Stay organized with collections
Save and categorize content based on your preferences.
Overview
The Complete Redirect flow starts after the Begin Redirect flow is completed and the user makes a payment in the issuer's web interface. The purpose of the Complete Redirect flow is to:
Notify Google and the payment integrator that the payment was successful.
Redirect the user back to Google, via the integrator.
How the flow works
There are three different ways for the integrator to transmit the completed payment information to Google.
The integrator redirects the user to Google, adding the payment information to the redirect response.
The following sequence diagram shows the interaction between the user's browser, Google, the integrator, and the issuer:
Here is the list of objects in the above diagram:
User: This is the person who completed a payment.
Google UI: Google's web or app interface, where the customer initiated the payment.
Google Server: The backend server at Google which gets the completed payment details and provides the purchased goods or services to the user.
Payment Integrator: The payment integrator that will act as intermediary between Google and the issuer.
Issuer: The issuer where the user made the payment.
We assume the user just finished making a payment in the issuer's website, which triggers the Complete Redirect flow.
The user completes the payment in the issuer's portal.
The issuer creates a redirect URL pointing to the integrator with information about the completed payment.
The issuer redirects the user to the payment integrator's backend server.
The payment integrator creates a redirect response using information from the issuer's redirect.
The payment integrator redirects the user to Google.
The payment integrator sends a RedirectPaymentCompleteNotification to Google. This is used in case the redirect fails after the user completed the payment.
Google processes the payment information provides the purchased goods or services to the user.
Redirect Payment Complete Notification
As shown in the above diagram, Google requires integrators to send a RedirectPaymentCompleteNotification to Google when the integrator determines that a redirect payment has been accepted or declined. This notification can be sent to Google before or after the user has been redirected back to Google.
If an integrator finds out about the completion (accepted or declined) of a redirect payment even several days after the begin redirect occurred, the integrator should still send a RedirectPaymentCompleteNotification to Google. These notifications help update the final status about a payment and are needed to properly handle reconciliation.
Best practices and other considerations
Safety measures
The redirect response URL will include an unencrypted redirectRequestId field, and an encrypted RedirectResponse object with the same value. Google will validate that both of these values match the requestId field sent in the redirect request.
All rights reserved. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-09-03 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-09-03 UTC."],[[["\u003cp\u003eThe Complete Redirect flow notifies Google and the payment integrator of successful payments and redirects the user back to Google after completing a payment on the issuer's platform.\u003c/p\u003e\n"],["\u003cp\u003ePayment integrators can transmit payment information to Google through a user redirect with payment data, an HTTPS request to Google's endpoint, or by responding to Google's request for payment status.\u003c/p\u003e\n"],["\u003cp\u003eGoogle requires payment integrators to send a \u003ccode\u003eRedirectPaymentCompleteNotification\u003c/code\u003e to confirm payment acceptance or decline, ensuring reconciliation even if notification is delayed.\u003c/p\u003e\n"],["\u003cp\u003eFor security, the redirect response URL includes an unencrypted and an encrypted \u003ccode\u003eredirectRequestId\u003c/code\u003e for validation against the initial request, with the \u003ccode\u003eredirectResponse\u003c/code\u003e encrypted and signed using PGP or JWE+JWS for added protection.\u003c/p\u003e\n"]]],["The Complete Redirect flow ensures payment success notification and user redirection back to Google. The flow involves: the user completing payment on the issuer's site, the issuer redirecting the user to the payment integrator, and the integrator notifying Google via three methods: (1) redirecting the user to Google with payment details, (2) sending an HTTPS `RedirectPaymentCompleteNotification`, or (3) responding to Google's `GetRedirectPaymentStatus` request if other methods fail. This flow ensures Google receives payment status and delivers purchased goods. The integrator should also send a notification, even if delayed.\n"],null,["# Complete Redirect flow\n\nOverview\n--------\n\nThe Complete Redirect flow starts after the [Begin Redirect](/standard-payments/concepts/redirect_fop/begin-redirect-flow) flow is completed and the user makes a payment in the issuer's web interface. The purpose of the Complete Redirect flow is to:\n\n1. Notify Google and the [payment integrator](/standard-payments/reference/glossary#payment_integrator) that the payment was successful.\n2. Redirect the user back to Google, via the integrator.\n\nHow the flow works\n------------------\n\nThere are three different ways for the integrator to transmit the completed payment information to Google.\n\n1. The integrator redirects the user to Google, adding the payment information to the [redirect response](/standard-payments/v1/google-hosted-api/redirect-fop-api/complete-redirect-api#redirect_response_parameters).\n2. The integrator sends an [HTTPS request](/standard-payments/google-redirect-fop-api-v1/v1/google-redirect/redirectPaymentCompleteNotification#http-request) to Google's [RedirectPaymentCompleteNotification](/standard-payments/google-redirect-fop-api-v1/v1/google-redirect/redirectPaymentCompleteNotification) endpoint once the payment is completed.\n3. Google sends an [HTTPS request](/standard-payments/payment-integrator-redirect-fop-api-v1/v1/payment-integrator-redirect/getRedirectPaymentStatus#http-request) to the integrator's [GetRedirectPaymentStatus](/standard-payments/payment-integrator-redirect-fop-api-v1/v1/payment-integrator-redirect/getRedirectPaymentStatus) endpoint, and the integrator responds with the payment details.\n\n| **Note:** Flow #3 is only called when the request is about to time out and no response has been received.\n\n#### Complete Redirect flow\n\nThe following sequence diagram shows the interaction between the user's browser, Google, the integrator, and the issuer:\n\n| **Note:** The issuer and payment integrator can be the same entity, in which case a single redirect to Google is sufficient.\n\nHere is the list of objects in the above diagram:\n\n- **User**: This is the person who completed a payment.\n- **Google UI**: Google's web or app interface, where the customer initiated the payment.\n- **Google Server**: The backend server at Google which gets the completed payment details and provides the purchased goods or services to the user.\n- **Payment Integrator**: The payment integrator that will act as intermediary between Google and the issuer.\n- **Issuer**: The issuer where the user made the payment.\n\nWe assume the user just finished making a payment in the issuer's website, which triggers the Complete Redirect flow.\n\n1. The user completes the payment in the issuer's portal.\n2. The issuer creates a redirect URL pointing to the integrator with information about the completed payment.\n3. The issuer redirects the user to the payment integrator's backend server.\n4. The payment integrator creates a [redirect response](/standard-payments/v1/google-hosted-api/redirect-fop-api/complete-redirect-api#redirect_response_parameters) using information from the issuer's redirect.\n5. The payment integrator redirects the user to Google.\n6. The payment integrator sends a [RedirectPaymentCompleteNotification](/standard-payments/google-redirect-fop-api-v1/v1/google-redirect/redirectPaymentCompleteNotification) to Google. This is used in case the redirect fails after the user completed the payment.\n7. If Google does not receive a [redirect response](/standard-payments/v1/google-hosted-api/redirect-fop-api/complete-redirect-api#redirect_response_parameters) or a [RedirectPaymentCompleteNotification](/standard-payments/google-redirect-fop-api-v1/v1/google-redirect/redirectPaymentCompleteNotification), Google will send a [GetRedirectPaymentStatus](/standard-payments/payment-integrator-redirect-fop-api-v1/v1/payment-integrator-redirect/getRedirectPaymentStatus) call to the payment integrator, which should respond with the payment status information.\n8. Google processes the payment information provides the purchased goods or services to the user.\n\n#### Redirect Payment Complete Notification\n\nAs shown in the above diagram, Google requires integrators to send a `RedirectPaymentCompleteNotification` to Google when the integrator determines that a redirect payment has been accepted or declined. This notification can be sent to Google before or after the user has been redirected back to Google.\n\nIf an integrator finds out about the completion (accepted or declined) of a redirect payment even several days after the begin redirect occurred, the integrator should still send a `RedirectPaymentCompleteNotification` to Google. These notifications help update the final status about a payment and are needed to properly handle reconciliation.\n\nBest practices and other considerations\n---------------------------------------\n\n### Safety measures\n\nThe [redirect response URL](/standard-payments/v1/google-hosted-api/redirect-fop-api/complete-redirect-api) will include an unencrypted `redirectRequestId` field, and an encrypted [RedirectResponse](/standard-payments/google-redirect-fop-api-v1/v1/RedirectResponse) object with the same value. Google will validate that both of these values match the `requestId` field sent in the [redirect request](/standard-payments/v1/payment-integrator-hosted-api/redirect-fop-api/begin-redirect-api).\n| **Note:** The [`redirectResponse`](/standard-payments/v1/google-hosted-api/redirect-fop-api/complete-redirect-api#redirect_response_parameters) should be encrypted and signed using [**PGP**](/standard-payments/guides/connectivity/security/application-layer#pgp_encryption) or [**JWE+JWS**](/standard-payments/guides/connectivity/security/application-layer#jwe_encryption). Further, this value should be web-safe `base64` encoded."]]
