This method will fetch a particular pf record’s entitites against a pf id for the end user merchant. The merchant has to be authorized to initiate the request. The function just mentioned below should be used to generate the proper hash to go with the request.

Method URL Content-Type
POST Test: application/json
POST Production: application/json

Parameters Values Condition
Header/Authorization Bearer/string Mandatory
merchant_key string Mandatory
pf_id digits:5 Mandatory
hash_key string Mandatory


Authorization is a header key which defines verification that the connection attempt is allowed. The method should be “Bearer”


    generateSubMerchantPFHashKey($merchant_key, $pf_id, $app_secret) {
    $data = $merchant_key.'|'.$pf_id;
    $iv = substr(sha1(mt_rand()), 0, 16);
    $password = sha1($app_secret);
    $salt = substr(sha1(mt_rand()), 0, 4);
    $saltWithPassword = hash('sha256', $password . $salt);
    $encrypted = openssl_encrypt(
        "$data", 'aes-256-cbc', "$saltWithPassword", null, $iv
    $msg_encrypted_bundle = "$iv:$salt:$encrypted";
    $hash_key = str_replace('/', '__', $msg_encrypted_bundle);
    return $hash_key;
}     return $hash_key;


    "merchant_key" : "$2y$10$w/ODdbTmfubcbUCUq/ia3OoJFMUmkM1UVNBiIQIuLfUlPmaLUT1he",
    "pf_id": "10295",

Fail Response

    "status_code": 30,
    "status_description": "PF record is not found with these credentials."

Success Response

    "status_code": 100,
    "status_description": "Pf record fetched successfully.",
    "data": {
        "id": 20,
        "merchant_id": 98950,
        "pf_id": "10295",
        "name": "Mr/s. Merchant",
        "vkn": "0845486082",
        "tckn": "67890456734",
        "post_code": "34107",
        "city": "Istanbul",
        "country": "TR",
        "iso_country_code": "792",
        "url": "",
        "status": 1,
        "source": 3,
        "created_at": "2021-09-23T12:51:21.000000Z",
        "updated_at": "2021-09-23T12:51:21.000000Z"