Step-by-step instructions for the technical integration of the chargeback system
Overview
Chargeback
API
conform to representational state transfer (REST) design principles. They have predictable resource-oriented URLs, accept json-encoded request bodies, return JSON-encoded responses, use standard HTTP response codes and authentication.
All data sent to Chargebackhit with the upload API must be in a JSON string format that is capable of parsing back to JSON.
The main steps of the integration are:
Technical integration with Chargebackhit
Testing:
Sandbox account
Production account
Account settings
Steps 1-2 are recommended to be performed by the developer and step 3 by the account holder.
Step 1 - Login Information
Receive an invitation to work email with account credentials for the merchant portal hub
Get API keys (public and secret key) obtained from the
Guide
This page with settings for Chargebackhit users to configure their preferences.
“Settings”
page
Step 2 - Notification URL
Create and provide notification URL for:
Sandbox account
Production account
You can also set and change URLs in the portal inside
Guide
This page with settings for Chargebackhit users to configure their preferences.
“Settings”.
Step 3 - Signature Creation
The value of a signature is a base64-encoded value of hash function SHA-512. For the encryption key, the Secret Key will be applied. The following string will be used for signature data:
The signature allows the merchant system to verify the source and the integrity of the notification details transmitted between the Merchant and Chargebackhit.
The merchant will apply the Public Key and Secret Key to calculate the signature.
Headers of each request are to be placed in the following:
Parameter
Description
Example
signature
Signature of the request allows verifying whether the request is genuine.
MjNiYjVj…ZhYmMxMzNiZDY=
public_key
Unique identification, which will be shared at the moment of registration along with the Private Key.
The merchant is initially configured for working via a test environment and can check the Integration with a set of test alerts, which can be generated manually in the sandbox account in the alerts section:
The merchant can go live after integration is completed, and UAT testing is passed.
Step 6 - Matching and response
To address the alerts (refund, provide the response, etc.), firstly, we need to match the alerts to the exact transaction in the merchant’s database/CRM.
It is a straightforward process, but in some cases, we need to apply
Guide
Internal logic for quick matching of alert data by the system in real-time.
specific matching algorithm
.
Timeouts
When integrating Chargebackhit into your workflows, you need to consider how long you can wait for a response from our system.
In an API-based service, timeouts define the total time available to process and respond to a request. By total time, we mean the time it takes for your request to get to our servers, be processed and responded to, and the response to return to your server.
The response time includes three main components:
Network latency
The delay in communicating over a network with our APIs.
Data enrichment
The time to get all the values for data enrichment. Since Chargebackhit has no control over third-party servers and data sources, response times may vary.
Matching Process
The time to process all rules and custom configurations in your account to create the full API response.
SLA response time:
Inquiry - less than 2 seconds
Init-refund - is according to the rules (less than 24 hours)
For all other alert types SLA response time is not critical.