Contents

Redirects

 

Redirect following the payment

 

By default, when a transaction has been processed, our response page will be displayed to the customer. This displays a message indicating whether or not the transaction was successful, along with details regarding the payment for the customer’s records. Alternatively, you may prefer to host a response page on your own server.

 

 


 

Configuring redirects

Click the headings below to learn how to configure redirects that occur following different transaction outcomes:

 

For successful transactions

This can be configured on your site by adding the following to your POST to Payment Pages:


<!--Enables rule that redirects the customer following a successful transaction-->
<input type=hidden name="ruleidentifier" value="STR-6">

<!--Update the below with the URL for the redirect-->
<input type=hidden name="successfulurlredirect" value="http://yourwebsite.com/successful">

 

The URL of your hosted response page must be externally facing. We cannot redirect to internal, intranet, private or loopback addresses.

URL
We recommend only redirecting to secure HTTPS pages. When using iframes, some web browsers will refuse to redirect to non-secure pages as a security measure.
Warning
Both “STR-6” and the URL of the redirect need to be included in the string used to generate your request site security hash. Failure to do so will result in the customer being shown an “Invalid details” error message.

 


 

For declined transactions

By default, if a customer’s card declines, we will redisplay the payment form with an error, prompting them to try a different method of payment (recommended). Alternatively, you can instead opt to redirect customers to a different URL when their card declines.

 

This can be configured on your site by adding the following to your POST to Payment Pages:


<!--Enables rule that redirects the customer following a declined transaction-->
<input type=hidden name="ruleidentifier" value="STR-7">

<!--Update the below with the URL for the redirect-->
<input type=hidden name="declinedurlredirect" value="http://yourwebsite.com/declined">

 

The URL of your hosted response page must be externally facing. We cannot redirect to internal, intranet, private or loopback addresses.

URL
We recommend only redirecting to secure HTTPS pages. When using iframes, some web browsers will refuse to redirect to non-secure pages as a security measure.
Warning
Both “STR-7” and the URL of the redirect need to be included in the string used to generate your request site security hash. Failure to do so will result in the customer being shown an “Invalid details” error message.

 


 

For all error cases

By default, if any errors were encountered that prevented the transaction from being processed successfully, we will redisplay the payment form with an error, prompting them to try a different method of payment (recommended). Alternatively, you can instead opt to redirect customers to a different URL when an error occurs.

 

This can be configured on your site by adding the following to your POST to Payment Pages:


<!--Enables rule that redirects the customer following an error-->
<input type=hidden name="ruleidentifier" value="STR-13">

<!--Update the below with the URL for the redirect-->
<input type=hidden name="errorurlredirect" value="http://yourwebsite.com/error">

 

The URL of your hosted response page must be externally facing. We cannot redirect to internal, intranet, private or loopback addresses.

URL
We recommend only redirecting to secure HTTPS pages. When using iframes, some web browsers will refuse to redirect to non-secure pages as a security measure.
Warning
Both “STR-13” and the URL of the redirect need to be included in the string used to generate your request site security hash. Failure to do so will result in the customer being shown an “Invalid details” error message.
Info
If the only rule for redirects enabled on your site is STR-13, it will be triggered in all error cases (including declines).

 

If STR-13 AND STR-7 are enabled, all errors will cause STR-13 to be triggered EXCEPT in a declined final state, where STR-7 is triggered instead.

 


 

Fields returned

URL redirects using system rules will include the following fields of information, by default:

 

If request site security is enabled on your site, the redirect will also include the response site security hash (this is covered in further detail below).

 

Click here to learn how to include extra fields in the redirect

If you would like to include additional fields, you can update your POST to include stextraurlredirectfields. The following example will include the billing first name, last name and email address in a redirect, in addition to the default fields listed above:


<form method="POST" action="<DOMAIN>/process/payments/choice">
...
<input type="hidden" name="ruleidentifier" value="STR-6">
<input type="hidden" name="successfulurlredirect" value="http://www.yourwebsite.com/successful">
<input type="hidden" name="stextraurlredirectfields" value="billingfirstname">
<input type="hidden" name="stextraurlredirectfields" value="billinglastname">
<input type="hidden" name="stextraurlredirectfields" value="billingemail">
...
<input type="submit" value="Pay">
</form>

Replace <DOMAIN> with a supported domain. Click here for a full list.

 

Important: The names of all additional fields to be returned in the redirect need to be included in the string used to generate your request site security hash. Failure to do so will result in the customer being shown an “Invalid details” error message.

 


 

Response site security

If request site security is enabled on your site, you will also receive a hashed responsesitesecurity value in any redirects sent to your system. We strongly recommend that you recalculate the responsesitesecurity hash returned, to ensure it has not been modified by a customer or third party and that the fields were sent by Trust Payments.

 


 

Advanced

Using the MyST Rule Manager, you can configure redirects that happen in other scenarios.

Click here for further information.

 


 

Tick
Your progress

Now you have configured redirects, we recommend configuring notifications that inform you of when transactions have been processed on your site.