdr.nbOfTxs | Number of transactions within the message. Value: 1 | Number | Required |
grpHdr.sttlmInf.sttlmMtd | Settlement method. Value: CLRG | String | Required |
txInf.rvslId | Unique payment refund ID for the end customer | String | Optional |
txInf.rvsdIntrBkSttlmAmt | Data structure containing the payment currency and the amount to be refunded. The currency must be EUR and the amount must be a positive value. The Refund API validates that the amount is less than the original payment amount. | Object | Required |
txInf.rvslRsnInf.rsn.cd | Code for the payment reversal | String | Required |
txInf.rvslRsnInf.addtlInf | Array of the client reference for the inbound payment to be refunded. The array can contain the following elements:
· fitoFICstmrCdtTrf.cdtTrfTxInf.rmtInf.strd.cdtrRefInf.ref · fitoFICstmrCdtTrf.cdtTrfTxInf.pmtId.endToEndId · fitoFICstmrCdtTrf.cdtTrfTxInf.pmtId.txId · fitoFICstmrCdtTrf.grpHdr.msgId · paymentsHubId returned in the response body of the original payment request. This element is mandatory.
· Null, zero, or rmtinf = Creditor reference ID · e2eid = End-to-end ID · txid = Transaction ID · msgid = Message ID · payhubid = Payments Hub ID This element is optional. If it is not provided, the value of element [0] must be the creditor reference ID.
| Array | Required |
Example request body:
{
"fitoFIPmtRvsl": {
"grpHdr": {
"msgId": "8899402864411437377893795",
"creDtTm": "2021-05-18T15:43:13.455Z",
"nbOfTxs": "1",
"sttlmInf": {
"sttlmMtd": "CLRG"
}
},
"txInf": [
{
"rvslId": "8899402864411437377893795",
"rvsdIntrBkSttlmAmt": {
"value": 10,
"ccy": "EUR"
},
"rvslRsnInf": [
{
"rsn": {
"cd": "AC01"
},
"addtlInf": [
"e171018d-a783-3300-915a-3bb9c1928a2b"
]
}
]
}
]
}
}
Request example
The following example illustrates the request using raw HTTP code:
POST /payments/pacs007/v08 HTTP/1.1
Host: sandbox.api.pagonxt.com
Content-Type: application/json
Authorization: Bearer YOUR_ACCESS_TOKEN
X-Client-Id: YOUR_CLIENT_ID
sca-token: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6InByb1BheW1lbnRzSHViU2IifQ.eyJoZCI6Ik1NNVh4Y1pHaGE5bnc3M1ByTkJHdXZuRkJMRnNTWDBka3lJeG8xZ3FMNlE9Iiwibm9uY2UiOiI2NDQ2M2NhNGJiMGUxYmYxY2I4MyIsImFsZyI6IlNIQTI1NiIsImlhdCI6MTcxMjMxMTQzMywibmJmIjoxNzEyMzExNDMzLCJleHAiOjE3NDM4NDc0MzMsImp0aSI6ImFiYzhmN2I5LTNlYTEtNDA1Yi1iYTRiLWJmMzU2MTlkMzYzOCJ9.WC3uTar9aSJYrIwp1o2mCCD2HhBsawvAiuDVYp7281HkAZwfYBMbxdgsvhd3nZ0zLlc-RLhmgOHgynEUKbtlkUVH6HaeCptjMHmJWjhXVIZUzO29qa3ww_0_R98NDVIPP7nI5PcxhYRJRk2ipa5iLGEJzmMpV2ak_t9J5uotrXkG4rCdwP1fnS1I43DMFOCF8o890hk3PkQRSN2PFF4q9dV1OX2OkMV3ccq7aYn6Q1xXO-M2aXw62Sob2kbRKmkZXAYyk7kS6GP6ckG3R9mE0wG9lrl1QVpi1xAO-3HG4jkYQXrwOgs17kcGvLJ2SakbcGqItOKiX1T7XnS_2DJEmA
Content-Length: 944
{
"fitoFIPmtRvsl": {
"grpHdr": {
"msgId": "8899402864411437377893795",
"creDtTm": "2021-05-18T15:43:13.455Z",
"nbOfTxs": 1,
"sttlmInf": {
"sttlmMtd": "CLRG"
}
},
"txInf": [
{
"rvslId": "8899402864411437377893795",
"rvsdIntrBkSttlmAmt": {
"value": 10,
"ccy": "EUR"
},
"rvslRsnInf": [
{
"rsn": {
"cd": "AC01"
},
"addtlInf": [
"e171018d-a783-3300-915a-3bb9c1928a2b"
]
}
]
}
]
}
}
Response
If the request is valid, you receive an HTTP 201 Created response, which means that the payment refund request was successfully submitted. In addition, the response body returns the data JSON object, which contains payment refund details. If the request is submitted again with the same message ID, you receive an HTTP 200 OK response. For further details of HTTP response codes and instructions on how to handle errors, see HTTP codes and request error handling .
The following table shows the response body elements that are relevant for the current use case. For details on all the response body elements, see Message field definition for pacs.007 .
Table: Refund the payment - Relevant response body elements.
Element | Description | Data type |
---|---|---|
paymentsHubId | Payments Hub ID, which uniquely identifies your payment refund request in Payments Hub. You can use it if you later need to retrieve the payment refund details. | String |
paymentsId | Message ID you defined in the request as the grpHdr.msgId field value | String |
status | Current status of the payment refund. Since Payments Hub stores all requests for a while before performing the transaction settlement, this value is returned as PENDING. | String |
Extract the value of the paymentsHubId key, as you'll need it in the next section.
Example response body:
{
"data": {
"paymentsHubId": "PAYMENTSHUB1234567890",
"paymentId": "PAYMENT1234567890",
"status": "PENDING",
"creationDateTime": "2021-05-18T15:12:22Z"
}
}
3. Retrieve the refund payment status
This section describes how, after receiving a notification, you can retrieve the payment refund status via a pacs.002 HTTP request to the Payments Hub API. To send this request, you need to provide the Payments Hub ID provided in the notification, see Notifications . This section also illustrates a successful response.
Note
Notifications are not used in the sandbox environment.
Request
Create and send a request using the following operation:
GET https://sandbox.api.pagonxt.com/payments/pacs002/v10/{paymentsHubId}
Headers
The request must contain the headers shown in the following table.
Table: Retrieve the refund payment status - Required request headers.
Header name | Description | Required/Optional | Values |
---|---|---|---|
Authorization | Authorization security header | Required | Bearer <Access token> |
X-Client-Id | Client ID | Required | <Client ID> |
Accept | Format of the response body | Required | application/json |
Parameters
The request must contain the path parameter shown in the following table.
Table: Retrieve the refund payment status - Request parameter.
Parameter type | Parameter name | Description | Data format | Required/Optional |
---|---|---|---|---|
Path | paymentsHubId | Payments Hub ID related to the refund payment, received in the notification | String | Required |
Request example
The following example illustrates the request using raw HTTP code:
GET /payments/pacs002/v10/YOUR_PAYMENTS_HUB_ID HTTP/1.1
Host: sandbox.api.pagonxt.com
Content-Type: application/json
Authorization: Bearer YOUR_ACCESS_TOKEN
X-Client-Id: YOUR_CLIENT_ID
Response
If the request is valid, you receive an HTTP 200 OK response, which means that the refund payment status was successfully retrieved. For further details of HTTP response codes and instructions on how to handle errors, see HTTP codes and request error handling .
In addition to the response code, the response body returns the fIToFIPmtStsRpt JSON object, which contains a pacs.002 ISO message.
The following table shows the response body elements that are relevant for the current use case. For details on all the response body elements, see Message field definition for pacs.002 .
Table: Retrieve the refund payment status – Relevant response body elements.
Element | Description | Data type |
---|---|---|
txInfAndSts.txSts | Refund payment status. The possible values are based on the ISO standard. For example: ACCC (accepted) or RJTC (rejected) | String |
Extract the value of the txInfAndSts.txSts key to see the refund payment status.
Example response body:
{
"fitoFIPmtStsRpt": {
"grpHdr": {
"msgId": "1587641040",
"creDtTm": "2020-06-26T10:32:58.605"
},
"txInfAndSts": {
"orgnlGrpInf": {
"orgnlMsgId": "1587641040",
"orgnlMsgNmId": "pacs.007.001.08"
},
"orgnlInstrId": "unique-instructionId",
"orgnlEndToEndId": "e2eId-1587641040",
"orgnlTxId": "111111",
"txSts": "ACCC",
"stsRsnInf": {
"addtlInf": [
null,
null,
"SEPA:269bbf341511471106",
null
]
},
"orgnlTxRef": {
"pmtTpInf": {
"svcLvl": [
"prtry": "SEPA"
]
},
"rmtInf": {
"strd": {
"addtlRmtInf": "269bbf341511471106"
}
}
}
}
}
}