Complete Redirect flow

Overview

The Complete Redirect flow starts after the Begin Redirect flow is completed and the user makes a payment in the issuer's web interface. The purpose of the Complete Redirect flow is to:

  1. Notify Google and the payment integrator that the payment was successful.
  2. Redirect the user back to Google, via the integrator.

How the flow works

There are three different ways for the integrator to transmit the completed payment information to Google.

  1. The integrator redirects the user to Google, adding the payment information to the redirect response.
  2. The integrator sends an HTTPS request to Google's RedirectPaymentCompleteNotification endpoint once the payment is completed.
  3. Google sends an HTTPS request to the integrator's GetRedirectPaymentStatus endpoint, and the integrator responds with the payment details.

Complete Redirect flow

The following sequence diagram shows the interaction between the user's browser, Google, the integrator, and the issuer:

Complete Redirect flow

Here is the list of objects in the above diagram:

  • User: This is the person who completed a payment.
  • Google UI: Google's web or app interface, where the customer initiated the payment.
  • Google Server: The backend server at Google which gets the completed payment details and provides the purchased goods or services to the user.
  • Payment Integrator: The payment integrator that will act as intermediary between Google and the issuer.
  • Issuer: The issuer where the user made the payment.

We assume the user just finished making a payment in the issuer's website, which triggers the Complete Redirect flow.

  1. The user completes the payment in the issuer's portal.
  2. The issuer creates a redirect URL pointing to the integrator with information about the completed payment.
  3. The issuer redirects the user to the payment integrator's backend server.
  4. The payment integrator creates a redirect response using information from the issuer's redirect.
  5. The payment integrator redirects the user to Google.
  6. The payment integrator sends a RedirectPaymentCompleteNotification to Google. This is used in case the redirect fails after the user completed the payment.
  7. If Google does not receive a redirect response or a RedirectPaymentCompleteNotification, Google will send a GetRedirectPaymentStatus call to the payment integrator, which should respond with the payment status information.
  8. Google processes the payment information provides the purchased goods or services to the user.

Redirect Payment Complete Notification

As shown in the above diagram, Google requires integrators to send a RedirectPaymentCompleteNotification to Google when the integrator determines that a redirect payment has been accepted or declined. This notification can be sent to Google before or after the user has been redirected back to Google.

If an integrator finds out about the completion (accepted or declined) of a redirect payment even several days after the begin redirect occurred, the integrator should still send a RedirectPaymentCompleteNotification to Google. These notifications help update the final status about a payment and are needed to properly handle reconciliation.

Best practices and other considerations

Safety measures

The redirect response URL will include an unencrypted redirectRequestId field, and an encrypted RedirectResponse object with the same value. Google will validate that both of these values match the requestId field sent in the redirect request.