API release notes 2022-04
Planned for development
Infrastructure
As an emergency change we are disabling TLS 1.0 and 1.1. support. From 2022-04-19 to access api.connectpay.com and api2.connectpay.com, you will have to use TLS 1.2
Merchant API
API |
Version |
Change type |
Feature |
Details |
Release to Stage |
Planned release to Prod |
---|---|---|---|---|---|---|
2 |
non-breaking change, improvement |
CARD method added to payment initiation |
One-time payment by cardholders will be possible for merchants in Accepts Payments service. |
2022-03-22 |
2022-03-29 |
|
2 |
non-breaking change, improvement |
|
This parameter let’s end-user to skip “Review and confirm” page if same details are provided in e-shop. Less steps for user to make while initiating a payment. |
2022-04-05 |
2022-04-12 |
Released to Stage
Authorization API
API |
Version |
Change type |
Feature |
Details |
Release to Stage |
Planned release to Prod |
---|---|---|---|---|---|---|
1 |
Breaking change, Improvement |
Changing name of Customer Name property |
To identify Customer in tokens, we were using property Note, that API version will stay the same. |
2022-04-12 |
2022-07-12 |
Merchant API
API |
Version |
Change type |
Feature |
Details |
Release to Stage |
Planned release to Prod |
---|---|---|---|---|---|---|
Initiate payment API |
2 |
Breaking change, new feature. |
OAuth security model replaced with Basic Authorization and request signature.
|
QWAC certificate validation is eliminated; OAuth token generation and usage eliminated; No actions needed for MAR in Online Banking for renewing access tokens; 2-way TLS (mTLS) channel is changed to 1-way TLS channel; Digital signature added to each request. Required keys for signing provided by ConnectPay (or you can generate them by yourself if it is more convenient); Added Basic Authorization model to secure APIs For all our clients to have efficient integration, we are planning to retire our Merchant API version 1. Preliminary plan is to retire it on 2022-06-15. |
2022-03-08 |
2022-03-15 |
Released to Production
Account Services API
API |
Version |
Change type |
Feature |
Details |
Released to Stage |
Released to Prod |
---|---|---|---|---|---|---|
2 |
Bugfix |
Fixed sorting order case validation |
If |
2022-02-14 |
2022-02-21 |
|
3 |
Breaking change, Improvement |
Changing name of Name property |
To provide additional means of account identification, we were using property Currently, request with |
2021-11-16 |
2021-11-23 |
Merchant API
API |
Version |
Change type |
Feature |
Details |
Release to Stage |
Planned release to Prod |
---|---|---|---|---|---|---|
Initiate payment API |
2 |
Breaking change, new feature. |
New basic security feature to authorization |
QWAC certificate validation is eliminated; OAuth token generation and usage eliminated; No actions needed for MAR in Online Banking for renewing access tokens; 2-way TLS (mTLS) channel is changed to 1-way TLS channel; Digital signature added to each request. Required keys for signing provided by ConnectPay (or you can generate them by yourself if it is more convenient); Added Basic Authorization model to secure APIs For all our clients to have efficient integration, we are planning to retire our Merchant API version 1. Preliminary plan is to retire it on 2022-06-15. |
2022-03-08 |
2022-03-15 |
Authorization API
API |
Version |
Change type |
Feature |
Details |
Release to Stage |
Planned release to Prod |
---|
API |
Version |
Change type |
Feature |
Details |
Release to Stage |
Planned release to Prod |
---|---|---|---|---|---|---|
Get Secured Authorization (authorize PSD2 AIS Consent)
|
1,2 |
non-breaking change, improvement |
User is locked after 5 wrong password login attempts |
We implemented limitation on wrong password attempts due to security reasons. User account will be locked if 5 wrong attempts are used for password when calling Authorization APIs. |
2022-03-08 |
2022-03-15 |
|
1,2 |
non-breaking change, improvement |
User is locked after 5 wrong SMS OTP attempts |
We are implementing limitation on wrong SMS OTP attempts due to security reasons. User account will be locked if 5 wrong attempts are used for SMS OTP when calling Authorization APIs. |
2022-03-22 |
2022-03-29 |
Payment Services API
API |
Version |
Change type |
Feature |
Details |
Release to Stage |
Planned release to Prod |
---|---|---|---|---|---|---|
3 |
Breaking change, Improvement |
Payment authorization successful request response code changed from 200 to 202 |
Using response code |
2022-03-22 |
2022-03-29 |
PSD2 PIS API
API |
Version |
Change type |
Feature |
Details |
Release to Stage |
Planned release to Prod |
---|---|---|---|---|---|---|
Initiate Payment
|
1 |
non-breaking change, improvement |
User is locked after 5 wrong password login attempts |
We implemented limitation on wrong password attempts due to security reasons. User account will be locked if 5 wrong attempts are used for password when calling PSD2 Initiate Payment API |
2022-03-08 |
2022-03-15 |
Initiate Payment
|
1 |
non-breaking change, improvement |
User is locked after 5 wrong SMS OTP attempts |
We are implementing limitation on wrong SMS OTP attempts due to security reasons. User account will be locked if 5 wrong attempts are used for SMS OTP when calling PSD2 Initiate Payment API |
2022-03-22 |
2022-03-29 |