Handling API Responses

This page assumes you have made a request to the BreathePay API and have a response object

Validating API Signatures

For every API response, you must validate the signature from the API is valid with your merchant secret, in order to protect from man in the middle attacks

//PHP
//Use the createBreathePaySignature function we created earlier to verify the responses signature 
if(isset($response['signature'])) {
  $signature = $response['signature'];
  unset($response['signature']);
  
  if($signature !== $this->createBreathePaySignature($response, YOUR_MERCHANT_SECRET)) {
    //SIGNATURE INVALID, TRANSACTION IS COMPROMISED
  }
}

Successful Response

Successful responses return a status code of 0

//PHP
if($response['responseCode'] == 0) {
    //If it was a charge request, store these values for reconcilliation and refunds
    $txId = $response['transactionID'];
    $xref = $response['xref'];
}

Error Response

Error responses return a status code that is neither 0 for 65802

//PHP
if($response['responseCode'] != 0 && $response['responseCode'] != 65802) {
    //Handle error
}

PreviousBackend Code NextRefunds & Cancelations

Last updated 1 year ago