question

Bruno avatar image
Bruno asked ·

How to validate a source token (hosted iframe)

I am using the iframe integration approach.


When the source token is returned, is there any API call that I can use to check if the source token is valid?

I would like to avoid to do a pre-charge (to capture it later).

And I would like also to avoid to create/update the customer with the new source token (card on file).

Bruno


e-commerce api
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

David Marginian avatar image
David Marginian answered ·

There is no verification endpoint for tokens. However, it doesn't make much sense for there to be because non-multipay tokens are short-lived. We verify multi-use tokens before they are saved for the customer so there is no need for you to do so.

1 comment Share
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Thank you @David Marginian. I think an endpoint to validate the token could make sense. Other solutions provide (Emerge pay from Gravity payments for example).


Imagine this scenario:

- I am using a hosted iframe integration

- In the begining of the paid activity I want to collect a credit card. Since it is a iframe integration, it is the browser that receives the token.

- Then I want to provide the token to a an endpoint on our API that needs to validate it order to start the activity.

- If the token is OK, the user is alllowed to start the activity.

- Whe fininshing the activity, our server will user the token to charge the customer.


EmergePay from Gravity for example allows to begin a transaction from our servers by passing an external ID. Then, by sung the same hosted iframe approach, when the browser receives the token, the browser calls a server endpoint which will use this external ID to get the result of the transaction (in this case collect a credit card).



0 Likes 0 · ·

Welcome to the
Clover Developer Community