Vault & Proxy Model
The Vault & Proxy model treats Hyperswitch as a secure "pipe." You maintain full control over the orchestration logic and the specific API calls sent to processors.
How it Works
Tokenization (Vault): Sensitive payment data is sent directly from the client to the Hyperswitch Vault. You receive a non-sensitive token in return.
Custom Orchestration: Your backend decides exactly when and where to process the payment.
Secure Passthrough (Proxy): When you are ready to charge, you send the request to the Hyperswitch Proxy API, targeting the processor's native endpoint.
Redaction & Injection: The Proxy identifies the token in your payload, injects the real card data from the Vault, and forwards the full request to the processor.
This model is ideal if you are planning to keep existing processor integrations (e.g., direct calls to Checkout.com or legacy gateways) but need to remove raw card data from your systems to reduce PCI scope.
Integration Flavors
You can implement this model using two primary combinations:
Last updated
Was this helpful?