Worldline Saferpay - Fields (embed) API

9 steps
Embed payment input fields into your shop. Create custom design of payment. Official Integration Guide Integration Manual Demo-environment
  1. Present input fields, wait for cardholder to complete card data.
  2. Fields Initialize (javascript) to submit card data, and get the Event Token
  3. Use the Event Token from previous step to start transaction with Transaction Initialize
  4. Present RedirectUrl inside an iFrame or Lightbox for 3D secure procedure
  5. Return to ReturnUrl depending on the outcome of 3DS procedure
  6. Wait for IPN, RedirectNotifyUrls being called by Saferpay (_GET)
  7. Upon receiving IPN on RedirectNotifyUrls, Authorize Card by Transaction Authorize . Use Token from #3 Transaction Initialize response. Get back transaction data & state as response
  8. Based on transaction data (State, LiabilityShift), your backend decides what to do with the transaction
  9. You either finalize transaction by Capture/Finalize or Cancel/Abort
Good to know
  • You will need Customer ID, Terminal ID, Fields Access Token, Fields registered URL, Saferpay Fields javascript library URL . You can find and register these from Saferpay Back Office
  • For test environment, please register your test account here
  • Your base URL is either https://www.saferpay.com/api OR https://test.saferpay.com/api depending on which environment you are at.
  • You should store response data in your backend's database while implementing different steps of payment, you would likely need a value from a previous call, e.g. Token from Initialize
  • It is recommended to build your RedirectNotifyUrls with a unique id of the transaction like this: https://yourshop/notify?id=12345. This way, when this URL is called, you can identify the transaction and find it in your database
  • Do not mix RedirectUrl, ReturnUrl, and RedirectNotifyUrls they are not the same, and serves different purpose. Your IPN is RedirectNotifyUrls being called (via asynchronous _GET). DO NOT IMPLEMENT TRANSACTION STEPS (e.g. CAPTURE) BY RETURN URL, AS YOUR PROCESS CAN BREAK IF CUSTOMER CLOSING BROWSER, LOOSING CONNECTION, ETC.
  • Always check LiabilityShift results. It is your choice to stand financial responsibility in a possible chargeback of a transaction. We recommend to implement a transaction amount based evaluation e.g. above 10 EUR you drop if LiabilityShift = NO.
  • The Transaction is only completed when it's a green dot icon (not circle) in Saferpay Backoffice Interface . Transactions that are not completed (e.g. Authorized state with green circle icon) will release amount automatically back to cardholder's account by time and later charge of the amount might not be possible.