1. Refund
SA
  • Overview
    • Getting Started
  • Authentication
    • Token Generation
      POST
  • Commission
    • Commission
      POST
  • HASH
    • Hash Creation
    • Hash Validation
  • Non-Secure Payment
    • Non-Secure Payment Flow
    • Non-Secure Card Payment
      POST
    • Non-Secure Pre-Authorization Payment
      POST
    • Confirm Payment
      POST
  • 3D Secure Payment
    • 3D Secure Payment Flow
    • 3D Secure Card Payment
      POST
    • 3D Secure Pre-Authorization Payment
      POST
    • Complete Payment
      POST
    • Confirm Payment
      POST
  • Non-Secure and 3D Payment with Sipay
    • Non-Secure and 3D Secure Payment with Sipay
      POST
  • Check Status
    • Check Status
      POST
  • Refund
    • Refund
      POST
  • Webhook
    • Webhook
  • Status Codes
    • Status Codes
  1. Refund

Refund

Testing
POST
/ccpayment/api/refund
This endpoint is used to request a refund for a transaction that has already been successfully completed and paid. Enables merchants to initiate a full or partial refund process in accordance with their business rules and payment provider policies. Once the request is submitted, the transaction is evaluated and processed through the payment system to ensure the appropriate refund action is applied. The outcome of the refund request is then returned to the merchant.

Partial Refunds#

For partial refund operations, the amount field must include the exact amount to be refunded.
If the full transaction amount is submitted in the refund request, the transaction status will be updated as refund.
📌
Example:
If the transaction amount is 10 TRY and a refund of 7 TRY is issued, the transaction status will be updated as partially_refund.
There is no need to send a request to a separate endpoint for void operations. For same-day transactions, void operations are processed by sending a request to the refund endpoint.
The hash key must be sent in the request.
Sample hash keys can be found in the request form panel on the side, corresponding to the selected programming language.
An example of the hash algorithm is included in the request.

Hash Parameters#

The parameters and their order to be used for the hash algorithm are as follows.
amount
invoice_id
merchant_key
app_secret

Request

Authorization
Bearer Token
Provide your bearer token in the
Authorization
header when making requests to protected resources.
Example:
Authorization: Bearer ********************
or
Body Params application/jsonRequired

Examples

Responses

🟢200Success
application/json
Body

🟠49Failed
Request Request Example
Shell
JavaScript
Java
Swift
#!/usr/bin/env bash

 

generate_hash_key() {
  local amount="$1"
  local invoice_id="$2"
  local merchant_key="$3"
  local app_secret="$4"

 

  local data="${amount}|${invoice_id}|${merchant_key}"

 

  local iv
  iv=$(openssl rand -hex 16 | openssl sha1 | awk '{print $2}' | cut -c1-16)

 

  local password
  password=$(printf "%s" "$app_secret" | openssl sha1 | awk '{print $2}')

 

  local salt
  salt=$(openssl rand -hex 16 | openssl sha1 | awk '{print $2}' | cut -c1-4)

 

  local salt_with_password
  salt_with_password=$(printf "%s" "${password}${salt}" | openssl sha256 | awk '{print $2}' | cut -c1-32)

 

  local key_hex
  key_hex=$(printf "%s" "$salt_with_password" | xxd -p -c 256)

 

  local iv_hex
  iv_hex=$(printf "%s" "$iv" | xxd -p -c 256)

 

  local encrypted_base64
  encrypted_base64=$(printf "%s" "$data" | openssl enc -aes-256-cbc -K "$key_hex" -iv "$iv_hex" -base64)

 

  local msg="${iv}:${salt}:${encrypted_base64}"
  msg="${msg//\//__}"

 

  echo "$msg"
}

 

amount="100.50"
invoice_id="INV-2026-0001"
merchant_key="test_merchant_123"
app_secret="my_secret_key_456"

 

result=$(generate_hash_key "$amount" "$invoice_id" "$merchant_key" "$app_secret")
echo "Hash Key: $result"
Response Response Example
200 - Success
{
    "status_code": 100,
    "status_description": "Refund completed successfully",
    "order_no": "VP17695816358637973",
    "invoice_id": "CPIKQUM29TXMQFF-1769581631",
    "ref_no": "602800085396",
    "ref_number": "602800085396"
}
Modified at 2026-04-29 07:20:15
Previous
Check Status
Next
Webhook
Built with