Overview
This topic describes how to implement a tokenization-only flow.
The tokenization-only integration is suited to merchants who:
- Want to be descoped from PCI but still be in control of the complete flow from their server side.
- Perform complete 3D-Secure flows both server side and client side.
- Want to be able to choose between 3D-Secure frictionless and challenge modes.
1. Authenticate the Merchant
Generate a sessionToken by posting a /getSessionToken API server-side call, and include the checksum parameter.
Example /getSessionToken Request
{
"merchantId":"<your merchantId>",
"merchantSiteId":"<your merchantSiteId>",
"clientRequestId": "<unique request ID in merchant system>",
"timeStamp": "<YYYYMMDDHHmmss>",
"checksum": "<calculated checksum>"
}
Example /getSessionToken Response
The response returns the sessionToken, which you need for authentication in all subsequent calls in the flow.
{
"sessionToken": "7db38b03-c1ae-45fc-8fce-8a55cfa4a6e0",
"internalRequestId": 188635168,
"status": "SUCCESS",
"errCode": 0,
"reason": "",
"merchantId": "479748173730597238",
"merchantSiteId": "180083",
"version": "1.0",
"clientRequestId": "20200510165419"
}
2. Generate a ccTempToken
Perform Tokenization-only using the Nuvei Web SDK getToken() method, which tokenizes the card and cvv, and returns the ccTempToken.
You can then use ccTempToken to process the payment using the /payment API method.
Example of getToken() Request
var sfc = SafeCharge({
env: 'int', // Nuvei API environment – 'int' (integration) or 'prod' (production – default if omitted)
merchantId: '<your merchantId>', // your Merchant ID provided by Nuvei
merchantSiteId: '<your merchantSiteId>' // your Merchant site ID provided by Nuvei
sessionToken: '<sessionId>' //session token from /getSessionToken
});
var ScFields = sfc.fields({
fonts: [{
cssUrl: 'https://fonts.googleapis.com/css?family=Source+Code+Pro'
}, // include your custom fonts
],
locale: 'en' // You can set your users' preferred locale. If not provided, we try to auto-detect.
});
var style = {
base: {
fontFamily: 'Roboto, sans-serif',
color: '#045d47',
fontSmoothing: 'antialiased',
'::placeholder': {
color: '#ccb654'
}
},
invalid: {
color: '#e5312b',
':focus': {
color: '#303238'
}
},
empty: {
color: '#BADA55',
'::placeholder': {
color: '#cc3ac2'
}
},
valid: {
color: '#2b8f22'
}
};
var scard = ScFields.create('card', {
style: style
});
scard.attach(document.getElementById('card-field-placeholder'));
function main() {
sfc.getToken(scard).then(function(result) {
cardHolderName: 'john smith'
if (result.status === 'SUCCESS') {
console.log(result.ccTempToken) // pass ccTempToken to the payment API call
} else {
// handle error.
}
});
}
3. Payment with a ccTempToken
You can submit a /payment API request (3D-Secure or Non-3D-Secure) using the Nuvei client-side Web SDK using the ccTempToken returned by the getToken() method.
This example shows a Non-3D-Secure payment.
Example /payment Request (non-3D)
{
"sessionToken":"<sessionToken from /getSessionToken>",
"merchantId":"<your merchantId>",
"merchantSiteId":"<your merchantSiteId>",
"clientRequestId":"<unique request ID in merchant system>",
"amount":"200",
"currency":"USD",
"userTokenId":"<unique customer identifier in merchant system>",
"clientUniqueId":"<unique transaction ID in merchant system>",
"paymentOption":{
"card":{
"ccTempToken":"<as returned by getToken() method>",
}
},
"deviceDetails":{
"ipAddress":"<customer's IP address>"
},
"timeStamp":"<YYYYMMDDHHmmss>",
"checksum":"<calculated checksum>"
}
Last modified September 2024