Set Up Adyen Account for Sana Pay

NOTE

When the Sana Pay payment provider is installed, it should be configured in the Adyen Customer Area and in Sana Admin. To configure the Sana Pay payment provider and payment methods, you should have the Adyen test / live account with all the necessary data.

Request the Adyen test account.

Following your test account request, you will receive login credentials. Use these credentials to log in to the Adyen Customer Area. You can also apply for a live account in the Customer Area.

Company and Merchant Accounts and Allowed Origins

Step 1: In the Adyen Customer Area click: Developers > API credentials. Click on the username link, for example ws@Company.[YourCompanyAccount].

You can find the company and merchant accounts at the bottom of the Edit Web Service User page, in the Roles and Associated Accounts section, on the Accounts tab.

Make sure that your company and merchant accounts are activated.

For more information, see API permissions on the Adyen website.

Step 2: In the Allowed origins section add your web store URL.

For more information, see Allowed origins on the Adyen website.

Set Up Standard Notification Settings

NOTE

If you have multiple web stores, we recommend to create a separate merchant account for each web store and then to set up webhooks for each merchant account. In case, you have several web stores and use only one webhook, it can cause some issues with the notifications.

In the Adyen Customer Area click: Developers > Webhooks. Click on the Webhook button, find Standard notification and click Add. Configure standard notification settings as described in the table below. Use the default values for all other standard notification settings.

Settings

Values

URL

Enter the URL in the following format: {domain name}/payment/callback/SanaPay

Replace {domain name} with your web store domain name.
Examplehttps://sanastore.com/payment/callback/SanaPay

SSL Version

Select TLSv1.2.

Accept expired

Expired certificates are insecure. This option should only be used in case of compatibility issues or renewal timing issues.

Accept self-signed 

Self-signed certificates are insecure and should only be used for testing purposes.

Accept untrusted Root Certificates

Certificates signed by untrusted Certificate Authorities are insecure and should only be used for testing purposes. When this option is unchecked, it also assumes the SSL certificate has to be valid and cannot be self-signed.

Active

Select the checkbox to activate notification.

Service Version

Select 1.

Method

Select HTTP POST.

Authentication

Enter username and password for the HTTP authentication. You will also need to enter these credentials in the settings of the Sana Pay add-on in Sana Admin.

NOTE

If you don't set up authentication settings, HTTP authentication will not be used for notifications. It is recommended to use alphanumeric characters of the English language in the HTTP authentication username and password. For example, the character "ä" which is available in the German language is not supported. Please, contact Adyen support for more information.

Merchant Accounts

Add your merchant account.

Notifications Troubleshooting

In some cases, Sana may not receive notifications from Adyen. This can occur because of the following reasons:

  • Security issues of the notification. For example, HMAC was changed and the one in Sana Admin does not match the HMAC key in Adyen.

  • Adyen cannot update the payment status of the order in Sana for some reason, for example because of the connection issues or the Web server is down.

You can see your notification instances configured for Sana in the Adyen Customer Area: Developers > Webhooks. All notifications are queued. The notifications which Sana does not accept will be with the error.

If Sana does not accept the notification sent from Adyen due to the reasons listed above, then Adyen will retry sending the notification until it is accepted. Retry attempts happen regularly for up to 7 days.

In case the HMAC key was changed and the one in Sana does not match the HMAC key in Adyen, then Sana will not accept the notifications containing the old HMAC key. Therefore, these notifications need to be discarded in the queue in Adyen. Adyen will resend every notification one by one over a course of 7 days.

If you need to fix the notification immediately, you can manually accept it. Click the button Troubleshoot on the necessary notification and then click Manually accept notification. Adyen will not send this notification to Sana again and the payment status will not be updated based on this notification.

It is highly recommended not to accept notifications manually without verifying the reasons of failure. You can also use the error log to detect the issues.

Risk Rules

Adyen has a risk management system that can be set up to minimize fraud. When you set up Adyen for Sana Pay, make sure to check the risk rules in Adyen, as they can cause problems with payment processing.

One of the reasons that you cannot process payments successfully can be Adyen’s risk rules. If you test your Sana Pay installation and you cannot process payments successfully, for example you see the Order Canceled page, it might be that the Adyen’s risk rules are too strict. You can change them in the Adyen Customer Area or contact Adyen support for further assistance.