a) Generating a payment link

Build a XML string, cypher it with the SDK appropriate to your technology, submit it to the Link Generation service, decrypt the answer with the same SDK and get a link .

Step 1: XML string

Here is the description of the chain you must build. You can copy and edit the example.

<P>

Parent element within the XML string scheme

Contains the parameters to identify the merchant in Centro de Pagos, which make the request

Merchant identifier to which the payment will be associated.
For sandbox use SNBX

Identifier of the Merchant Branch to which the payment will be associated.
For sandbox use 01SNBXBRNCH

User that generates the request. With this user the payment transaction will be processed.
For sandbox use SNBXUSR01

Access password for user authentication.
For sandbox use SECRETO

It contains the parameters with the instructions of the Merchant for register an intention to collect and link them to a payment link.

Unique / unrepeatable reference of the merchant to reconcile a payment with its business logic. Invoice or order number is suggested.

Amount to pay with 2 decimals separated by a point.

Specify the currency for the charge intention, if affiliations for both pesos and dollars ar available in the branch.
Possible values: MXN or USD .

Fixed value, must be W.

If this element is received with the value 0 , the charge made notification will be sent to the cardholder via email, with Centro de Pagos look and feel.
: 0 ó 1 .

If this item is received, it indicates the installments with which a payment can be made, when several affiliations are set in the branch.
In all cases, the cash payment option will always be available.
To force the payment to only cash, you must indicate only C .

If this element is received with the value 1 , the capture of the email will be requested in the payment form.
Valid values: 0 ó 1 .

If this element is present and is received with a date in the future, the intention of collection will be valid until the indicated date.
The default value is 3 months from the intention to collect.

If the element is present, this value will be pre-loaded in the "E-mail" field of the payment form. The cardholder can change it if so wishes. Note: the field st_correo must indicate 1 .

If this element is present, the children elements will be included data in the payment form and will be returned in the response of the result of a charge. If the "display" attribute is specified with the boolean true , these will be shown in the payment form. 

<data id="1" display="true">
  <label>Size</label>
  <value>Large</value>
</data>

Group a pair of elements of type label and value, you must specify the attribute "id" to differentiate them. Maximum 6 data of the label-value type.

Example

					<?xml version="1.0" encoding="UTF-8"?>
<P>
  <business>
    <id_company>SNBX</id_company>
    <id_branch>01SNBXBRNCH</id_branch>
    <user>SNBXUSR01</user>
    <pwd>SECRETO</pwd>
  </business>
  <url>
    <reference>INVOICE999</reference>
    <amount>2500.00</amount>
    <moneda>MXN</moneda>
    <canal>W</canal>
    <omitir_notif_default>1</omitir_notif_default>
    <promociones>C,3,6,9</promociones>
    <st_correo>1</st_correo>
    <fh_vigencia>08/09/2020</fh_vigencia>
    <mail_cliente>nospam@gmail.com</mail_cliente>
    <datos_adicionales>
      <data id="1" display="true">
        <label>Size</label>
        <value>Large</value>
      </data>
      <data id="2" display="false">
        <label>Color</label>
        <value>Blue</value>
      </data>
    </datos_adicionales>
  </url>
</P>


You will find the XSD and code examples to validate it with your server in GitHub 


				

				

				

					

						Step 2: Encrypting the string
					

					

					

						Once you have built the chain in clear, you can cypher it in
						AES-128, with the appropriate SDK to your server, which you can
						obtain in GitHUB.
					

					

						

							
							

								
String used as a key to
									encrypt the request.

								

									For sandbox use
									5DCC67393750523CD165F17E1EFADD21
								

							

						

					

					
The developer will receive the productive
						credentials of the merchant administrator.

					
Example

					

					
					

					
					

						

							
								import AESCrypto
String originalString ="[USE THE CHAIN OF EXAMPLE ONE]";
String key = "5DCC67393750523CD165F17E1EFADD21";
String encryptedString = 
  AESCrypto.encrypt(originalString, key);

							

						

						

							
								<?php
include('/AESCrypto.php'); 
$originalString = '[USE THE CHAIN OF EXAMPLE ONE]';
$key = '5dcc67393750523cd165f17e1efadd21'; //128 bits key
$encryptedString = AESCrypto::encriptar($originalString, $key); 
?>
							

						

						

							
								using AESCrypto.cs
string originalString ="[USE THE CHAIN OF EXAMPLE ONE]";
string key = "5DCC67393750523CD165F17E1EFADD21";
string encryptedString =
  AESCrypto.encrypt(originalString, key);
string finalString = encryptedString.Replace("%", "%25").Replace(" ", "%20").Replace("+", "%2B").Replace("=", "%3D").Replace("/", "%2F");
							

						

						

							
								import AESCrypto.py
originalString ='[USE THE CHAIN OF EXAMPLE ONE]'
key = '5DCC67393750523CD165F17E1EFADD21'
encryptedString = AESCipher(key).encrypt(originalString)
							

						

					

					

						
					

					

				

				

				

					

						Step 3: Link Generation Service
					

					

					
					

						To guarantee the security in the transmission of information,
						Centro de Pagos has HTTPS servers which use the Transport Layer
						Security TLS protocol v1.2 as a secure transport protocol to carry
						out transactions. For its part, the merchant must also have TLS v1.2
						servers, to ensure the secure exchange of information when making
						transactions.
					

						
						
					
https://wppsandbox.mit.com.mx/gen

					
This Sandbox endpoint receives the request with instructions
						from the merchant to record an intention to collect. In response
						to the request to the Link Generation Service, you will get an
						encrypted response string.

					
The implementation is based on sending to the service by
						POST a string in the xml parameter with the following structure:

					
xml=
<pgs>
  <data0>Fixed string assigned to merchant</data0>
  <data>Encrypted string in AES-128</data>
</pgs>

					

						

							
							

								
Fixed chain, assigned to
									merchant.

								

									For sandbox use
									SNDBX123
								

							

						

					


					
The developer will receive the productive
						credentials of the merchant administrator.


					
Example

					

					

					

						

							
								// This implementation uses http://unirest.io/java
String encodedString = 
  URLEncoder.encode("<pgs><data0>SNDBX123</data0><data>EBo2s....SBkZDVjWW</data></pgs>", "UTF-8");
HttpResponse<String> response = 
Unirest.post("https://wppsandbox.mit.com.mx/gen")
  .header("content-type", "application/x-www-form-urlencoded")
  .header("cache-control", "no-cache")
  .field("xml"  , encodedString,
"application/x-www-form-urlencoded")
  .asString();
							

						

						

							
								// This implementation uses HttpURLConnection
String encodedString = 
  URLEncoder.encode("<pgs><data0>SNDBX123</data0><data>EBo2s....SBkZDVjWW</data></pgs>", "UTF-8");
String postParam = "xml=" + encodedString;  
  URL obj = new URL(POST_URL);
  HttpURLConnection con = (HttpURLConnection) obj.openConnection();
    con.setRequestMethod("POST");
    con.setDoOutput(true);
	OutputStream os = con.getOutputStream();
	os.write(POST_PARAMS.getBytes());
	os.flush();
	os.close();
							

						

						

							
								<?php
$encodedString = urlencode('<pgs><data0>SNDBX123</data0><data>1OJAHMRu...IJiYtY5OnyQ==</data></pgs>');
$request = new HttpRequest();
$request->setUrl('https://wppsandbox.mit.com.mx/gen');
$request->setMethod(HTTP_METH_POST);

$request->setHeaders(array(
  'cache-control' => 'no-cache',
  'content-type' => 'application/x-www-form-urlencoded'
));

$request->setContentType('application/x-www-form-urlencoded');
$request->setPostFields(array(
  'xml' => encodedString
));

try {
  $response = $request->send();

  echo $response->getBody();
} catch (HttpException $ex) {
  echo $ex;
}
							

						

						

							
								// This implementation uses http://restsharp.org v105
string encodedString = 
  HttpUtility.UrlEncode("<pgs><data0>SNDBX123</data0><data>[USE THE CHAIN OF EXAMPLE ONE]</data></pgs>");
string postParam = "xml=" + encodedString;
var client = new RestClient("https://wppsandbox.mit.com.mx/gen");
var request = new RestRequest(Method.POST);
request.AddHeader("cache-control", "no-cache");
request.AddHeader("content-type", "application/x-www-form-urlencoded");
request.AddQueryParameter(postParam, ParameterType.RequestBody);

IRestResponse response = client.Execute(request);
var content = response.Content;
							

						

					

					

						
					

					

				

				

				

					

						Step 4: Deciphering the response of the
						Generation Service
					

					

					

						Once the service response is obtained, you can decrypt it with the
						appropriate SDK to your server, and within
						<nb_url>
						you will find the payment link or URL, that you must share with
						your client to receive your payment.
					

					
Example

					

					

					

						

							
								import webPayPlus.AESCrypto
String originalString ="This is the text to be processed";
String key = "5dcc67393750523cd165f17e1efadd21";
String decryptedString = 
  AESCrypto.decrypt(originalString, key);
							

						

						

							
								<?php
include('/AESCrypto.php'); 
$originalString = 'This is the text to be processed';
$key = '5dcc67393750523cd165f17e1efadd21'; //Llave de 128 bits
$decryptedString = AESCrypto::desencriptar($originalString, $key);
?>
							

						

						

							
								using AESCrypto.cs
string originalString ="This is the text to be processed";
string key = "5DCC67393750523CD165F17E1EFADD21";
string decryptedString = 
  AESCrypto.decrypt(key, originalString);
							

						

					

					

						
					

					


					

						
							Catalog of values, element
							nb_response
						
						
							

								nb_response
								Description
								Solution
							

						
						
							

								Empty
								The request was processed correctly
								
							

							

								The request is invalid
								The string structure is invalid, contains invalid
									characters or is not correctly encrypted
								Use XSD validation
							

							

								The data of merchant, branch or user are invalid
								Authentication failed or user / branch / company status
									is not active.
								Contact MIT Attention Center
							

							

								The company does not have this service authorized,
									please contact your administrator
								Failed configuration or user / branch / company status
									is not correct.
								Contact MIT Attention Center
							

							

								It was not possible to generate the reference, please
									try later
								An error occurred while processing the request
									(exception).
								Contact MIT Attention Center
							

						
					


				

				

				

					

						Step 5: Payment link
					

					

					

						From the decrypted answer, you get the payment link in the element
						nb_url
						. With the link you can invoke the payment form with
						GET
						in a web browser, Webview of an App, or embedding within the
						commerce portal in an iframe. Thus, you have the freedom to select
						the best that suits your technology. To find more visit Publish a payment link
					


					
Example

					

					

						¡Wow!
To obtain a payment link, decrypt the response
						obtained in the previous step.
					

					

						
					

				

			

			
		

		
		

		

			

				
Continue here:

			

			

				
How to generate a link?

			

			

				

					How to publish a link?
				

			

			

				

					How to receive the response?