The Verify
operation lets you post verification payments, which confirm the
validity of card information without reserving or charging any amount.
Introduction To Verify
This option is commonly used when initiating a subsequent unscheduled purchase flow - where you do not want to charge the payer right away.
Please note that all boolean card attributes involving the rejection of certain card types are optional and require enabling in the contract with Swedbank Pay.
Verification Through Swedbank Pay Payments
- When properly set up in your merchant/webshop site, and the payer initiates
a verification operation, you make a
POST
request towards Swedbank Pay with your Verify information. This will create a payment resource with a uniqueid
. You either receive a Redirect URL to a hosted page or a JavaScript source in response. - You need to
embed the script source on your site to create aSeamless View
in an
iframe
; so that the payer can enter the card details in a secure Swedbank Pay hosted environment. - Swedbank Pay will handle 3-D Secure authentication when this is required.
- Swedbank Pay will redirect the payer’s browser to - or display directly in
the
iframe
- one of two specified URLs, depending on whether the payment session is followed through completely or cancelled beforehand. Please note that both a successful and rejected payment reach completion, in contrast to a cancelled payment. - When you detect that the payer reach your completeUrl, you need to do a
GET
request to receive the state of the transaction. - Finally you will make a
GET
request towards Swedbank Pay with theid
of the payment received in the first step, which will return the payment result and aunscheduledToken
that can be used for subsequent unscheduled server-to-server based payments.
API Requests
The API requests are displayed in the Verification flow below. The options you can choose from when creating a payment with key operation set to Value Verify are listed below.
Please note that not including paymentUrl
in the request will generate a
redirect-verification
operation in the response, meant to be used in the
Redirect flow. Adding paymentUrl
input will generate the response meant for
Seamless View, which does not include the redirect-verification
. The request
below is the Redirect option.
How It Looks
You will redirect the payer to Swedbank Pay hosted pages to collect the card information.
Verify Request
Request
1
2
3
4
POST /psp/paymentorders HTTP/1.1
Host: api.externalintegration.payex.com
Authorization: Bearer <AccessToken>
Content-Type: application/json;version=3.x/2.0 // Version optional for 3.0 and 2.0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{
"paymentorder": {
"operation": "Verify",
"currency": "NOK",
"description": "Test Verification",
"userAgent": "Mozilla/5.0...",
"language": "nb-NO",
"generateUnscheduledToken": true,
"urls": {
"hostUrls": ["https://example.com", "https://example.net"],
"completeUrl": "https://example.com/payment-completed",
"cancelUrl": "https://example.com/payment-cancelled",
"logoUrl": "https://example.com/payment-logo.png",
"termsOfServiceUrl": "https://example.com/payment-terms.html"
},
"payeeInfo": {
"payeeId": "5cabf558-5283-482f-b252-4d58e06f6f3b",
"payeeReference": "CD1234",
"payeeName": "Merchant1",
"productCategory": "A123",
"orderReference": "or-12456",
"subsite": "MySubsite",
},
"payer": {
"payerReference": "AB1234",
}
},
"creditCard": {
"rejectCreditCards": false,
"rejectDebitCards": false,
"rejectConsumerCards": false,
"rejectCorporateCards": false
}
}
Verify Response
Response
1
2
3
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8; version=2.0
api-supported-versions: 3.x/2.0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
{
"paymentOrder": {
"id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777",
"created": "2024-05-03T09:04:48.8351546Z",
"updated": "2024-05-03T09:04:48.8534539Z",
"operation": "Verify",
"state": "Ready",
"currency": "NOK",
"amount": 0,
"vatAmount": 0,
"description": "Test Verification",
"initiatingSystemUserAgent": "PostmanRuntime/7.37.3",
"userAgent": "Mozilla/5.0",
"language": "nb-NO",
"availableInstruments": [
"CreditCard"
],
"integration": "",
"urls": {
"id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/urls"
},
"payeeInfo": {
"id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/payeeInfo"
},
"payer": {
"id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/payers"
},
"payments": {
"id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/payments"
},
"currentPayment": {
"id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/currentpayment"
},
"items": [
{
"creditCard": {
"cardBrands": [
"CoopMatkonto",
"Ica",
"MasterCard",
"Visa",
"Amex",
"Dankort",
"Maestro"
]
}
}
]
},
"operations": [
{
"method": "PATCH",
"href": "https://api.externalintegration.payex.com/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777",
"rel": "update-paymentorder-updateorder",
"contentType": "application/json"
},
{
"method": "PATCH",
"href": "https://api.externalintegration.payex.com/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777",
"rel": "update-paymentorder-abort",
"contentType": "application/json"
},
{
"method": "GET",
"href": "https://ecom.externalintegration.payex.com/checkout/9b9a0db077d065719f9e05c3ff583783fc474bb3cd712bfa3cfb4759145ba1b8?_tc_tid=dd40b8e24cb0429c823f64111b9a9ba8",
"rel": "redirect-paymentorder",
"contentType": "text/html"
},
{
"method": "GET",
"href": "https://ecom.externalintegration.payex.com/checkout/client/9b9a0db077d065719f9e05c3ff583783fc474bb3cd712bfa3cfb4759145ba1b8?culture=nb-NO&_tc_tid=dd40b8e24cb0429c823f64111b9a9ba8",
"rel": "view-paymentorder",
"contentType": "application/javascript"
}
]
}
Verification Flow
The sequence diagram below shows the two requests you have to send to Swedbank Pay to make a purchase. The links will take you directly to the API description for the specific request. The diagram also shows in high level, the sequence of the process of a complete purchase. When dealing with credit card payments, 3-D Secure authentication of the cardholder is an essential topic. There are three alternative outcome of a credit card payment:
- 3-D Secure enabled - by default, 3-D Secure should be enabled, and Swedbank Pay will check if the card is enrolled with 3-D Secure. This depends on the issuer of the card. If the card is not enrolled with 3-D Secure, no authentication of the cardholder is done.
- Card supports 3-D Secure - if the card is enrolled with 3-D Secure, Swedbank Pay will redirect the cardholder to the autentication mechanism that is decided by the issuing bank. Normally this will be done using BankID or Mobile BankID.