taler-docs

Documentation for GNU Taler components, APIs and protocols
Log | Files | Refs | README | LICENSE
commit b53697f7d58b0d2527eed98a3b0bbd12b58258ae
parent 09f3e157479b36aab3099607b285d3f4a3e91fad
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sun,  9 Nov 2025 22:01:50 +0100

clarify #10568: public GET /orders/ is not just for wallets, but both GET endpoints can return the URLs

Diffstat:

Mcore/api-merchant.rst | 23++++++++++++++++++-----


1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/core/api-merchant.rst b/core/api-merchant.rst
@@ -873,8 +873,14 @@ Querying payment status
 
 .. http:get:: [/instances/$INSTANCE]/orders/$ORDER_ID
 
-  Query the payment status of an order. This endpoint is for the wallet.
-  When the wallet goes to this URL and it is unpaid,
+  Query the payment status of an order. This endpoint is for the wallet
+  and possibly for Web shops and other integrations that need an
+  unauthenticated way to query the order status (like when checking
+  it from JavaScript from inside the customer's browser). It is also
+  possible to just redirect a browser to this URL to initiate the
+  payment process.
+
+  When a client (usually a wallet) goes to this URL and it is unpaid,
   it will be prompted for payment.
   This endpoint typically also supports requests with the "Accept" header
   requesting "text/html".  In this case, an HTML response suitable for
@@ -3315,9 +3321,16 @@ Creating orders
   .. note::
 
     This endpoint does not return a URL to redirect your user to confirm the
-    payment.  In order to get this URL use :http:get:`[/instances/$INSTANCE]/orders/$ORDER_ID`.  The
-    API is structured this way since the payment redirect URL is not unique
-    for every order, there might be varying parameters such as the session id.
+    payment.  To get this URL use either
+    :http:get:`[/instances/$INSTANCE]/orders/$ORDER_ID` (with
+    ``taler_pay_uri`` in the `StatusUnpaidResponse`), or
+    :http:get:`[/instances/$INSTANCE]/private/orders/$ORDER_ID` with the
+    ``taler_pay_uri`` in the `CheckPaymentUnpaidResponse`). That said,
+    it is also possible to construct the URL by combining the base URL
+    with the information from the `PostOrderResponse`.
+    The API is structured this way since the payment redirect URL is not
+    unique for every order: there might be varying parameters such as the
+    session id.
 
   **Required permission:** ``orders-write``