Integration
- Using MyCheckout hosted payment pages
- Using your own checkout page
- Client encryption
- Non-encrypted data
Before you begin
To follow along with this guide, please ensure that you have the following ready:
- The correct API endpoint
- A way to construct the authorization header (API Explorer, SDKs, etc.)
- A way to send REST API calls (API Explorer, SDKs, etc.)
Using MyCheckout hosted payment pages
Since we host the pages ourselves and manage the card data on your behalf, you're only required to comply with PCI SAQ A standards, which are less strict than higher-level requirements.
- Make a POST /v1/{merchantId}/hostedcheckouts API call.
- Create the order object containing the following elements:
- amountOfMoney, including amount and currencyCode
- customer, including billingAddress and countryCode
Additionally, you can add hostedCheckoutSpecificInput object, featuring variant and locale properties:
- variant - the created styling of the checkout page tailored to your consumer's preferences
- locale- the language, that will be used for your hosted checkout page
For more information on customizing the MyCheckout hosted payment pages, please refer to our detailed guide.
{
"order": {
"amountOfMoney": {
"amount": 100,
"currencyCode": "SEK"
},
"customer": {
"billingAddress": {
"countryCode": "SE"
}
}
},
"hostedCheckoutSpecificInput": {
"variant": "264",
"locale": "en_GB"
}
}
{
"RETURNMAC":"ee66d1e7-f424-4bbf-a419-935dec4e1f63",
"hostedCheckoutId":"065e59de-e5c4-71ff-be4f-4994da16bd64",
"partialRedirectUrl":"pay1.preprod.checkout.worldline-solutions.com/checkout/9991-7781475d59094ee6856c4884be86ab7f:065e59de-e5c4-71ff-be4f-4994da16bd64:04405251e389400e806bd4ff4f98e34c"
}
From the response, the important properties are:
- hostedCheckoutId – can be used in subsequent API calls to retrieve the transaction details, such as GET/v1/{merchantId}/hostedcheckouts/{hostedCheckoutId}
- partialRedirectUrl – is used to create the URL to which the customer needs to be redirected (by default, we configure every account with the subdomain payment, so you can always connect https://payment. with the partialRedirectUrl, for example:
https://payment.pay1.preprod.checkout.worldline-solutions.com/checkout/9991-7781475d59094ee6856c4884be86ab7f:065e59de-e5c4-71ff-be4f-4994da16bd64:04405251e389400e806bd4ff4f98e34c
The hostedCheckoutId is only valid for 2 hours, please ensure to store the createdPaymentOutput.payment.id from the GET /v1/{merchantId}/hostedcheckouts/{hostedCheckoutId} response to be able to retrieve data after 2 hours have elapsed via the GET /v1/{merchantId}/payments/{paymentId} API call. Alternatively, we can also optionally send a webhook event that will contain it.
Using your own checkout page
You can build a direct integration using our SDKs (or integrate our API from scratch). Depending on your integration needs, there are several options available.
Client encryption
Our Client API allows you to perform various actions, such as collecting card data without being PCI SAQ D compliant. All you need is to be able to create a session via the POST/v1/{merchantId}/sessions API call, which will grant you access to the Client API.
It's highly recommended that you use our Client SDKs, provided for the following programming languages:
We also have reference implementations showing how to use these SDKs on GitHub
Non-encrypted data
Use this option if you wish to do a direct server-to-server API call and handle the card data directly. The difference with the other options is that you don't need to submit an encryptedCustomerInputproperty. After the consumer selects the payment product, you need to perform the following:
- Make a POST /v1/{merchantId}/payments API call.
- Create the order object requiring the following properties:
- amountOfMoney, including amount and currencyCode
- customer, including billingAddress and countryCode
- Create the cardPaymentMethodSpecificInput object requiring the following properties:
- paymentProductId
- card, including cvv, cardNumber, expiryDate, and cardholderName
The cardholderName is often different from the name a customer uses when registering an account. The cardholderName refers to the official name the customer uses with their issuing bank.
{
"order":{
"amountOfMoney":{
"amount":100,
"currencyCode":"SEK"
},
"customer":{
"billingAddress":{
"countryCode":"SE"
}
}
},
"cardPaymentMethodSpecificInput":{
"paymentProductId":430,
"card":{
"cvv":"123",
"cardNumber":"4111111111111111",
"expiryDate":"1233",
"cardholderName":"Foo Bar"
}
}
}
{
"creationOutput":{
"additionalReference":"00000099911009937944",
"externalReference":"000000999110099379440000100001"
},
"payment":{
"id":"000000999110099379440000100001",
"paymentOutput":{
"amountOfMoney":{
"amount":100,
"currencyCode":"SEK"
},
"references":{
"paymentReference":"0",
"providerId":"3500",
"providerReference":"27181230"
},
"paymentMethod":"card",
"cardPaymentMethodSpecificOutput":{
"paymentProductId":430,
"fraudResults":{
"fraudServiceResult":"no-advice",
"avsResult":"0",
"cvvResult":"0"
},
"card":{
"cardNumber":"411111******1111",
"cardholderName":"Foo Bar",
"expiryDate":"1233"
}
}
},
"status":"CAPTURE_REQUESTED",
"statusOutput":{
"isCancellable":true,
"isRetriable":false,
"statusCategory":"PENDING_CONNECT_OR_3RD_PARTY",
"statusCode":800,
"statusCodeChangeDateTime":"20240304114153",
"isAuthorized":true,
"isRefundable":false
}
}
}