How it Works


Component NameDescription
Checkout PageThis is your web page that presents details of the purchase, collects customer information (like name and email address), and includes a submit button (such as “Complete Checkout”).
PaySimpleJSPaySimple JavaScript library you reference you load on your Checkout page. It presents an iframe with a form to collect payment data (card number, expiration, CVV, and postal code).
Your ServerThis is your server that hosts your Checkout Site, and communicates with the PaySimple API to retrieve tokens and collect payments.
PaySimple API 4.0This is our API 4.0. See API Reference for details.

Token Types

Token NameDescription
Checkout TokenAuthorization token that identifies the merchant and allows read access to public information, such as catalog items. Required to initialize the PaySimpleJS library. Expires 5 minutes after creation.
Payment TokenToken that corresponds to a Customer and Credit Card or ACH Account details. May only be used once and expires 15 minutes after creation.
Customer TokenAuthorization token that corresponds to an Authenticated Customer. Allows read and write access to logged in Customer's data. Expires 15 minutes after creation.

How it works


PaySimpleJS Flow Chart

  1. Your Checkout Page requests a Checkout Token from your Server in order to initialize the PaySimpleJS.

  2. The PaySimple API generates and sends a Checkout Token back to your Server which returns it to your Checkout Page.

  3. Once PaySimpleJS is initialized and your customer has submitted payment account information, our API4.0 delivers a Payment Token back to PaySimpleJS -- which returns it to your Checkout Page. Your Checkout Page then sends the Payment Token to your Server. Your Server code receives the Payment Token and then uses our API4.0 to make a payment API Reference.

Because PaySimpleJS presents an iframe that is hosted by PaySimple, card data never passes through your server, thereby reducing your PCI compliance burden.

Customer Deduplication

When Credit Card or ACH details are submitted, PaySimple attempts to prevent duplicate customers by first searching for a existing account. If one is found, the PaymentToken returned will be matched to an existing CustomerId and AccountId.