Payments
The Payment Method SDK and /payment-methods API work in tandem with the /payments API to achieve any business objective as listed below.
Guest Checkout Flow (S2S)
Collect card details and tokenise with HS Create PM API to get a PM ID (payment_methd_id)
Use the PM ID to authorize the payment request during order confirmation
For extended sessions, where token expires before order completion, create a new PM ID with the same card details using the Create PM API
Note - The PM ID in case of guest checkout is volatile in nature and has a default expiry of 1-hour which can be extended by Merchant at a session level. For guest checkout flow the PM ID is NOT unique to Customer + Payment method combination.
Customer Checkout Flow - First Time Payment (S2S)
Create a customer with HS using the Create Customer API
Use the customer_id to tokenise the collected card details using Create PM API
Use the PM ID to authorize the payment request during order confirmation
For extended sessions, where token expires before order completion update the PM with CVV using the Update PM API and use this PM ID to complete the payment
Note - The CVV storage is volatile in nature and can be stored for 1-hour be default which can be extended by Merchant at a session level. For logged-in user checkout flow the PM ID is unique to Customer + Payment method combination.
Customer Checkout Flow - Repeat Purchase (S2S)
Fetch the stored cards for the customer using List Saved PMs API which returns the masked card details with corresponding PM ID
Update the PM ID of the user selected card along with CVV value collected from the user using the Update PM API
Use the PM ID to authorize the payment request during order confirmation
For extended sessions, where token expires before order completion update the PM again with the collected CVV and use this PM ID to complete the payment
Payment Method SDK Checkout - Guest, New Customer and Repeat Customer Flows
Create a PM session using the Session Create API to get a client secret
For guest user, pass "storage_type" as "volatile" and skip sending the Customer ID
Initialize and mount the Vault SDK using the client secret and session_id
The SDK now takes care of the following flows based on user action:
Post which the SDK submits the card details via the PM Confirm API and returns back a PM Token (short-lived) in the response
Pass this PM token to Merchant Server and exchange for a PM ID from the server using the PM token exchange API
Use this PM ID to authorize the payment request
Note - When using the HS SDK, the response always contains a temp token and you’ll need to exchange it to get the PM ID via a S2S call.
HS SDK Checkout for repeat customer - no CVV flow
Create a PM session using the Session Create API to get a client secret
Initialize and mount the Vault SDK using the client secret and session_id
The SDK lists the previously saved cards for customers to select
If the card has been vaulted previously with an MIT setup for it, CVV is not collected for it and the SDK returns back a PM Token (short-lived) in the responseNote - The PM ID in case of guest checkout is volatile in nature and has a default expiry of 1-hour which can be extended by Merchant at a session level
When using the HS SDK, the response always contains a temp token and you’ll need to exchange it to get the PM ID via a S2S call. Highlighted in detail in (4.)
Last updated
Was this helpful?