Home
Introduction
Wiza is an asynchronous plug in once and get all payment methods. Wiza allows businesses to reduce the number of efforts required to incorporate multiple payment methods into their business by integrating with one single API. All the settlements are executed by the payment processors within 24 hours time and the money is credited straight to the merchant account, giving the businesses the ability to plan the next day operations.
Host
The sandbox and production systems are accessed through the same host. To send requests to a production system use production token and to user sandbox system use sandbox token.
The Wiza host name is https://api.wiza.ao
Example:
- POST
https://api.wiza.ao/v1/hosts/paymentsto start new payment request.
Authentication
Businesses simplicity and security is our primary goals and that's why https connections and bearer API Token are essential and mandatory through every single connection. Every single business transaction requires a valid header Authorization parameter.
Authorization: <some-token-generated-at-merchant-portal>
Callback
To tighten even more the security in the response callback to your system we included a signature header which is constructed using a Signature Token that only the merchant has access and can be generated at the merchant portal tokens management page. The signature is created (signature token and raw payload body encoded) as per the secure algorithm below and should match the one sent by Wiza.
HexEncode(HMAC-SHA-256(Signature Token, raw HTTP body))
Transactions
Request a Payment
curl -XPOST "https://api.wiza.ao/v1/hosts/payments" \
-H "Content-Type: application/json" \
-H "Accept: application/json"
-H "Authorization: eyJhbGciOiJIUzI1NiJ9.eyJtZXJjaGFudF9pZCI6IjE3ZDI5ZDZiLWNhNjUtNDc1Ni1hM2UzLTQzOTY0NjI4MWQ5YSIsInRva2VuX2lkIjoiYjc2MWE3ZDYtMmQxNy00OTczLTg5NGYtZTM4ODVlYWYwNzU1IiwidHlwZSI6InBheW1lbnQiLCJleHAiOjE3MjI0NzAzNDB9.o_3z0dqXrk8f68rPeGieeMNpksSpvwSbLYmKDETa4vs" \
-d '{
"amount": "123.45",
"currency": "aoa",
"reference_id": "123456789",
"success_url": "https://where-to-redirect-in-case-of-success",
"failure_url": "https://where-to-redirect-in-case-of-failure",
"callback_url": "https://send-response-here-when-is-completed"
}
HTTP Request
POST https://api.wiza.ao/v1/hosts/payments
Headers
| Key | Value | Description |
|---|---|---|
| Content-Type | application/json | The content type expected |
| Accept | application/json | The format type expected by the server |
| Authorization | authorization-token |
The bearer authorization token |
Payload
| Name | Type | Required | Type | Description |
|---|---|---|---|---|
| amount | string | yes | payment | The amount that is required for the transaction. |
| currency | string | yes | payment | The transaction currency |
| customer | string | yes | payment | The customer cellphone or other identification required to request a payment. |
| parent_payment_id | string | yes | refund | The parent payment transaction ID the merchant wishes to refund. |
| reference_id | string | yes | both | The merchant transaction request unique id. |
| success_url | string | no | payment | Wiza APG hosted age is going to redirect to this url after 5 seconds of successful page is presented. The callback to your backend will be fired nevertheless. |
| failure_url | string | no | payment | Wiza APG hosted age is going to redirect to this url after a failure and the payment process is canceled. The callback to your backend will be fired nevertheless. |
| callback_url | string | yes | both | Wiza APG will call it back as soon the request is completed (accepted or rejected) and will send a (POST) and will stop if get any 2xx status response. |
Response
| Status | Meaning | Description |
|---|---|---|
| 303 | See Other | (The payment request was accepted by wiza hosted gateway for processing and you can open the link provided at header location. |
| 4xx or 5xx | Error | Check the error table below |
Headers
location: https://hosted.wiza.ao/?id=f3c6ff4c-3f05-4ce6-a253-28b871d682ab&nonce=7079db324f4815ceeda498ebb1261f8205721c9864a52071a738db4f7db89a1d
Example of user process
- Select payment methods
- Input phone number
- Wait while it processes
- Finished payment (at this stage the system calls back merchant callback)
When user and the payment processor finishes processing Wiza will call back the provided URL at (callback_url) with the payload at the confirm the payment section
Confirm the Payment
curl -XPOST "https://merchant-provided-payment-callback-url" \
-H "Content-Type: application/json" \
-H "Accept: application/json"
-H "signature: aoiufsd98f7sdfkjshdf87d6fsdjhgdu6fd90fdf0988fgd" \
-d '{
"id": "f3c6ff4c-3f05-4ce6-a253-28b871d682ab",,
"currency": "aoa",
"amount": "1000.54",
"status": "accepted",
"status_reason": "2000",
"status_datetime": "2023-03-21T15:28:28.355Z",
"currency": "aoa",
"customer": "912123123",
"reference_id": "123456789",
"processor": "gpo"
}
HTTP Request
POST https://merchant-provided-payment-callback-url
Headers
| Key | Value | Description |
|---|---|---|
| Content-Type | application/json | The content type expected |
| Accept | application/json | The format type expected by the server |
| signature | aoiufsd98f7sdfkjshdf87d6fsdjhgdu6fd90fdf0988fgd |
The signature generated with signature token and raw payload |
Payload
| Name | Type | Description |
|---|---|---|
| id | uuid | Wiza transaction ID |
| amount | string | The transaction amount. |
| status | string | The transaction status which could be accepted or rejected |
| status_reason | string | The transaction status code reason why the transaction was rejected check table for more details. |
| status_datetime | string | The time in ISO that the transaction was finalized (accepted or rejected) |
| currency | string | The transaction currency. |
| customer | string | The customer cellphone or other identification used to confirm the payment |
| reference_id | string | The merchant transaction unique transaction id. |
| processor | string | The payment provider used by the customer. |
Response
This callback is a fire and forget. It is the merchant responsability to guarantee the proper endpoint that accepts the callback request
| Status | Meaning | Description |
|---|---|---|
| 2xx | Success | The callback was successfully accepted by the merchant system. |
| 4xx or 5xx | Failed | The callback was not successful and Wiza may try again later |
Sandbox
When using Wiza payments API with a sandbox token the payment scenarios uses a very specific phone numbers to simulate the successful and rejection transactions status.
The processes for callback, signature and any other requirement specified previously still apply just like it would when using production token.
| Scenario | Number | Notes |
|---|---|---|
| Accepted | 900000000 | This scenario simulates a successful payment confirmation |
| Rejected | 900002004 | This scenario simulates a failed payment confirmation because user failed to accept within time limit. |
| Rejected | 900003000 | This scenario simulates a failed payment confirmation because user rejected it. |
| Rejected | 9xxxxxxxx | In case of the use of any other number this scenario would cover it and always respond with processor error 4000 |
Status Codes
Wiza API uses the following status codes:
| Code | Meaning |
|---|---|
| 9000 | Unknown Error / Erro Desconhecido |
| 4004 | Transaction Expired / Transacção Expirada |
| 4003 | Processor Unavailable / Processador Indisponível |
| 4000 | Processor Error / Erro no Processador |
| 3006 | Amount lower than minimum limit / Valor abaixo do liminte minimo |
| 3005 | Invalid PIN / PIN Inválido |
| 3004 | Invalid Confirmation / Confirmação Inválida |
| 3003 | Request Timed out / Tempo Expirado |
| 3002 | Rejected by the customer / Rejeitado pelo cliente |
| 3001 | Insufficient funds / Saldo insuficiente |
| 3000 | Invalid or disabled account / Conta inválida ou desactivada |
| 2000 | Successful / Sucesso |