Tokenization
Note: You should be fully PCI compliant if you wish to perform tokenization requests Server-to-Server (as it requires that you collect the card data). If you are NOT fully PCI compliant, you can use the COPYandPAY tokenization tutorial to collect the payment data securely.
Tokenization allows you to store payment data for later use. This can be useful for recurring payment scenarios.
This guide describes how you can store the data using our Server-to-Server API, how you can subsequently use the stored card details and how to delete stored data.
Storing the payment data
There are two methods for creating a token:
Store the data during a payment
Store the data as stand-alone
Store the data during a payment
A payment's data can be stored at the same time as the payment by sending the createRegistrationparameter with a value of true. This is done by sending a POST request to the /v1/payments endpoint.
curl https://test.oppwa.com/v1/payments \
-d "entityId=8a8294174e918ca6014e9c6f5ae12a9c" \
-d "amount=1.00" \
-d "currency=BRL" \
-d "paymentType=DB" \
-d "paymentBrand=VISA" \
-d "card.number=4111111111111111" \
-d "card.holder=Jose da Silva" \
-d "card.expiryMonth=05" \
-d "card.expiryYear=2025" \
-d "card.cvv=123" \
-d "merchantTransactionId=Order Number 123" \
-d "customer.merchantCustomerId=12345678909" \
-d "customer.givenName=Jose" \
-d "customer.surname=da Silva" \
-d "customer.email= [email protected]" \
-d "customer.ip=123.123.123.123" \
-d "descriptor=123 Usage" \
-d "billing.city=Sao Paulo" \
-d "billing.country=BR" \
-d "billing.state=SP" \
-d "billing.street1=Rua Itapeva 547" \
-d "billing.postcode=01332000" \
-d "customParameters[product]=1 month membership" \
-d "customParameters[merchant_website]=www.store.com" \
-d "recurringType=INITIAL" \
-d "testMode=EXTERNAL" \
-d "createRegistration=true" \
-H "Authorization: Bearer OGE4Mjk0MTcyODFiOGVlMzAxMjgyOTkwNjZmNTBjZGJ8ZGVtbw=="Store the data as stand-alone
A registration (RG) can also be made by calling the /v1/registrations endpoint as a stand-alone request (i.e. without requesting a payment).
Contrary to the registration as part of a payment, you directly receive a registration object in your response. Therefore the id to reference this data during later payments is the value of field id
curl https://test.oppwa.com/v1/registrations \
-d "entityId=8a8294174e918ca6014e9c6f5ae12a9c" \
-d "paymentBrand=VISA" \
-d "card.number=4111111111111111" \
-d "card.holder=Jose da Silva" \
-d "card.expiryMonth=05" \
-d "card.expiryYear=2025" \
-d "card.cvv=123" \
-d "merchantTransactionId=Order Number 123" \
-d "customer.merchantCustomerId=12345678909" \
-d "customer.givenName=Jose" \
-d "customer.surname=da Silva" \
-d "customer.email= [email protected]" \
-d "customer.ip=123.123.123.123" \
-d "descriptor=123 Usage" \
-d "billing.city=Sao Paulo" \
-d "billing.country=BR" \
-d "billing.state=SP" \
-d "billing.street1=Rua Itapeva 547" \
-d "billing.postcode=01332000" \
-d "customParameters[product]=1 month membership" \
-d "customParameters[merchant_website]=www.store.com" \
-d "recurringType=INITIAL" \
-d "testMode=EXTERNAL" \
-H "Authorization: Bearer OGE4Mjk0MTcyODFiOGVlMzAxMjgyOTkwNjZmNTBjZGJ8ZGVtbw=="Using the stored payment data
Recurring Payment
Based on the stored account details, recurring payments become very simple to achieve. All you need to do is to add the parameter recurringTypeto your request. (see Recurring Payments):
For the initial payment request you should send the
recurringTypeparameter with valueINITIAL.For any subsequent payment you should send the
recurringTypeparameter with valueREPEATED.
Deleting the stored payment data
Once stored, a token can be deleted using the HTTP DELETE method against the registrationId
curl -X DELETE "https://test.oppwa.com/v1/registrations/{id}\
?entityId=8a8294174e918ca6014e9c6f5ae12a9c\
&testMode=EXTERNAL" \
-H "Authorization: Bearer OGE4Mjk0MTcyODFiOGVlMzAxMjgyOTkwNjZmNTBjZGJ8ZGVtbw=="Last updated