Validations and IPv6

IPv6

The PXP Financial APIs support IPv6 formatted IP addresses. But there are certain limitations that need to be considered:

  • Tokens which were created using an IPv6 address as uip (using the GET /tokens call) can be used to register a new payment account via this call under the following condition: The Clients must have an IPv4 address as well (in the rare situation that the Client is IPv6 only, the register payment account call will fail).
  • The merchants server needs to have an IPv4, otherwise all calls to the PXP Financial APIs will fail.

Validation rules

When a merchant uses the GET /tokens call to generate a token and then the register payment account call, the following rules apply.
One of the below must be true, otherwise the register payment account call will be rejected:

🚧

Browser User Agent must be sent in the GET /tokens request as separate parameter

The browser user agent has to be collected by the merchant system together with the IP address and sent as part of the GET /tokens request using API parameter/field bua.
The PXP Financial Service cannot consider the http header information for that purpose, because in a real life scenario the token request will come from the merchant IP not from the client/device browser.

Example requests:
mid=MERCHANTID&sid=SHOPID&uid=bnFbeMRrzZzttVWB&uip=73.199.7.10&mtid=d76e4844dsgd&bua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F87.0.4280.141%20Safari%2F537.36

OR

mid=MERCHANTID&sid=SHOPID&uid=bnFbeMRrzZzttVWB4&uip=2a02%3A8388%3A1a02%3A8200%3A93a%3A6058%3A13f3%3A3454&mtid=d76e4844dsgd&bua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F87.0.4280.141%20Safari%2F537.36

When a merchant uses GET /tokens call to generate a token and then the Update payment account call for the migration of a payment account to a new MID the following restriction applies or the call will be rejected: