Settings for the redirect page (callback_redirect)

General requirements

  • Callbacks often fail because of caching services. You should disable caching services like CloudFlare, Varnish, etc.
  • All image, link, stylesheet, and form elements must use double quotes for attributes. For example

    <img href="image.png"/>
  • To prevent fraud attempts, the callback page must not accept traffic from any source but AltaPay's gateway. AltaPay's outgoing IP address is,,,,,,, or 2a10:a200::/29). You can do this, for example, using the following .htaccess file: 

    order deny,allow

    deny from all

    allow from <valid outgoing IP address>

  • Encode the page using UTF-8, or use HTML entities.
  • The maximum size for resources, for example, HTML, images, or CSS Files is 2 MB.

  • Resources must have the appropriate content type. See Supported Resource Content Types.
  • Verify that all parameters posted to the callback page are accurate to ensure that a fraud attempt has not been made.

  • Callback URLs must only use ports 443 and 80.

Specific requirements for the redirect page (callback_redirect)

  • Your payment page must contain a single div element with id PensioPaymentForm, <div id="PensioRedirectForm">, for example:

    • <div id="PensioRedirectForm">
      	All content in here will be replaced by the actual redirect form
  • The <div> element must not be placed in a <form> element.