Step 4: Create a transaction
The final step is to use the card data stored using Secure Fields to either create a transaction or store a card on file for later use.
Create a transaction
Card data stored in a checkout session can be used to create a transaction.
curl -i -X POST "https://api.example.gr4vy.app/transactions" \
-H "Authorization: Bearer [JWT_TOKEN]" \
-H "Content-Type: application/json" \
-d '{
"amount": 1299,
"currency": "AUD",
"payment_method": {
"method": "checkout-session",
"id": "332a6c3a-c4eb-45f6-9a4e-72af459535e2"
}
}'
The returned transaction includes details about the payment method used, and the status of the transaction.
{
"type": "transaction",
"id": "fe26475d-ec3e-4884-9553-f7356683f7f9",
"status": "authentication_succeeded",
"amount": 1299,
"currency": "AUD",
"payment_method": {
"type": "payment-method",
"id": "77a76f7e-d2de-4bbc-ada9-d6a0015e6bd5",
"method": "card",
"scheme": "visa",
"expiration_date": "07/24",
...
},
...
}
Store a card for later use
Card data in a checkout session can also be used to create a stored payment method that can be used later.
This will delete the security_code
from the
vault and any transaction created later will require the code to be
requested again.
curl -i -X POST "https://api.example.gr4vy.app/payment-methods" \
-H "Authorization: Bearer [JWT_TOKEN]" \
-H "Content-Type: application/json" \
-d '{
"method": "checkout-session",
"id": "332a6c3a-c4eb-45f6-9a4e-72af459535e2"
}'
The returned payment method includes details about the card used, and ID of the payment method can be used to create a transaction at a later point.
{
"type": "payment-method",
"id": "77a76f7e-d2de-4bbc-ada9-d6a0015e6bd5",
"method": "card",
"scheme": "visa",
"expiration_date": "07/24",
...
}
Checkout session expiry
Once card data has been stored in the vault with Secure Fields the data is only kept for 5 minutes. This means that the checkout session needs to be used to create a transaction, or store a payment method before that time.
3-D Secure
3-D Secure can be used in conjunction with Secure Fields using our hosted 3DS solution. To enable hosted 3DS, add a redirect_url
to the API call to create a transaction, and then redirect the buyer to the approval_url
in the response.
Summary
In this step you:
- Used the checkout session to create a transaction or store a payment method
Was this page helpful?