Alipay+ DocsAlipay+ Docs

prepareACQP → Alipay+

POST /aps/api/v1/authorizations/prepare

The prepare API is used by the Acquiring Service Provider (ACQP) to obtain Alipay+ wallet page URL where the user is redirected to and selects a wallet for authorization. If the authorization succeeds, the authorization code is also returned to the ACQP in the redirection-back URL. 

Note: In the following sections, Mobile Payment Partner (MPP) is also known as PSP. For example, pspId refers to the ID that identifies an MPP.

Structure 

A message consists of a header and body. The following sections are focused on the body structure. For the header structure, see:

Note

Set the data type of each field (except array) as String. This means that you must use double quotation marks (" ") to enclose the field value. Examples:

  • If the data type of a field is Integer and its value is 20, set it as "20".
  • If the data type of a field is Boolean and its value is true, set it as "true". 

For optional parameters that are not required in your case, you can:

  • exclude it from the request body. 
  • set its value as null (without the double quotation marks).

Do NOT leave it empty by setting its value as ""; otherwise, an error might occur. 

Request parameters

authClientId String  REQUIRED

The unique ID that is assigned by the ACQP to identify the auth client, which is the merchant. The value of this parameter must be the same as that of the referenceMerchantId parameter. 

More information:

  • This field is an API idempotency field.See More information -- Idempotency for details.
  • Maximum length: 64 characters

authClientName String  REQUIRED

The registered legal name of the auth client. The name usually appears with the agreement on the authorization page. 

More information:

  • Maximum length: 256 characters

authClientDisplayName String  

The trade name of the auth client. The name is usually displayed on the title of the authorization page.

Specify this parameter if the value of the authClientDisplayName parameter is different from the value of the authClientName parameter. 

More information:

  • Maximum length: 64 characters

The URL for the MPP to display the auth client logo. The URL domain is provided by the auth client.

Specify this parameter if the auth client wants to display its logo on the MPP authorization page. 

More information:

  • Maximum length: 2048 characters

referenceMerchantId String  REQUIRED

The unique ID that is assigned by the ACQP to identify a merchant. 

More information:

  • Maximum length: 32 characters

authRedirectUrl URL  REQUIRED

The first part of the redirection URL that the user is redirected to after the user agrees to authorize. The complete URL consists of the values of the authRedirectUrl, the authCode, and the authState parameter.

The auth client needs to validate the consistency of the values of authState in authRedirectUrl and that in the prepare request. The following example shows a format of the complete authorization redirection URL:

Sample Code

More information:

  • Maximum length: 1024 characters

scopes Array<String>  REQUIRED

The authorization scopes, which means what resources or capabilities are authorized to the auth client. Valid values are: 

  • AGREEMENT_PAY: indicates that the auth client can use an access token to deduct funds from the user's MPP app for Auto Debit payments.
  • USER_LOGIN_ID: indicates that the auth client can obtain the desensitized user login ID for the MPP app by using the applyToken API. 

authState String  REQUIRED

A string that is generated by the auth client to represent the prepare API request. The consistency of this field and that in the redirection URL needs to be guaranteed when the authorization code is returned.

Important: Avoid using special characters in the value of this parameter. If you have to use special characters, do not encode them and pass in the value as it is. For example, if the value is 188oCeAiZOa/vipUycm+twEDuj6M91T2AtUPAVJ+EBqBU0k5ljt9cq2dw/kPYlrlCss, DO NOT encode it as 188oCeAiZOa%2FvipUycm%2BtwEDuj6M91T2AtUPAVJ%2BEBqBU0k5ljt9cq2dw%2FkPYlrlCss.  

More information:

  • Maximum length: 256 characters

terminalType String  REQUIRED

The type of the auth client terminal that initiates the authorization. Valid values are:

  • WEB: indicates that the auth client terminal is a PC browser.
  • WAP: indicates that the auth client terminal is a mobile browser.
  • APP: indicates that the auth client terminal is a mobile app.

referenceAgreementId String  

The unique ID that is assigned by the auth client to identify an authorization. The ACQP needs to map the referenceAgreementId with the related authorization information so as to obtain the related authorization information from the authNotify API request.

Specify this parameter if the value of the scopes parameter contains AGREEMENT_PAY

More information:

  • This field is an API idempotency field.See More information -- Idempotency for details.
  • Maximum length: 64 characters

osType String  

The operating system type of the auth client device. Valid values are:

  • IOS: indicates the iOS system.
  • ANDROID: indicates the Android system.

Specify this parameter if the value of the teminalType parameter is APP/WAP

osVersion String  

The operating system version of the auth client device.

Provide this parameter if you have the information. This helps Alipay+ analyze the authorization scenario.   

More information:

  • Maximum length: 16 characters

userAgent String  

The user agent of the auth client browser.

Provide this parameter if you have the information. This helps Alipay+ analyze the authorization scenario.  

More information:

  • Maximum length: 1024 characters

authNotifyUrl URL  

The URL that ACQP uses to receive the authorization information from Alipay+ via the authNotify API.

Notes

  • Required if the ACQP wants to receive the authorization notification from Alipay+. 
  • For security reasons, The URL must use HTTPS instead of HTTP. 

More information:

  • Maximum length: 2048 characters

passThroughInfo String  

The information that is passed through by the ACQP to Alipay+. The value of this parameter is in the set of key_value pairs.

Specify this parameter if the ACQP wants to pass information to the MPP. 

More information:

  • Maximum length: 20000 characters

paymentAmount Amount  REQUIRED

The amount that the ACQP requests to receive from Alipay+. The currency of the amount must be specified as the one that the ACQP uses to create the payment order.

Important: If the payment amount cannot be provided, specify a value for the paymentAmount.currency parameter and set the value of the paymentAmount.value parameter to 0

Show child parameters

settlementStrategy SettlementStrategy  REQUIRED

The settlement strategy. 

Show child parameters

userRegion String  

This parameter is used to sort the payment method list in descending order based on the relevance between the MPP and the user region on the Alipay+ wallet page. The value of this parameter is a 2-letter country/region code according to ISO 3166 Country Codes

For example, you might receive ALIPAY_CN and KAKAOPAY as supported MPPs in the result. However, you find out that the user is from South Korea based on the user's IP address or selection. In this case, KaKaoPay is placed higher on the list even though both MPPs support the transaction.

Specify this parameter if the ACQP wants to sort the payment method list on the Alipay+ wallet page based on the user region. 

More information:

  • Maximum length: 2 characters

boundWalletNames Array<String>  

The list of wallet names that have been already bound with the user account at the merchant side. 

More information:

  • Maximum length: 64 characters
  • Maximum size: 100 elements

Response parameters

result Result  REQUIRED

The result of the business processing. If the value of the result.resultCode parameter is SUCCESS, the Alipay+ wallet page URL is returned. For more information about how to handle the result of the prepare API, see How to handle the result

Show child parameters

normalUrl URL  

The Alipay+ wallet page URL that redirects users to a WAP or Web page in the browser or in the WebView.

This parameter is returned by Alipay+ if the value of result.resultCode is SUCCESS

More information:

  • Maximum length: 2048 characters

passThroughInfo String  

The information that is passed through by Alipay+ to the ACQP. The value of this parameter is in the set of key-value pairs.

This parameter is returned by Alipay+ if the MPP wants to pass information to the ACQP. 

More information:

  • Maximum length: 20000 characters
API Explorer
Sample CodesRun in Sandbox

Request

URL
Request Body

Response

Response Body

More information 

How to handle the result

You might receive different results from Alipay+. Follow the instructions below to handle the result. 

result.resultStatus

result.resultCode

URL status

Actions

S

SUCCESS

The URL is returned to the ACQP.

Obtain the authorization URL from the response.

F

Multiple possible values exist, such as

ACCESS_DENIED,

KEY_NOT_FOUND, etc.

The URL is not returned.

The request is failed, which might be caused by system defects or failures. It is recommended to monitor and check manually.

U

Multiple possible values exist, such as

UNKNOWN_EXCEPTION,

REQUEST_TRAFFIC_EXCEED_LIMIT, etc.

Unknown

Retry the prepare interface API with the same request parameter values, until a certain response result is returned.

Contact connect_support@service.alipay.com if the result remains unknown after too many retries.

No result received

Unknown

Retry the prepare interface API with the same request parameter values, until a certain response result is returned.

Contact connect_support@service.alipay.com if the result remains unknown after too many retries.

Idempotency

The authClientId parameter and the referenceAgreementId parameter are jointly used for idempotency control. For requests that are initiated with the same authClientId and referenceAgreementId, Alipay+ regards the requests as repeated and processes the requests only once. If the values of the other parameters in the repeated requests are different, Alipay+ returns the REPEAT_REQ_INCONSISTENT result code. 

Result/Error codes

CodeValueMessageFurther action
SUCCESSSSuccess

Obtain the authorization URL from the response.

ACCESS_DENIEDFAccess is denied.

It is recommended that you contact connect_support@service.alipay.com to troubleshoot the issue.

INVALID_CLIENTFThe client is invalid.

It is recommended that you contact connect_support@service.alipay.com to troubleshoot the issue.

INVALID_SIGNATUREFThe signature is invalid.

Check whether the public key, signed message, and signature algorithm are as expected.

KEY_NOT_FOUNDFThe key is not found.

It is recommended that you contact connect_support@service.alipay.com to troubleshoot the issue.

MEDIA_TYPE_NOT_ACCEPTABLEFThe server does not implement the media type that is acceptable to the client.

Use a media type that is accepted by Alipay+.

METHOD_NOT_SUPPORTEDFThe server does not implement the requested HTTPS method.

Ensure the HTTP method is POST.

NO_INTERFACE_DEFFAPI is not defined.

Check whether the request URL is correct. Ensure that the endpoint of the called API is correct.

PARAM_ILLEGALFIllegal parameters. For example, non-numeric input, invalid date.

Check whether the request parameters, including the header parameters and body parameters, are correct and valid. For more information about the parameters of each API, see the Structure section of the specific API reference topic.

PROCESS_FAILFA general business failure occurred. Do not retry.

It is recommended that you contact connect_support@service.alipay.com to troubleshoot the issue.

REPEAT_REQ_INCONSISTENTFRepeated requests are inconsistent.

Ensure the parameters in the requests are the same. 

REQUEST_TRAFFIC_EXCEED_LIMITUThe request traffic exceeds the limit.

Reduce the frequency of API calls.

UNKNOWN_EXCEPTIONUAn API call failed, which is caused by unknown reasons.

Try to recall the API.