Payment Highway PHP API Library
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

PaymentHighway PHP SDK


  • PHP 5.6.+
  • Composer


add following to composer

    "require" : 
        "solinor/paymenthighwayio" : "1.6.0"


  • \Solinor\PaymentHighway

Contains API methods. Use these to create Payment Highway API requests.

  • \Solinor\PaymentHihgway\Model

Contains Models used to inject paymentApi requests.

  • \Solinor\PaymentHihgway\Security

Contains classes used for hash calculations


Start with building the HTTP form parameters by using the FormParameterBuilder. Create an instance of the builder, then use the generate methods to receive a list of parameters for each API call.

Initializing the builder

use \Solinor\PaymentHighway\FormBuilder;

$method = "POST";
$signatureKeyId = "testKey";
$signatureSecret = "testSecret";
$account = "test";
$merchant = "test_merchantId";
$baseUrl = "";
$successUrl = "";
$failureUrl = "";
$cancelUrl = "";
$language = "EN";

$formBuilder = new FormBuilder($method, $signatureKeyId, $signatureSecret, $account,
                              $merchant, $baseUrl, $successUrl, $failureUrl,
                              $cancelUrl, $language);

Example generateAddCardParameters

$form = $formBuilder->generateAddCardParameters($accept_cvc_required = false);

For all Form objects returned by FormBuilder methods

// read form parameters
$httpMethod = $form->getMethod();
$actionUrl = $form->getAction();
$parameters = $form->getParameters(); 

// Header parameters as key => value array
foreach ($parameters as $key => $value) {
	echo $key .":". $value;

Example generatePaymentParameters

$amount = "1990";
$currency = "EUR";
$orderId = "1000123A";
$description = "A Box of Dreams. 19,90€";

$form = $formBuilder->generatePaymentParameters($amount, $currency, $orderId, $description);

Example generateGetAddCardAndPaymentParameters

$amount = "1990";
$currency = "EUR";
$orderId = "1000123A";
$description = "A Box of Dreams. 19,90€";

$form = $formBuilder->generateAddCardAndPaymentParameters($amount, $currency, $orderId, $description);

Example generatePayWithMobilePayParameters with optional parameters

$amount = "1990";
$currency = "EUR";
$orderId = "1000123A";
$description = "A Box of Dreams. 19,90€";
$exitIframeOnResult = null;
$shopLogoUrl = "";
$phoneNumber = "+3581234567"; 
$shopName = "Jaskan solki";
$form = $formBuilder->generatePayWithMobilePayParameters(
About shop logo in MobilePay
  • The logo must be 250x250 pixel in .png format.
  • MPO will show a default logo in the app if this is empty or the image location doesn’t exist.
  • Once a ShopLogoURL has been sent to MPOnline the .png-file on that URL must never be changed. If the shop wants a new (or more than one) logo, a new ShopLogoURL must be used.
  • The logo must be hosted on a HTTPS (secure) server.

Example generateMasterpassParameters

$amount = "1990";
$currency = "EUR";
$orderId = "1000123A";
$description = "A Box of Dreams. 19,90€";
$form = $formbuilder->generateMasterpassParameters($amount, $currency, $orderId, $description);

Each method returns a Form object which provides required hidden fields for the HTML form to make a successful transaction to Form API. The builder will generate a request id, timestamp, and secure signature for the transactions, which are included in the Form fields.

In order to charge a card given in the Form API, the corresponding transaction id must be committed by using Payment API.

In addition, after the user is redirected to one of your provided success, failure or cancel URLs, you should validate the request parameters and the signature.

Example validateFormRedirect

use Solinor\PaymentHighway\Security\SecureSigner;

$secureSigner = new SecureSigner(signatureKeyId, signatureSecret);

    $secureSigner->validateFormRedirect($params) // redirected get params as [ key => value] array
catch(Exception $e) {
    // Validation failed, handle here


In order to do safe transactions, an execution model is used where the first call to /transaction acquires a financial transaction handle, later referred as “ID”, which ensures the transaction is executed exactly once. Afterwards it is possible to execute a debit transaction by using the received id handle. If the execution fails, the command can be repeated in order to confirm the transaction with the particular id has been processed. After executing the command, the status of the transaction can be checked by executing the PaymentAPI->statusTransaction( $transactionId ) request.

In order to be sure that a tokenized card is valid and is able to process payment transactions the corresponding tokenization id must be used to get the actual card token.

Remember to check the result code:


Code 100 means "Request successful". Other response codes can be found:

Initializing the Payment API

use Solinor\PaymentHighway\PaymentApi;

$serviceUrl = "";
$signatureKeyId = "testKey";
$signatureSecret = "testSecret";
$account = "test";
$merchant = "test_merchantId";

$paymentApi = new PaymentApi($serviceUrl, $signatureKeyId, $signatureSecret, $account, $merchant);

Example Commit Form Transaction

$transactionId = "f23a9be0-15fe-43df-98ac-92f6a5731c3b"; // get sph-transaction-id as a GET parameter
$amount = 1999;
$currency = "EUR";

$response = $paymentApi->commitFormTransaction($transactionId, $amount, $currency ); //response is pure json run through json_decode();

Example Tokenize (get the actual card token by using token id)

$response = $paymentApi->tokenize( $tokenizationId );

Example Init transaction

$response = $paymentApi->initTransaction();

Example Debit with Token

$token = new \Solinor\PaymentHighway\Model\Token( $tokenId );

$transaction = new \Solinor\PaymentHighway\Model\Request\Transaction( $amount, $currency, $token );

$response = $paymentApi->debitTransaction( $transactionId, $transaction);

Example Revert

$response = $paymentApi->revertTransaction("transactionId", "amount");

Example Transaction Status

$status = $paymentApi->statusTransaction( $transactionId );

Example Daily Batch Report

$response = $paymentApi->getReport( $date ); //in "date('Y-M-D')" format

Example Order Status

$response = $paymentApi->searchByOrderId( $orderId );


Payment Highway API can raises exceptions and you should handle them in graceful manner.

try {
	// Use Payment Highway's bindings...
catch (Exception $e) {
  	// Something else happened

Help us make it better

Please tell us how we can make the API better. If you have a specific feature request or if you found a bug, please use GitHub issues. Fork these docs and send a pull request with improvements.