Creating and Using Token Links
Token links enable non-PCI compliant merchants to tokenize a customer's payment information to be used in future transactions without requiring the customer to submit an initial payment through AndDoneJS.
Token links enable non-PCI compliant merchants to tokenize a customer's payment information to be used in future transactions without requiring the customer to submit an initial payment through AndDoneJS. Token links are typically used in scenarios where a customer wants to set up recurring payments with a non-PCI compliant merchant.
The token link process is as follows:
- The customer elects to save their payment information with the merchant for use in future transactions.
- The merchant generates a token link using the POST Create Token Link API.
- The merchant shares the token link URL with the customer through Email, SMS, social media or other method.
- The customer accesses the token link URL and is directed to a secure token link form. The customer enters and submits their payment account details in the secure token link form.
- The payment processor or issuer generates a unique account token representing the customer's account information. This token is a random alphanumeric sequence that has no intrinsic meaning or value. The account information is securely stored with the issuer or acquirer in compliance with PCI standards.
- The account token is returned to the merchant's server via webhook notification.
Creating a Token Link
Create a Token Link by calling the POST Create Token Link API. This section describes how to set the request parameters.
Merchant ID
Set the merchantID parameter to your unique Merchant ID, also known as env_merchantId or x-app-key.
Merchant Reference (title)
The Merchant Reference is a unique ID assigned to the token link by the merchant. Set the merchant reference number in the title parameter.
“title”: “TL-10460327350978”,Note: The title parameter is required and must be unique per merchant in order to generate a token link.
Accepted Payment Types
Set the PaymentTypes parameter to indicate the accepted methods of payment that the customer can use to create an account token.
"intent": {
"PaymentTypes": [
"ACH",
"CreditCard",
"DebitCard"
]
}Token Link Expiration
Each token link is required to have a defined expiration period after which the link is no longer valid and cannot be accessed by the customer. The expiration time unit (minutes, hours, days, or weeks) is set in the expireInUnit parameter.
1- minutes2- hours3- days4- weeks
The expiration period is set in the expireIn parameter. In the following example, the token link is set to expire in 7 days.
"expireIn": "7",
"expireInUnit": 3,Customer Billing Address
The customer's name, address, phone and Email address should be collected by the merchant prior to generating the token link. This information is passed in the customers object.
"customers": [
{
"firstName" : "Suyash",
"lastName" : "Wagh",
"email" : "[email protected]",
"phone" : "4842989304",
"phoneCountryCode" : "+1",
"address" : {
"AddressLine1" : "4283 Sugar Camp Road",
"AddressLine2" : "Owatonna",
"City" : "Owatonna",
"State" : "MN",
"Country" : 1,
"PostalCode" : "55060",
"TimeZone" : "CDT"
}
}
]Sharing a Token Link
The tokenLink URL is returned in the POST Create Token Link API response. This URL can be shared with customers through Email, SMS, or social media. When a customer opens a token link, they are directed to a secure, AndDone-hosted form where they can enter and submit their payment information to be tokenized.
Receiving Account Tokens from Token Links
When a customer successfully submits their payment information for tokenization using a token link, the account token, token ID and other related information is transmitted to the merchant via webhook. The merchant must have a webhook for token link notifications configured and listening on their server.
Getting Information for Existing Token Links
You can retrieve the detailed information for an existing token link using the Get Secure Token Link by ID API. To call this API you will need the tokenLinkId. This API returns the tokenLink URL, the account token, token link expiration date/time and other details.