Tokenizing PayPal

Suggest Edits

Currently Wpay supports both the Checkout and Vault flows for PayPal. Please refer to the Wpay PayPal documentation to get further detailed information about each of the supported PayPal integration patterns.

High Level Flow

3056

Tokenizing PayPal for Checkout Flow

The Checkout with PayPal integration pattern will allow you to tokenize a PayPal or Pay in 4 nonce into a single-use payment instrument. This means payment instruments generated using the PayPal Checkout integration will never be saved to the customer's wallet.

How it works

  1. Integrate your site with PayPal to facilitate the checkout journey and allow a customer to log in to their PayPal account and approve the payment.
  2. Once the payment has been approved PayPal will provide you with a nonce which can then be provided to Wpay to use for payments.
  3. The PayPal nonce is processed by us and we return a payment token which is a unique representation of the PayPal account without any sensitive information.
  4. The payment token can be used in our payment services to make a payment.
curl --location --request POST 'https:/{{environment}}.wpay.com.au/v1/apm/tokenize' \
--header 'Authorization: Bearer 2Q0BRJbdbJAljXsX6q35fuyN6w9X' \
--header 'Content-Type: application/json' \
--header 'X-Api-Key: 9JMPM102iV1PtnO6HwZoorYNpdfqAWap' \
--data-raw '{
    "data": {
        "paymentInstrumentType": "PAYPAL",
        "payload": {
            "nonce": "35ecab49-4d75-0687-72ba-2794b490e071"
        }
    },
    "meta": {}
}'

var myHeaders = new Headers();
var environment = "substitute environment-value here"
var yourAPIkey = "YOUR-API-KEY";
var accessToken = "ACCESS-TOKEN";
myHeaders.append("Content-Type", "application/json");
myHeaders.append("X-Api-Key", yourAPIkey);
myHeaders.append("Authorization", `Bearer ${accessToken}`);

var raw = JSON.stringify({
  "data": {
    "paymentInstrumentType": "PAYPAL",
    "payload": {
    	"nonce": "4234ac11-e67e-0770-7517-8d58ac21e5ef"
    	}
    },
  "meta": {}
});

var requestOptions = {
  method: 'POST',
  headers: myHeaders,
  body: raw,
  redirect: 'follow'
};

fetch(`https://${environment}.wpay.com.au/wow/v1/apm/tokenize`, requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

Where:

  • nonce is the value PayPal returns upon successfully validating the payment request.

Tokenizing PayPal for Vault Flow

To tokenize your customer's PayPal account and use it to make a payment or store it in the customer's wallet, you will need to first provide us with your PayPal account information so that we can link this to your Wpay account.

To tokenize a customer's PayPal account you can make use of either our SDKs or APIs.

How it works

  1. Integrate your site with PayPal to facilitate the checkout journey and allow a customer to log in to their PayPal account and approve the payment.
  2. Once the payment has been approved PayPal will provide you with a nonce which can then be provided to Wpay to use for payments or to even store within the customer's wallet to allow for easy one-click payments in the future.
  3. The PayPal nonce is processed by us and we return a payment token which is a unique representation of the PayPal account without any sensitive information.
  4. The payment token can be used in our payments services to make a payment.

Tokenizing PayPal for a Registered Customer

This method should be used when dealing with a registered customer on your website and where the user has been authenticated as a registered customer. 

curl --location --request POST 'https://{{environment}}.wpay.com.au/wow/v1/pay/paypal/tokenize' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'X-Api-Key: {{yourApiKey}}' \
--header 'Authorization: Bearer {{yourBearerToken}}' \
--data-raw '
{
     "primary": true,
     "nonce": "8ca99905-2419-09ab-742d-2794b490e071"
}
'

var myHeaders = new Headers();
var environment = "substitute environment-value here"
var yourAPIkey = "YOUR-API-KEY";
var accessToken = "ACCESS-TOKEN";
myHeaders.append("Content-Type", "application/json");
myHeaders.append("X-Api-Key", yourAPIkey);
myHeaders.append("Authorization", `Bearer ${accessToken}`);

var raw = JSON.stringify({
  "primary": true,
  "nonce": "8ca99905-2419-09ab-742d-2794b490e071"
});

var requestOptions = {
  method: 'POST',
  headers: myHeaders,
  body: raw,
  redirect: 'follow'
};

fetch(`https://${environment}.wpay.com.au/wow/v1/pay/paypal/tokenize`, requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

import Foundation
#if canImport(FoundationNetworking)
import FoundationNetworking
#endif

var semaphore = DispatchSemaphore (value: 0)

let yourAPIkey = "YOUR-API-KEY";
let environment = "substitute environment-value here"
let accessToken = "ACCESS-TOKEN";
let parameters = """
{\
	\"primary\": true,\
	\"nonce\": \"8ca99905-2419-09ab-742d-2794b490e071\"\
}\
"""
let postData = parameters.data(using: .utf8)

var request = URLRequest(
  url: URL(string: "https://\(environment).wpay.com.au/wow/v1/pay/paypal/tokenize")!,
  timeoutInterval: Double.infinity
)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue(yourAPIkey, forHTTPHeaderField: "X-Api-Key")
request.addValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in 
  guard let data = data else {
    print(String(describing: error))
    semaphore.signal()
    return
  }
  print(String(data: data, encoding: .utf8)!)
  semaphore.signal()
}

task.resume()
semaphore.wait()

var myHeaders = new Headers()
var environment = "substitute environment-value here"
var yourAPIkey = "YOUR-API-KEY"
var accessToken = "ACCESS-TOKEN"
      
val response = khttp.post(
  url = "https://$environment" + 
        ".wpay.com.au/wow/v1/pay/paypal/tokenize",
  headers = mapOf("Content-Type" to "application/json",
                  "X-Api-Key" to yourAPIkey,
                  "Authorization", "Bearer $accessToken"),
  json = mapOf("primary" to true,
               "nonce" to "8ca99905-2419-09ab-742d-2794b490e071")
)

if(response.statusCode == 200) {
  val obj : JSONObject = response.jsonObject
  println("Successful response payload: ${obj}")
} else {
  handleError(response)
}

Where:

  • nonce is the value PayPal returns upon successfully validating the payment request
  • primary can be set to true or false and this indicates whether it is a primary or secondary instrument when saving the card to the customer's wallet

Tokenizing PayPal for a Guest Customer

This method should be used when dealing with a guest customer on your website and where the user has been authenticated as a guest customer. 

curl --location --request POST 'https://{{environment}}.wpay.com.au/wow/v1/pay/guest/paypal/tokenize' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'X-Api-Key: {{yourApiKey}}' \
--header 'Authorization: Bearer {{yourBearerToken}}' \
--data-raw '
{
     "nonce": "8ca99905-2419-09ab-742d-2794b490e071"
}
'

var myHeaders = new Headers();
var environment = "substitute environment-value here"
var yourAPIkey = "YOUR-API-KEY";
var accessToken = "ACCESS-TOKEN";
myHeaders.append("Content-Type", "application/json");
myHeaders.append("X-Api-Key", yourAPIkey);
myHeaders.append("Authorization", `Bearer ${accessToken}`);

var raw = JSON.stringify({
  "nonce": "8ca99905-2419-09ab-742d-2794b490e071"
});

var requestOptions = {
  method: 'POST',
  headers: myHeaders,
  body: raw,
  redirect: 'follow'
};

fetch(`https://${environment}.wpay.com.au/wow/v1/pay/guest/paypal/tokenize`, requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

import Foundation
#if canImport(FoundationNetworking)
import FoundationNetworking
#endif

var semaphore = DispatchSemaphore (value: 0)

let yourAPIkey = "YOUR-API-KEY";
let environment = "substitute environment-value here"
let accessToken = "ACCESS-TOKEN";
let parameters = """
{\
	\"nonce\": \"8ca99905-2419-09ab-742d-2794b490e071\"\
}\
"""
let postData = parameters.data(using: .utf8)

var request = URLRequest(
  url: URL(string: "https://\(environment).wpay.com.au/wow/v1/pay/guest/paypal/tokenize")!,
  timeoutInterval: Double.infinity
)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue(yourAPIkey, forHTTPHeaderField: "X-Api-Key")
request.addValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in 
  guard let data = data else {
    print(String(describing: error))
    semaphore.signal()
    return
  }
  print(String(data: data, encoding: .utf8)!)
  semaphore.signal()
}

task.resume()
semaphore.wait()

var myHeaders = new Headers()
var environment = "substitute environment-value here"
var yourAPIkey = "YOUR-API-KEY"
var accessToken = "ACCESS-TOKEN"
      
val response = khttp.post(
  url = "https://$environment" + 
        ".wpay.com.au/wow/v1/pay/guest/paypal/tokenize",
  headers = mapOf("Content-Type" to "application/json",
                  "X-Api-Key" to yourAPIkey,
                  "Authorization", "Bearer $accessToken"),
  json = mapOf("nonce" to "8ca99905-2419-09ab-742d-2794b490e071")
)

if(response.statusCode == 200) {
  val obj : JSONObject = response.jsonObject
    println("Successful response payload: ${obj}")
} else {
  handleError(response)
}

Updated over 1 year ago