One-Click Payments
One-Click Payments utilize a previously generated payment token to prefill payment details for credit card or invoice payments pages - which means that the payer don’t need to enter these details for every purchase.
Introduction
For card and invoice payments, the payment flow and
implementation varies from your default only being the use of a paymentToken
.
The details in this section describe explicitly the parameters that must be set
to enable one-click purchases.
API Requests To Generate paymentToken
When making the initial purchase request, you need to generate a paymentToken
.
You can do this either by by setting the generatePaymentToken
field to
true
(see example below) when doing a card purchase, or set the initial
operation to Verify
.
generatePaymentToken field
1
2
3
4
5
6
{
"generatePaymentToken": true,
"payer": {
"payerReference": "AB1234",
}
}
Finding paymentToken value
When the initial purchase is successful, a paymentToken
is linked to
the payment. You can return the value by sending a GET
request towards the
payment resource (expanding either the authorizations or verifications
sub-resource), after the payer successfully has completed the purchase. The two
examples are provided below.
Request Towards Authorizations Resource
1
2
3
GET /psp/paymentorders/7e6cdfc3-1276-44e9-9992-7cf4419750e1/verifications HTTP/1.1
Host: api.externalintegration.payex.com
Authorization: Bearer <AccessToken>
Request Towards Verifications Resource
1
2
GET /psp/paymentorders/7e6cdfc3-1276-44e9-9992-7cf4419750e1/authorizations HTTP/1.1
Authorization: Bearer <AccessToken>
You need to store the paymentToken
from the response in your system and keep
track of the corresponding payerReference
in your system.
Returning Purchases
When a known payer (where you have attained a payerReference
or similar)
returns to your system, you can use the paymentToken
, using already stored
payment data, to initiate one-click payments. You will need to make a standard
purchase, following the sequence as specified in the Redirect or Seamless View
scenarios for credit card and financing invoice. When
creating the first POST
request you insert the paymentToken
field. This must
be the paymentToken
you received in the initial purchase, where you specified
the generatePaymentToken
to true
.
See the Features section for how to create a card and invoice payment.
Abbreviated code example:
Request
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
POST /psp/paymentorders/7e6cdfc3-1276-44e9-9992-7cf4419750e1 HTTP/1.1
Host: api.externalintegration.payex.com
Authorization: Bearer <AccessToken>
Content-Type: application/json
{
"payment": {
"operation": "Purchase",
"intent": "Authorization",
"paymentToken": "5a17c24e-d459-4567-bbad-aa0f17a76119"
},
"creditCard": {
"noCvc": true
}
}
Required | Field | Type | Description |
---|---|---|---|
check | payment |
object |
The payment object. |
check | └➔ operation
|
string |
Determines the initial operation, that defines the type card payment created.Purchase . Used to charge a card. It is followed up by a capture or cancel operation.Recur .Used to charge a card on a recurring basis. Is followed up by a capture or cancel operation (if not Autocapture is used, that is).Payout . Used to deposit funds directly to credit card. No more requests are necessary from the merchant side.Verify . Used when authorizing a card withouth reserveing any funds. It is followed up by a verification transaction. |
check | └➔ intent
|
string |
The intent of the payment identifies how and when the charge will be effectuated. This determine the type transactions used during the payment process.Authorization . Reserves the amount, and is followed by a cancellation or capture of funds.AutoCapture . A one phase-option that enable capture of funds automatically after authorization. |
check | └➔ paymentToken
|
string |
The paymentToken value received in GET response towards the Payment Resource is the same paymentToken generated in the initial purchase request. The token allow you to use already stored card data to initiate one-click payments. |
└➔ creditCard
|
object |
An object that holds different scenarios for card payments. | |
└─➔ noCvc
|
boolean |
true if the CVC field should be disabled for this payment in the case a stored card is used; otherwise false per default. To use this feature it has to be enabled on the contract with Swedbank Pay. |
When redirecting to Swedbank Pay the payment page will be prefilled with the payer’s card details. See example below.
Delete payment token
If you need to delete a paymentToken
, you have two options. The first is by
payerReference
, which deletes all payment, recurrence and/or unscheduled
tokens associated with the payer. The second is by paymentToken
, which only
deletes a specific token.
Please note that this call does not erase the card
number stored at Swedbank Pay.
A card number is automatically deleted six months after a successful
Delete payment token
request.
If you want card information removed at an earlier date, you need to contact
ehandelsetup@swedbankpay.dk,
verkkokauppa.setup@swedbankpay.fi,
ehandelsetup@swedbankpay.no or
ehandelsetup@swedbankpay.se;
and supply them with the relevant transaction reference or payment token.
If you want to delete tokens by payerReference
, the request and response
should look like this:
Request
1
2
3
4
5
6
7
8
9
PATCH /psp/paymentorders/payerownedtokens/<payerReference> HTTP/1.1
Host: api.externalintegration.payex.com
Authorization: Bearer <AccessToken>
Content-Type: application/json
{
"state": "Deleted",
"comment": "Comment stating why this is being deleted"
}
Response
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
HTTP/1.1 200 OK
Content-Type: application/json
{
"payerOwnedTokens": {
"id": "/psp/paymentorders/payerownedtokens/{payerReference}",
"payerReference": "{payerReference}",
"tokens": [
{
"token": "{paymentToken}",
"tokenType": "Payment",
"instrument": "Invoice-payexfinancingno",
"instrumentDisplayName": "260267*****",
"instrumentParameters": {
"email": "hei@hei.no",
"msisdn": "+4798765432",
"zipCode": "1642"
}
},
{
"token": "{paymentToken}",
"tokenType": "Unscheduled",
"instrument": "CreditCard",
"instrumentDisplayName": "492500******0004",
"instrumentParameters": {
"expiryDate": "12/2020",
"cardBrand": "Visa"
}
}
]
}
}
For single token deletions, the request and response should look like this. In
this example, the token is connected to a card. If it was an invoice connected
token, the instrumentDisplayName
would be the payer’s date of birth.
Request
1
2
3
4
5
6
7
8
9
PATCH /psp/paymentorders/paymenttokens/5a17c24e-d459-4567-bbad-aa0f17a76119 HTTP/1.1
Host: api.externalintegration.payex.com
Authorization: Bearer <AccessToken>
Content-Type: application/json
{
"state": "Deleted",
"comment": "Comment stating why this is being deleted"
}
Response
1
2
3
4
5
6
7
8
9
10
11
12
HTTP/1.1 200 OK
Content-Type: application/json
{
"paymentToken": "",
"instrument": "CreditCard",
"instrumentDisplayName": "492500******0004",
"instrumentParameters": {
"expiryDate": "12/2022",
"cardBrand": "Visa"
}
}