06.03 Merchant Public Documentation

Status: draft for discussion

1. Goal

Merchant public documentation must help merchant integrate with the new version of Payment Orchestrator.

This document does not define exact integration format, code examples, or signing details. These details are proposed by the development team together with security.

2. What Merchant Must Understand

Merchant must understand:

• how to start integration;
• how to get API key;
• how to create deposit;
• which data is required to start deposit;
• what Hosted Payment URL is;
• which transaction statuses can be received;
• which webhooks will be sent;
• how to verify webhook authenticity;
• which errors can be returned;
• how to test integration in sandbox/test flow.

3. What Must Not Be Exposed

Merchant public documentation must not expose:

• real provider names without business access;
• internal provider routing logic;
• provider raw errors;
• internal routing attempts;
• hidden platform configuration.

4. Examples

Documentation must contain clear examples for merchant developers.

Security-sensitive examples are aligned with development and security teams.

Exact languages and example format are proposed by the team separately.

5. Ownership

Product Owner is responsible for the business meaning of merchant documentation.

Development team is responsible for technical correctness of integration details.

Security team is responsible for signing, secrets, and secure integration.