|Checkout Page||This is your web page that presents details of the purchase, collects customer information (like name and email address), and includes a submit button (such as “Complete Checkout”).|
|Your Server||This is your server that hosts your Checkout Site, and communicates with the PaySimple API to retrieve tokens and collect payments.|
|PaySimple API 4.0||This is our API 4.0. See API Reference for details.|
|Checkout Token||Authorization token that identifies the merchant and allows read access to public information, such as catalog items. Required to initialize the PaySimpleJS library. Expires 5 minutes after creation.|
|Payment Token||Token that corresponds to a Customer and Credit Card or ACH Account details. May only be used once and expires 15 minutes after creation.|
|Customer Token||Authorization token that corresponds to an Authenticated Customer. Allows read and write access to logged in Customer's data. Expires 15 minutes after creation.|
Your Checkout Page requests a Checkout Token from your Server in order to initialize the PaySimpleJS.
The PaySimple API generates and sends a Checkout Token back to your Server which returns it to your Checkout Page.
Once PaySimpleJS is initialized and your customer has submitted payment account information, our API4.0 delivers a Payment Token back to PaySimpleJS -- which returns it to your Checkout Page. Your Checkout Page then sends the Payment Token to your Server. Your Server code receives the Payment Token and then uses our API4.0 to make a payment API Reference.
Because PaySimpleJS presents an iframe that is hosted by PaySimple, card data never passes through your server, thereby reducing your PCI compliance burden.
When Credit Card or ACH details are submitted, PaySimple attempts to prevent duplicate customers by first searching for a existing account. If one is found, the PaymentToken returned will be matched to an existing CustomerId and AccountId.
Updated about 1 year ago