Send Batch Request
There are many components to making sure the transaction request body is sent securely to the Mastercard Gateway. This section goes through the essential concepts and functions you may need to use in your integration.
Uploading the batch request
The batch file is submitted via HTTP over Secure Socket Layer (SSL) protocol using the HTTP PUT method. This section contains sample code snippets written in shell scripting language. For the sample integration code, see the Downloads section.
Connection URL
The connection URL contains information identifying the Batch version (same as API version), merchant identifier, and batch name.
where:
- <versionNum> is the version of Batch
- <merchantId> is your Merchant identifier
- <batchName> is your unique name for the batch
# Configuration: Batch application
VERSION_NUM=72
HB_HOST="https://anzworldline.gateway.mastercard.com/batch"; # Configuration: Merchant MERCHANT_ID="<YOUR_MERCHANT_ID>"
MERCHANT_PASSWORD="<YOUR_MERCHANT_PASSWORD>" CONNECT_URL="$HB_HOST/version/$VERSION_NUM/merchant/$MERCHANT_ID/batch/"
If you submit a batch request to an incorrectly formatted URL, you will be redirected to a landing page displaying information on how the request should be formatted.
https://anzworldline.gateway.mastercard.com/batch
Authentication data
The Mastercard Gateway requires every batch request to be authenticated successfully. The below snippet covers how to provide authentication data (Merchant ID and API Password) with each batch request.
This code snippet shows how to set credentials in the program.
# Configuration: Batch application
VERSION_NUM=72
HB_HOST="https://anzworldline.gateway.mastercard.com/batch"; # Configuration: Merchant
MERCHANT_ID="<YOUR_MERCHANT_ID>"
MERCHANT_PASSWORD="<YOUR_MERCHANT_PASSWORD>" # Configuration: Advanced
CONNECT_URL="$HB_HOST/version/$VERSION_NUM/merchant/$MERCHANT_ID/batch/"
HTTP_HEADERS="Authorization: Basic `echo -n :$MERCHANT_PASSWORD | base64`"$'\n'" Content-Type: text/plain; charset=UTF-8"
HTTP headers
HTTP Headers provide metadata information about the batch request being sent to the the Mastercard Gateway. This snippet demonstrates the mandatory HTTP Headers that must be set for every batch request (the headers listed here must be set in addition to any authentication headers mentioned under Authentication Data, where applicable).
The character encoding of your request must include only ISO-8859-1(Latin1), or UTF-8 formats. See Ensure Character Encoding.
This code snippet shows how to set HTTP headers in the program.
HTTP_HEADERS="Authorization: Basic `echo -n :$MERCHANT_PASSWORD | base64`"$'\n' "Content-Type: text/plain; charset=UTF-8"
Uploading the message integrity code
Batch requires you to confirm the integrity of the batches you upload by providing a Message Integrity Code (MIC) for validation. The MIC must be calculated by creating a SHA-1 digest of the complete upload request body that contains the CSV NVP batch data and must be HEX encoded.
The MIC upload works as follows:
- Upload a batch to the Batch service.
- Upload the MIC to the Batch service by sending a HTTPS POST request to the following URL with the MIC HEX encoded in the request body.
where:
- <versionNum> is the version of Batch
- <merchantId> is your Merchant identifier
- <batchName> is your unique name for the batch
The batch status remains in the UPLOADED state until the MIC has been verified. - Batch validates the supplied MIC against the uploaded batch, and if it matches, the batch will be accepted for processing. If the MIC does not match it is assumed the batch is corrupted. The batch will be deleted and will need to be uploaded again.