API Overview

Digital Accept Secure Integration Developer Guide
- Recent Revisions to This Document
- VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introducing Digital Accept Secure Integration Product Suite

Flex API v2
- Flex API v2 Integration Task List
- Generating the Capture Context
  - REST Example: Generating the Capture Context
- Validating the Capture Context
- Securing Payment Information
- Tokenizing Payment Information
- Validate the Transient Token
- Using the Transient Token to Process a Payment

Microform Integration v2
- How It Works
- PCI Compliance
- Getting Started
- Accept Card Information
  - Server-Side Setup
    - Capture Context
    - Creating the Server-Side Capture Context
    - Validating the Server-Side Capture Context
  - Client-Side Setup
  - Transient Tokens for Accepting Card Information
    - Transient Token Time Limit
    - Transient Token Response Format
    - Validating the Transient Token
    - Using the Transient Token to Process a Payment
- Accept eCheck Information
  - Server-Side Setup
    - Capture Context
    - Creating the Server-Side Capture Context
    - Validating the Server-Side Capture Context
  - Client-Side Setup
  - Transient Tokens for Accepting eCheck Information
    - Transient Token Time Limit
    - Transient Token Response Format
    - Validating the Transient Token
- Next Steps
  - Styling
  - Events
  - Security Recommendations
- Reference
  - JavaScript API Reference
    - Class: Field
    - Module: FLEX
    - Class: Microform
    - Class: MicroformError
    - Global
  - Capture Context API
    - REST Example: Requesting the Capture Context
  - Getting Started Examples
  - JSON Web Tokens
  - Browser Support
  - PCI DSS Guidance
  - Test Card Numbers

Introduction to Unified Checkout Integration
- Unified Checkout Integration Flow
  - Enabling Unified Checkout Integration in the Gateway Portal
- Server-Side Set Up
  - Capture Context
- Client-Side Set Up
  - Loading the JavaScript Library and Invoking the Accept Function
    - JavaScript Example: Initializing the SDK
  - Adding the Payment Application and Payment Acceptance
    - JavaScript Example: Setting Up with Full Sidebar
    - JavaScript Example: Setting Up with the Embedded Component
- Transient Tokens
  - Transient Token Format
  - Token Verification
  - Support for Dual-Branded Cards
- Authorizations with a Transient Token
  - REST Example: Requesting an Authorization with a Transient Token
- Capture Context API
  - REST Example: Requesting the Capture Context
- Payment Details API
  - REST Example: Retrieving Transient Token Payment Details
- Unified Checkout Integration Configuration
  - Enable Digital Payments
    - Enrolling in Apple Pay
    - Preparing a Device for Testing Apple Pay on Unified Checkout Integration
    - Enabling Click to Pay
    - Enrolling in Google Pay
    - Managing Google Pay Authentication Types
  - Manage Permissions
    - Managing Permissions as a Direct Merchant
    - Managing Permissions as a Portfolio Administrator
- Test Your Unified Checkout Integration Configuration
  - Customer Authentication
    - Set Up Customer Authentication for Visa
    - Authentication Methods
- Unified Checkout Integration UI
  - Apple Pay UI
  - Click to Pay UI
  - Google Pay UI
  - Manual Payment Entry UI
- JSON Web Tokens
- JavaScript API Reference
  - Class: Accept
  - Class: AcceptError
  - Class: UnifiedPayments
- Supported Countries for Digital Payments
  - Supported Countries for Digital Payments A-D
  - Supported Countries for Digital Payments E-K
  - Supported Countries for Digital Payments L-R
  - Supported Countries for Digital Payments S-Z
- Supported Locales
- Reason Codes
- Test Card Numbers

Introduction to the
- Click to Pay Customer Workflows
  - Recognized Click to Pay Customer
  - Unrecognized Click to Pay Customer
  - Guest Customer
- Flow
  - Enabling Unified Checkout Integration in the Gateway Portal
- Server-Side Set Up
  - Capture Context
- Client-Side Set Up
  - Loading the JavaScript Library and Invoking the Accept Function
    - JavaScript Example: Initializing the SDK
  - Adding the Payment Application and Payment Acceptance
    - JavaScript Example: Setting Up with Full Sidebar
    - JavaScript Example: Setting Up with the Embedded Component
- Transient Tokens
  - Transient Token Format
  - Token Verification
  - Support for Dual-Branded Cards
- Capture Context API
  - REST Example: Requesting the Capture Context
- Payment Details API
  - Required Field for Retrieving Transient Token Payment Details
  - REST Example: Retrieving Transient Token Payment Details
- Payment Credentials API
  - Required Field for Retrieving Payment Credentials
  - REST Example: Retrieving Payment Credentials
- Unified Checkout Integration Configuration
  - Upload Your Encryption Key
    - Generate a Public Private Key Pair
  - Enable Click to Pay
    - Enabling Click to Pay
  - Manage Permissions
    - Managing Permissions as a Direct Merchant
    - Managing Permissions as a Portfolio Administrator
- Supported Countries for Click to Pay
- Supported Locales

Processing Authorizations with a Transient Token
- Authorization with a Transient Token
  - Required Field for an Authorization with a Transient Token
  - REST Example: Authorization with a Transient Token
- Authorization and Creating TMS Tokens with a Transient Token
  - Required Fields for an Authorization and Creating TMS Tokens with a Transient Token
  - REST Example: Authorization and Creating TMS Tokens with a Transient Token

On This Page

Transient Token Response Format

The transient token is issued as a JSON Web Token (RFC 7519). A JWT is a string consisting of three parts that are separated by dots:

Header

Payload

Signature

JWT example:

xxxxx.yyyyy.zzzzz

The payload portion of the token is an encoded Base64url JSON string and contains various claims.

IMPORTANT

When you integrate with Cybersource APIs, Cybersource recommends that you dynamically parse the response for the fields that you are looking for. Additional fields may be added in the future.

You must ensure that your integration can handle new fields that are returned in the response. While the underlying data structures will not change, you must also ensure that your integration can handle changes to the order in which the data is returned.

The internal data structure of the JWT can expand to contain additional data elements. Ensure that your integration and validation rules do not limit the data elements contained in responses.

Example: Token Payload for Accepting Card Information

{
  "iss": "Flex/00",
  "exp": 1728911080,
  "type": "mf-2.0.0",
  "iat": 1728910180,
  "jti": "1D1S6JK9RL6EK667H1I370689A63I2I8YLFJSPJ1EUSKIPMJJWEL670D16E89AF8",
  "content": {
    "paymentInformation": {
      "card": {
        "expirationYear": {
          "value": "2025"
        },
        "number": {
          "detectedCardTypes": [
            "001"
          ],
          "maskedValue": "XXXXXXXXXXXX1111",
          "bin": "411111"
        },
        "securityCode": {},
        "expirationMonth": {
          "value": "01"
        }
      }
    }
  }
}

Back to top