Create or Update Browser Payment Token
Request the gateway to create or update a token that references a source of funds stored with a payment provider such as PayPal.
Use this operation to initiate a browser interaction, in which the payer authorizes you to make subsequent payments against their account. For PayPal, the token wraps a PayPal Billing Agreement. Like all gateway tokens, you can:
use them for subsequent payments (PayPal calls these reference transactions)
have a token repository that includes a mix of tokenized cards, tokenized PayPal and other tokenized accounts
update a token with a different account - for example, your payer moves from PayPal to/from card as their preferred payment method, then you can retain the same token.
Your payment service provider will configure your token repository for you (see How to Configure Tokenization for details). This will determine:
If you can supply the token yourself, or if the gateway will generate one for you.
If you can update a token with a different account.
The form of the token that the gateway will generate. The generated token id is a random number. It begins with a '9' (so that is does not create a valid card number) and passes a Luhn (Mod-10) check.
When the same account is retokenized, whether the gateway return the same token or a new token.
Authentication Copied to clipboard
This operation requires authentication via one of the following methods:
- Certificate authentication.
-
Basic HTTP authentication as described at
w3.org.
Provide 'merchant.
<your gateway merchant ID>
' in the userid portion and your API password in the password portion.
Request Copied to clipboard
URL Parameters Copied to clipboard
Alphanumeric + additional characters
REQUIRED
The unique identifier issued to you by your payment provider.
This identifier can be up to 12 characters in length.
Data may consist of the characters 0-9, a-z, A-Z, '-', '_'
Min length: 1 Max length: 40Fields Copied to clipboard
String
= TOKENIZE_BROWSER_PAYMENT
FIXED
Any sequence of zero or more unicode characters.
REQUIRED
Information required by the gateway to manage interactions with a browser payment provider's website.
OPTIONAL
Additional information you can provide to control the user interaction flow presented to the payer by PayPal.
Enumeration
OPTIONAL
Indicates the action that PayPal displays to the payer prior to being redirected back to your website.
This field is only required when requesting a PayPal billing agreement.
Value must be a member of the following list. The values are case sensitive.
AGREE
After the payer has approved the billing agreement and their browser has been returned to your website, you will not process a payment against this billing agreement at that time.
AGREE_AND_PAY
After the payer has approved the billing agreement and their browser has been returned to your website, you will process a payment against this billing agreement.
Boolean
OPTIONAL
Indicates whether you want PayPal to display the shipping address to the payer on the PayPal website.
By default, the shipping address is displayed to the payer. For more detailed information about displaying the shipping address on the PayPal website, see PayPal Integration: Display/Override Shipping Address.
JSON boolean values 'true' or 'false'.
Boolean
OPTIONAL
Indicates whether you want to allow the payer to change the shipping address for the payment on the PayPal website.
By default, the payer is allowed to change the shipping address. For more detailed information about the payer overriding the shipping address on the PayPal website, see PayPal Integration: Display/Override Shipping Address.
JSON boolean values 'true' or 'false'.
Url
REQUIRED
The URL to which you want the payer's browser to be redirected on completing the payment at the payment provider's website.
The same redirect URL will be used by the gateway to redirect the payer's browser irrespective of the success or otherwise of the payment.
Ensure that the URL begins with 'https' and is longer than 11 characters.
String
OPTIONAL
A transient identifier for the request, that can be used to match the response to the request.
The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.
Data can consist of any characters
ASCII Text
REQUIRED
Identifier of the payment session containing values for any of the request fields to be used in this operation.
Values provided in the request will override values contained in the session.
Data consists of ASCII characters
OPTIONAL
Information on the shipping address including the contact details of the addressee.
OPTIONAL
The address to which this order will be shipped.
String
OPTIONAL
The city portion of the address.
Data can consist of any characters
Upper case alphabetic text
OPTIONAL
The 3 letter ISO standard alpha country code of the address.
Data must consist of the characters A-Z
Alphanumeric + additional characters
OPTIONAL
The post code or zip code of the address.
Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'
String
OPTIONAL
The state or province of the address.
Data can consist of any characters
String
OPTIONAL
The first line of the address.
For example, this may be the street name and number, or the Post Office Box details.
Data can consist of any characters
String
OPTIONAL
The second line of the address (if provided).
Data can consist of any characters
OPTIONAL
Details of the contact person at the address the goods will be shipped to.
String
OPTIONAL
The first name of the person to whom the order is being shipped.
Data can consist of any characters
String
OPTIONAL
The last name or surname of the person to whom the order is being shipped.
Data can consist of any characters
Alphanumeric + additional characters
OPTIONAL
The post code or zip code of the address the order is shipped from.
Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'
REQUIRED
Information about the payment type selected by the payer for this payment and the source of the funds.
Depending on the payment type the source of the funds can be a debit or credit card, bank account, or account with a browser payment provider (such as PayPal).
For card payments the source of funds information may be represented by combining one or more of the following: explicitly provided card details, a session identifier which the gateway will use to look up the card details and/or a card token. Precedence rules will be applied in that explicitly provided card details will override session card details which will override card token details. Each of these may represent partial card details, however the combination must result in a full and complete set of card details. See Using Multiple Sources of Card Details for examples.
OPTIONAL
Information about the source of funds when it is directly provided (as opposed to via a token or session).
For browser payments, the source of funds details are usually collected from the payer on the payment provider's website and provided to you when you retrieve the transaction details (for a successful transaction). However, for some payment types (such as giropay), you must collect the information from the payer and supply it here.
OPTIONAL
Additional details related to a Bancontact payment.
String
REQUIRED
The name of the bank account holder for the payer's bank account.
Data can consist of any characters
OPTIONAL
Additional details related to a BLIK browser payment.
String
REQUIRED
The name of the bank account holder for the payer's bank account.
Data can consist of any characters
OPTIONAL
Additional details related to GrabPay browser payment.
String
REQUIRED
The name of the account holder for the payer's GrabPay account.
Data can consist of any characters
OPTIONAL
Additional details related to an iDEAL browser payment.
When processing an iDEAL payment you can also provide the payer's bank identification code (ideal.bic),
Alphanumeric
OPTIONAL
The international Business Identifier Code (BIC) for the payer's bank account.
Data may consist of the characters 0-9, a-z, A-Z
OPTIONAL
Additional details related to Open Banking Bank Transfer.
String
REQUIRED
Identifier of the payer's bank, also known as ASPSP (Account Servicing Payment Services Provider)
Data can consist of any characters
OPTIONAL
Information about the payer's PayPal account.
It is provided to you when the payer successfully makes a payment using PayPal or when you have established a billing agreement with the payer.
OPTIONAL
Details about the agreement you have established with the payer that allows you to bill the payer's PayPal account for goods or services.
Enumeration
REQUIRED
Indicates the number of billing agreements between you and this payer.
Value must be a member of the following list. The values are case sensitive.
MULTIPLE
Indicates that you have multiple billing agreements with this payer. This means that a new agreement ID will be returned in response to each request.
SINGLE
Indicates that you have a single billing agreement with this payer. This means that the same agreement ID will be returned in response to each request.
String
OPTIONAL
Your description for the PayPal billing agreement.
This description is displayed to the payer when they are asked to approve the billing agreement.
Data can consist of any characters
String
OPTIONAL
Your name for the PayPal billing agreement.
Data can consist of any characters
OPTIONAL
Additional details related to a Przelewy24 browser payment.
String
REQUIRED
The name of the bank account holder for the payer's bank account.
Data can consist of any characters
OPTIONAL
Additional details related to a Trustly.
String
REQUIRED
The name of the bank account holder for the payer's bank account.
Data can consist of any characters
Enumeration
REQUIRED
The payment method used for this payment.
If you are passing card data (in any form) on the API, then you need to set this value, and also provide the card details in the sourceOfFunds.provided.card group. In the case of digital wallets or device payment methods, you must also populate the order.walletProvider field.
If you are making a payment with a gateway token, then you can leave this field unset, and only populate the sourceOfFunds.token field. However you can set this to CARD if you want to overwrite or augment the token data with a card security code, expiry date, or cardholder name.
Value must be a member of the following list. The values are case sensitive.
BANCANET
The payer selected the payment method BancaNet Directo.
BANCONTACT
The payer selected the payment method Bancontact.
BLIK
The payer selected the payment method BLIK.
BOLETO_BANCARIO
The payer selected the payment method Boleto Bancario.
ENETS
The payer selected the payment method eNETS.
GIROPAY
The payer selected the payment method giropay.
GRABPAY
The payer selected the payment method GrabPay.
IDEAL
The payer selected the payment method iDEAL.
KLARNA_FINANCING
The payer selected the payment method Klarna financing.
KLARNA_PAY_LATER
The payer selected the payment method Klarna Pay Later.
KLARNA_PAY_NOW
The payer selected the payment method Klarna Pay Now.
MERCADO_PAGO_CHECKOUT
The payer selected the payment method Mercado Pago Checkout.
OPEN_BANKING_BANK_TRANSFER
The payer selected the payment method Open Banking Bank Transfer.
OXXO
The payer selected the payment method OXXO.
PAYPAL
The payer selected the payment method PayPal.
POLI
The payer selected the payment method POLi.
PRZELEWY24
The payer selected the payment method Przelewy24.
SEPA
The payer selected the payment method SEPA.
SOFORT
The payer selected the payment method Sofortbanking.
TRUSTLY
The payer selected the payment method Trustly.
UNION_PAY
The payer selected the payment method UnionPay.
WECHAT_PAY
The payer selected the payment method WeChatPay.
OPTIONAL
Provide these parameters if you are a payment aggregator or facilitator and process payments on behalf of other merchants.
These merchants are referred to as your sub merchants. The sub merchant's details you provide may be displayed on the payer's cardholder statement. The gateway will use separate token repositories for each of your sub merchants
Alphanumeric + additional characters
REQUIRED
Your identifier for the sub-merchant.
Data may consist of the characters 0-9, a-z, A-Z, '-', '_', ' ', '&', '+', '!', '$', '.'
Alphanumeric
OPTIONAL
The token you supply that you wish to create or update.
You can only supply this value when creating a token if your token repository is configured to support merchant-supplied tokens.
On response, the format of the token depends on the token generation strategy configured for your repository. See Tokenization for more details.
Data may consist of the characters 0-9, a-z, A-Z
Response Copied to clipboard
Fields Copied to clipboard
ALWAYS PROVIDED
Information required by the gateway to manage interactions with a browser payment provider's website.
Url
ALWAYS PROVIDED
The URL issued by the gateway to which you must redirect the payer's browser.
Ensure that the URL begins with 'https' and is longer than 11 characters.
String
CONDITIONAL
A transient identifier for the request, that can be used to match the response to the request.
The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.
Data can consist of any characters
Alphanumeric + additional characters
ALWAYS PROVIDED
The unique identifier issued to you by your payment provider.
This identifier can be up to 12 characters in length.
Data may consist of the characters 0-9, a-z, A-Z, '-', '_', ' ', '&', '+', '!', '$', '%', '.'
Enumeration
ALWAYS PROVIDED
Summary of the success or otherwise of the operation.
Value must be a member of the following list. The values are case sensitive.
BASIC_VERIFICATION_SUCCESSFUL
The card number format was successfully verified and the card exists in a known range.
EXTERNAL_VERIFICATION_BLOCKED
The external verification was blocked due to risk rules.
EXTERNAL_VERIFICATION_DECLINED
The card details were sent for verification, but were was declined.
EXTERNAL_VERIFICATION_DECLINED_AUTHENTICATION_REQUIRED
The card details were sent for verification, but were declined as authentication required.
EXTERNAL_VERIFICATION_DECLINED_EXPIRED_CARD
The card details were sent for verification, but were declined as the card has expired.
EXTERNAL_VERIFICATION_DECLINED_INVALID_CSC
The card details were sent for verification, but were declined as the Card Security Code (CSC) was invalid.
EXTERNAL_VERIFICATION_PROCESSING_ERROR
There was an error processing the verification.
EXTERNAL_VERIFICATION_SUCCESSFUL
The card details were successfully verified.
NO_VERIFICATION_PERFORMED
The card details were not verified.
Enumeration
ALWAYS PROVIDED
A system-generated high level overall result of the operation.
Value must be a member of the following list. The values are case sensitive.
FAILURE
The operation was declined or rejected by the gateway, acquirer or issuer
PENDING
The operation is currently in progress or pending processing
SUCCESS
The operation was successfully processed
UNKNOWN
The result of the operation is unknown
ASCII Text
ALWAYS PROVIDED
Identifier of the payment session containing values for any of the request fields to be used in this operation.
Values provided in the request will override values contained in the session.
Data consists of ASCII characters
CONDITIONAL
Provide these parameters if you are a payment aggregator or facilitator and process payments on behalf of other merchants.
These merchants are referred to as your sub merchants. The sub merchant's details you provide may be displayed on the payer's cardholder statement. The gateway will use separate token repositories for each of your sub merchants
Alphanumeric + additional characters
ALWAYS PROVIDED
Your identifier for the sub-merchant.
Data may consist of the characters 0-9, a-z, A-Z, '-', '_', ' ', '&', '+', '!', '$', '.'
Errors Copied to clipboard
Information on possible error conditions that may occur while processing an operation using the API.
Enumeration
Broadly categorizes the cause of the error.
For example, errors may occur due to invalid requests or internal system failures.
Value must be a member of the following list. The values are case sensitive.
INVALID_REQUEST
The request was rejected because it did not conform to the API protocol.
REQUEST_REJECTED
The request was rejected due to security reasons such as firewall rules, expired certificate, etc.
SERVER_BUSY
The server did not have enough resources to process the request at the moment.
SERVER_FAILED
There was an internal system failure.
String
Textual description of the error based on the cause.
This field is returned only if the cause is INVALID_REQUEST or SERVER_BUSY.
Data can consist of any characters
String
Indicates the name of the field that failed validation.
This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.
Data can consist of any characters
String
Indicates the code that helps the support team to quickly identify the exact cause of the error.
This field is returned only if the cause is SERVER_FAILED or REQUEST_REJECTED.
Data can consist of any characters
Enumeration
Indicates the type of field validation error.
This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.
Value must be a member of the following list. The values are case sensitive.
INVALID
The request contained a field with a value that did not pass validation.
MISSING
The request was missing a mandatory field.
UNSUPPORTED
The request contained a field that is unsupported.
Enumeration
A system-generated high level overall result of the operation.
Value must be a member of the following list. The values are case sensitive.
ERROR
The operation resulted in an error and hence cannot be processed.