Best Practices

Recommendations to take into account for integration

Integration Orders API on your backend/server

We recommend generating Order using our Orders API from your server side. Order is an entity which helps capture multiple payments attempts made by customers against a single order. This helps to prevent accidental double payments, also helps in reconciling it cleanly.

Read more: Learn more about Orders API.

Check payment and order status if in doubt

We provide detailed API access so that you can confirm whether a payment has been made OR an order has been completed before rendering services to end customer. This will help you in not losing money on unpaid orders.

Verify Signature for end-to-end security

We recommend verifying signature provided by our status API OR webhook callback. This is to ensure there has been no tampering in between to fake a successful transaction on your end.

Read more: Learn how to verify payment signature

Implement Webhooks

Whenever certain transaction actions occur on your Durianpay Checkout integration, we trigger events which your application can listen to. This is where webhooks come in. A webhook is a URL on your server where we send payloads for such events. For example, if you implement webhooks, once a payment is successful, we will immediately notify your server with a payment.completed event. Here is a list of events we can send to your webhook URL.

You can specify your webhook URL on your dashboard (or through your dedicated Customer success manager) where we would send POST requests to whenever an event occurs.

Valid events

payment.completed payment.failed, payment.cancelled, order.created, order.completed

Read more: Learn how to verify payment signature