BLIK is the most popular mobile payment system in Poland and it’s convenient and safe. It enables users to make instant payments using their banking app, entering the BLIK and confirming the transaction with the pin in the banking app.
| Payment option | Category | Countries | Currencies | Features | Integrations |
|---|---|---|---|---|---|
| BLIK | Online banking | Poland | PLN | OneClick/Without a code Partial refund Refunds Cancellation Virtual Terminal | API Payment Form Prestashop Plugin WooCommerce Plugin Magento Plugin |
How to use BLIK
After you create the order and the shopper selects BLIK on your website:
- The buyer has to enter a secure BLIK code in the payment form;
- He gets this six-digit code from his baking application and enters it on your checkout page. The BLIK code expires in 120 seconds;
- Once the shopper chooses Pay, BLIK sends a push notification to their banking app;
- The shopper must confirm the payment on their banking app within 45 seconds for the payment to go through.
Check here the instructions to perform BLIK without a code.
How it works
Before you start, you should create the order request with BLIK as payment method.
After that, you should make a BLIK purchase as detailed below:
| Environment | URL | Operation Method & Endpoint | Operation Description |
|---|---|---|---|
| PROD | api.sibsgateway.com | POST api/v1/payments/:transactionId/blik/purchase | Perform the client redirection to BLIK payment system in order to perform client code collection and payment confirmation. |
| TEST | stargate-cer.qly.site[1|2].sibs.pt | POST api/v1/payments/:transactionId/blik/purchase | Perform the client redirection to BLIK payment system in order to perform client code collection and payment confirmation. |
The message below represents the BLIK payment:
Header parameters
Request parameters
object
Object that defines the customer device information.
Not present if the object was sent in Order Creation.
String
BLIK Code. With 6 digit pattern. Mandatory for BLIK Purchase. Not present if token value is presented in request (for BLIK One Click Purchase).
Here is an example of a BLIK purchase:
Request URL:
https://stargate-cer.qly.site1.sibs.pt/api/v1/payments/{transactionID}/blik/purchaseRequest Headers:
Authorization: Digest {transactionSignature}
X-IBM-Client-Id: b4480347-9fc8-4790-b359-100a99c60ea3
Content-Type: application/json{
"info": {
"deviceInfo": {
"browserAcceptHeader": "application/json, text/plain, */*",
"browserJavaEnabled": "false",
"browserLanguage": "en",
"browserColorDepth": "24",
"browserScreenHeight": "1080",
"browserScreenWidth": "1920",
"browserTZ": "-60",
"browserUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
},
"customerInfo": [
{
"key": "customerName",
"value": "Test Name"
},
{
"key": "customerEmail",
"value": "email@provider.com"
}
]
},
"merchant": {
"merchantURL": "https://www.pay.sibs.com/eng/documentation/sibs-gateway-3//integration/server-to-server/blik/"
},
"BLIKCode": "777001"
}For testing purposes, all 6-digit BLIK codes starting with 777 (e.g., 777001) are considered valid. These codes are shared, so if any of them are temporarily invalid, please choose another code sequence starting with 777.
Upon completing the purchase operation, you should receive a pending paymentStatus.
The message below represents a response that you get from our server.
{
"transactionID": "83GdUDUv2ykTTJUzsB9G",
"execution": {
"startTime": "2023-06-20T09:20:02.862Z",
"endTime": "2023-06-20T09:20:05.048Z"
},
"paymentStatus": "Pending",
"returnStatus": {
"statusCode": "000",
"statusMsg": "Success",
"statusDescription": "Success"
},
"actionResponse": {
"data": {
"params": []
}
}
}To obtain the latest update, it is necessary to subsequently perform a “Get Status” operation.
The Authorization HTTP header is set to the Bearer token as it was used in the initial Checkout.
GET {transactionID}/statusRequest URL:
https://stargate-cer.qly.site1.sibs.pt/api/v1/payments/{transactionID}/statusRequest Headers:
Authorization: ‘Bearer <AuthToken>’
X-IBM-Client-Id: ‘<ClientId>’
Content-Type: application/jsonA successful technical response comprises of an HTTP-200 status and a returnStatus.statusCode=”000″.
Here are some examples of the possible result codes:
| Result Code | statusMsg | Description | Action |
|---|---|---|---|
| HTTP-200 | Success | Success response | N/A |
| HTTP-400 | Bad Request | The JSON payload is not matching the API definition or some mandatory HTTP headers are missing. | Please check in API Market for the correct syntax. |
| HTTP-401 | Unauthorized | On the Authorization, Bearer token is invalid/expired or not associated with the Terminal used. | Please check in SIBS Backoffice under the Credentials if the token is valid and create a new one if needed. |
| HTTP-403 | Forbidden | The ClientID set on the X-IBM-Client-Id HTTP header is not valid or does not possess a valid subscription to the API. | Please check in SIBS Backoffice under the SPG APP 2.0 if the ClientID is correct. If the problem persists contact SIBS Gateway support for a ClientID reset. |
| HTTP-405 | Method Not Allowed | The HTTP Method used is not matching any of the API definitions available. | Please check in API Market for the correct HTTP Method. |
| HTTP-429 | Too Many Requests | The API calls rate limit has been exceeded. | Please check in API Market for information on the rate limits that apply to the API. |
| HTTP-500 | Internal Server Error | The API call has failed… and its most likely on our side. | You should retry the operation, and if the problem persists contact SIBS Gateway support for assistance. |
| HTTP-503 | Service Unavailable | The API call is not currently available. Usually we are always on, but short availability issues may occur during scheduled maintenance. | You should wait and try again later. |