Developing your hosted payment gateway integration
The Hosted Payment SDK helps you connect an existing hosted payment page to a Shopify store. Shopify checkout redirects visitors to the payment page that you provide using predefined request values. After the visitor completes the payment, they are redirected back to Shopify with predefined response values and an order status page is displayed.
It is the responsibility of the payment gateway provider to build a page that handles these requests.
Hosted Payment Simulator
A hosted payment simulator built in Sinatra is available here. Follow the instructions available on the GitHub repository or below to test the simulator. This should give you a good idea of how Hosted Payment integrations work.
Using the Hosted Payment Simulator
To run a test transaction with the Hosted Payment Simulator:
Add a payment gateway or change the “Redirect URL” of your gateway to
Your gateway will now be available in your development store (see "Creating a development store") under the Credit Cards drop-down list or Alternative Gateways drop-down list. Find it and activate it using these credentials:
- Username - any non-empty value
- Password / HMAC Key - iU44RWxeik
This gateway will now be available in your development store Shopify Checkout and will redirect customers to
Complete a test purchase on your shop. If you don't have any products in your test store, then you might need to add one before you can complete a test purchase.
At the end of checkout you should be redirected to the simulator. This will let you get familiar with the various redirects and callback.
Gateway signing mechanism
All requests and responses must be signed/verified using HMAC-SHA256 where:
keyis a value known to both the Shopify merchant and you. This is typically the "Password" field for the merchant.
messageis a string of all key-value pairs that start with
x_prefix, sorted alphabetically, and concatenated without separators.
Assuming your HMAC key is "iU44RWxeik", the signing mechanisms would look like this:
You can use the provided Signature Calculator to confirm that your signature generation function is working appropriately.
A working example of HMAC-SHA256 signing is available in our Hosted Payment Simulator GitHub repository.
If your integration looks like it is working, you can now add your payment gateway to your Shopify Partners account before publishing it.