Ctrlk
Discuss on RedditJoin Slack CommunityContact Us

Token Led Payment

Process payments using Payment Method SDK with guest checkout, customer checkout, and repeat purchase flows via S2S APIs

The Payment Method SDK and /payment-methods API work in tandem with the /payments API to achieve any business objective as listed below.

Guest Checkout Flow (S2S)

  1. Collect card details and tokenise with HS Create PM API to get a PM ID (payment_method_id)

  2. Use the PM ID to authorize the payment request during order confirmation

  3. For extended sessions, where token expires before order completion, create a new PM ID with the same card details using the Create PM API

Note - The PM ID in case of guest checkout is volatile in nature and has a default expiry of 1-hour which can be extended by Merchant at a session level.

For guest checkout flow the PM ID is NOT unique to Customer + Payment method combination.

Customer Checkout Flow - First Time Payment (S2S)

  1. Create a customer with HS using the Create Customer API

  2. Use the customer_id to tokenize the collected card details using Create PM API

  3. Use the PM ID to authorize the payment request during order confirmation

  4. For extended sessions, where token expires before order completion update the PM with CVV using the Update PM API and use this PM ID to complete the payment

Note - The CVV storage is volatile in nature and can be stored for 1-hour by default which can be extended by Merchant at a session level.

For logged-in user checkout flow the PM ID is unique to Customer + Payment method combination.

Customer Checkout Flow - Repeat Purchase (S2S)

  1. Fetch the stored cards for the customer using List Saved PMs API which returns the masked card details with corresponding PM ID

  2. Update the PM ID of the user selected card along with CVV value collected from the user using the Update PM API

  3. Use the PM ID to authorize the payment request during order confirmation

  4. For extended sessions, where token expires before order completion update the PM again with the collected CVV and use this PM ID to complete the payment

Payment Method SDK Checkout - Guest, New Customer and Repeat Customer Flows

  1. Create a PM session using the Session Create API to get a sdk authorization

  2. For guest user, pass "storage_type" as "volatile" and skip sending the Customer ID

  3. Initialize and mount the Vault SDK using the sdkAuthorization

  4. The SDK now takes care of the following flows based on user action:

  5. Post which the SDK submits the card details via the PM Confirm API and returns back a PM Token (short-lived) in the response

  6. Pass the PM Token to the Merchant Server. You may either use it directly for payment or exchange it for a PM ID using PM token exchange API

  7. Use either the PM Token (short-lived) or PM ID (long-lived) to authorize payment request

Note - The HS SDK returns a short-lived PM Token. This can be used directly for immediate payments or exchanged via S2S to obtain a reusable PM ID for future transactions.

HS SDK Checkout for Repeat Customer - No CVV Flow

  1. Create a PM session using the Session Create API to get a sdk authorization

  2. Initialize and mount the Vault SDK using the sdk authorization

  3. The SDK lists the previously saved cards for customers to select

  4. If the card has been vaulted previously with an MIT setup for it, CVV is not collected for it and the SDK returns back a PM Token (short-lived) in the response. Note - The PM ID in case of guest checkout is volatile in nature and has a default expiry of 1-hour which can be extended by Merchant at a session level.

When using the HS SDK, the response always contains a temp token and you'll need to exchange it to get the PM ID via a S2S call. Highlighted in detail in (4.)

Last updated

Was this helpful?