Initiating a one-time payment with the Webview
In this guide, we will create and validate a basic, one-time payment using the Pay product.
Last updated
In this guide, we will create and validate a basic, one-time payment using the Pay product.
Last updated
Note that this guide assumes you have the following information on hand:
A Powens domain with Pay enabled.
A Powens domain client with client identifiers, thereafter named clientId
and clientSecret
.
A URL to redirect the end user to at the end of the process, registered with the client, thereafter named redirectURL
.
An optional state that will be transmitted to your redirect URL, thereafter named optionalRedirectState
.
One-time payments are payments executed once. They can be of different kinds:
"First open day" payments: classic payments usually executed within a few business days (SEPA Credit Transfers, GB BACS, GB CHAPS, GB Faster Payments, ...).
"Instant" payments: payments usually executed within a few minutes (SEPA Instant Credit Transfers).
"Deferred" payments: classic payments only executed at a provided future date.
The basic workflow will be the following:
In order to create payments, we need a special access token with the payments:admin
scope, obtained using client credentials:
See Service Tokens for more information.
You can now create a payment request with the following request:
A payer_identity
for the payment request and a beneficiary_identity
for the instruction are required and must contain information on either the payer (which you redirect to the webview) or the beneficiary (matching the routing information). For the definition of such objects, see IdentityRequest.
The following are examples of different identity kinds with Pay:
See the POST /payments
endpoint reference and the PaymentInitRequest
object description for more information on the payload or returned information.
In order for the payer to be able to validate the payment request, you first need to create a token scoped to validate the created payment specifically. You can do this using the token created in Obtain a token suitable for creating payments:
See the POST /payments/{id}/scopedtoken
endpoint reference for more information.
Now that you have the payment validation token, you can create the webview URL by taking the webview URL and adding the following parameters to it:
domain
: your client domain.
client_id
: the client identifier for your application (clientId
).
redirect_uri
: the same redirect URL you've used when creating the payment (redirectURL
).
state
: the same state you've used when creating the payment (optionalRedirectState
).
code
: The scoped token you've generated on your previous request to the API.
payment_id
: the identifier of the payment.
This will make you obtain a URL of the form:
You can redirect your payer to this URL.
Once the payer has either completed the payment validation flow, or has cancelled from either our Webview or the bank's interface, they will go on the callback URL you have configured on the payment with the following parameters:
state
: the optional client state you have configured on the payment, i.e. {optionalClientState}
.
id_payment
: the identifier of the payment that the user comes from.
error
(optional): set to "cancelled
" if the payer has cancelled the payment from our Webview.
error_code
(optional): set to the payment's error code, if the payment has been cancelled or rejected by the bank.
bank_message
(optional): set to the bank message, if available.
payment_state
(optional): the state of the payment, if the payer has been redirected by the bank.
For security reasons, following such a callback from the payer, it is recommended to check the payment's state manually; see Polling the payment status.
During and after the initiation of a payment, you may want to check on the status of a payment, or to get data back from the payment initiation request.
In order to receive updates when a payment switches states, it is recommended to set up the Payment Updated webhook and wait for events regarding payments.
Webhook events will only be triggered during a background refresh / synchronization of the payment state.
For more information, see Webhooks in the Payments API reference.
This method is not recommended for polling the payment status regularly, it is recommended to wait for incoming webhook events to this end.
However, it is recommended for when receiving a callback regarding a payment from an end user, or for debugging purposes.
In order to get a given payment's status, you can call the GET /payments/{id}
endpoint, with the identifier of the payment. See API endpoints for more information.
In the resulting payment resource, you are to get the state
property, and do the following:
If the payment is pending
, you should wait for the payment to be executed.
If the payment is expired
, it means that the payment will not be updated anymore; you should consider the payment as rejected.
If the payment is accepted
, it means that the initiation was successful but the bank will not provide further updates; if you accept the risks, you can consider the payment as done.
If the payment is done
, it means that the payment has been executed by the payer's bank; you can consider the payment as done.
If the payment is rejected
, it means that the payment has been rejected by the bank, or by the end user through the bank; you should request a new payment.
A payment with the accepted
status could still be rejected by the bank (e.g. for insufficient funds at execution time), however we can no longer poll the payment's status on our side. If you want to avoid such cases, you can identify connectors with this behaviour by checking the partial_status_tracking
property of connectors; see Listing connectors with Pay enabled programmatically.
See the Payment object definition for reference.