Last Updated: 04 December 2024 | Change Log

Repeat Wallet Payments

Use our card on file resource to authorize a payment with a digital wallet.

Note

You must integrate with Google Pay or Apple Pay before you can submit repeat wallet payments to our Payments API.

What are card on file payments?

  • The customer is actively participating in making a payment at the point of authorization using card details you have previously stored/ intend to store
  • Does not follow a schedule
  • Requires explicit permission from the customer to store the card on their account for use in a “one-click” model
  • Sometimes referred to as Customer Initiated Transactions (CIT)

Read more about card on file mandates here.

Card on file authorization request

POST your initial card on file authorizations to our payments:cardOnFileAuthorize action link resource received in your query the payments root resource request.

Card on file authorization example request:

POST https://try.access.worldpay.com/payments/authorizations/cardOnFile

cardOnFile authorization request body

{
    "transactionReference": "Memory265-13/08/1876",
    "merchant": {
        "entity": "default"
    },
    "instruction": {
        "narrative": {
            "line1": "Mind Palace Ltd"
        },
        "value": {
            "currency": "GBP",
            "amount": 250
        },
        "paymentInstrument": {
            "type": "card/wallet+applepay",
            "walletToken": "{\"version\": \"EC_v1\",\"data\": \"kdHd..GQ==\",\"signature\": \"MIAGCSqGSIb3DQEH...AAA\",\"header\": {\"transactionId\": \"d3b28af..f8\",\"ephemeralPublicKey\": \"MFkwE..Q==\",\"publicKeyHash\": \"dxCK..6o=\"}}"
        }
    }
}

Descriptions of your authorization request parameters

ParameterRequiredDescription
transactionReferenceA unique reference generated by you that is used to identify a payment throughout its lifecycle. See transaction reference format, for more details and the best practices.
merchantAn object that contains information about the merchant.
merchant.entityDirect your payment to assist with billing, reporting and reconciliation. This is mandatory for authentication and queries.
Contact your Implementation Manager for more details.
instructionAn object that contains all the information related to the payment.
instruction.narrativeThe text that appears on your customer's statement. Used to identify the merchant.
See narrative format for more details and best practices.
narrative.line1The first line of the narrative which appears on your customer's statement (24 characters max. If character is not supported it is replaced with a space.).
See narrative line1 format for more details.
instruction.valueAn object that contains information about the value of the payment.
value.currencyThe three digit currency code.
See list of supported currencies.
value.amountThe payment amount. This is a whole number with an exponent e.g. if exponent is two, 250 is 2.50. You can find the relevant exponent in our currency table.
instruction.paymentInstrumentAn object that contains the payment type and details. You must integrate with Apple Pay first to use the card/wallet+applepay paymentInstrument.

Optional parameters

Optional parameters and descriptions
ParameterRequiredDescription
instruction.intentA parameter detailing the reason for this particular repeat agreement. Possible value:
  • instalment
narrative.line2Additional details about the payment e.g. order number, telephone number.

The requests below contain all the mandatory and optional fields needed for a successful card on file authorization request.

Full authorization request body:

{
    "transactionReference": "Memory265-13/08/1876",
    "merchant": {
        "entity": "default"
    },
    "instruction": {
        "intent": "instalment",
        "narrative": {
            "line1": "Mind Palace Ltd",
            "line2": "Memory265-13/08/1876"
        },
        "value": {
            "currency": "GBP",
            "amount": 1000
        },
        "paymentInstrument": {
            "type": "card/wallet+applepay",
            "walletToken": "{\"version\": \"EC_v1\",\"data\": \"kdHd..GQ==\",\"signature\": \"MIAGCSqGSIb3DQEH...AAA\",\"header\": {\"transactionId\": \"d3b28af..f8\",\"ephemeralPublicKey\": \"MFkwE..Q==\",\"publicKeyHash\": \"dxCK..6o=\"}}",
            "billingAddress": {
                "address1": "221B Baker Street",
                "address2": "Marylebone",
                "address3": "Westminster",
                "postalCode": "NW1 6XE",
                "city": "London",
                "state": "Greater London",
                "countryCode": "GB"
            }
        }
    }
}
{
    "transactionReference": "Memory265-13/08/1876",
    "merchant": {
        "entity": "default"
    },
    "instruction": {
        "narrative": {
            "line1": "Mind Palace Ltd"
        },
        "value": {
            "currency": "GBP",
            "amount": 250
        },
        "paymentInstrument": {
            "type": "card/wallet+applepay",
            "walletToken": "{
                \"version\": \"EC_v1\",
                \"data\": \"kdHd..GQ==\",
                \"signature\": \"MIAGCSqGSIb3DQEH...AAA\",
                \"header\": {
                    \"transactionId\": \"d3b28af..f8\",
                    \"ephemeralPublicKey\": \"MFkwE..Q==\",
                    \"publicKeyHash\": \"dxCK..6o=\" 
                }
            }"
        }
    }
}

Card on file response

Best Practice

Access Worldpay returns a WP-correlationId in the headers of service responses. We highly recommend you log this. The WP-correlationId is used by us to examine individual service requests.

Successful response

You receive:

  • an HTTP code 201
  • an "outcome": "authorized"
  • risk factors (only returned if issuer identifies conflict)
  • a scheme reference
  • a paymentInstrument detailing brand information about the card that was used
  • links to cancel, settle, partially settle or track payment events
  • an authorization link for the next card on file payment in your repeat payment agreement
  • an authorization link for the next recurring payment in your repeat payment agreement
  • a token link, you must use for all subsequent payments in your repeat payment agreement

Refused response

You receive:

  • an HTTP code 201
  • an "outcome": "refused"
  • a refusal code
  • a description which gives additional context on the refusal
  • risk factors (only returned if issuer identifies conflict)
  • a paymentInstrument

Example response

{
    "outcome": "authorized",
    "riskFactors": [{
            "risk": "not_checked",
            "detail": "postcode",
            "type": "avs"
        },
        {
            "risk": "not_checked",
            "detail": "address",
            "type": "avs"
        }
    ],
    "scheme": {
        "reference": "schemeReference"
    },
    "paymentInstrument": {
        "type": "card/network+masked",
        "card": {
            "number": {
                "bin": "444433",
                "last4Digits": "1111",
                "dpan": "4444333322221111"
            },
            "countryCode": "GB",
            "expiryDate": {
                "month": 6,
                "year": 2021
            },
            "brand": "visa",
            "fundingType": "debit",
            "issuer": {
                "name": "VALID_ISSUER"
            },
            "paymentAccountReference": "somePAR"
        }
    },
    "_links": {
        "payments:cancel": {
            "href": "https://try.access.worldpay.com/payments/authorizations/cancellations/eyJrIjoiazUyOTVhMSIsImxpbmtWZXJzaW9uIjoiMy4wLjAifQ==.7uyuNo1ShOgM5rTwStg86LXzb0a2wdLW1lwX:DIQ2Ecrp4gw65VLnHmjsAVqzpa2NcwixaBb2p8R2x5NPXdRpybJ2ndKlbkNOc9gj+ruN20iaTdYqv2FNgB3ZAw3g+yyUMUlQDFD8DU++ZswXpUQe8YTBHmTP8zHQUXrSORn9IaI6kzJnMu2HWwEJOqKnWLvRCMy:fr4ptatJJrmRVON8WTjisJL:sd3TJ9uDcO:gD+q+Q01y++Mzop0k8y3bDcnNBpsG:8xf4uKGGYO3EcAWA=="
        },
        "payments:settle": {
            "href": "https://try.access.worldpay.com/payments/settlements/full/eyJrIjoiazUyOTVhMSIsImxpbmtWZXJzaW9uIjoiMy4wLjAifQ==.7uyuNo1ShOgM5rTwStg86LXzb0a2wdLW1lwX:DIQ2Ecrp4gw65VLnHmjsAVqzpa2NcwixaBb2p8R2x5NPXdRpybJ2ndKlbkNOc9gj+ruN20iaTdYqv2FNgB3ZAw3g+yyUMUlQDFD8DU++ZswXpUQe8YTBHmTP8zHQUXrSORn9IaI6kzJnMu2HWwEJOqKnWLvRCMy:fr4ptatJJrmRVON8WTjisJL:sd3TJ9uDcO:gD+q+Q01y++Mzop0k8y3bDcnNBpsG:8xf4uKGGYO3EcAWA=="
        },
        "payments:partialSettle": {
            "href": "https://try.access.worldpay.com/payments/settlements/partials/eyJrIjoiazUyOTVhMSIsImxpbmtWZXJzaW9uIjoiMy4wLjAifQ==.7uyuNo1ShOgM5rTwStg86LXzb0a2wdLW1lwX:DIQ2Ecrp4gw65VLnHmjsAVqzpa2NcwixaBb2p8R2x5NPXdRpybJ2ndKlbkNOc9gj+ruN20iaTdYqv2FNgB3ZAw3g+yyUMUlQDFD8DU++ZswXpUQe8YTBHmTP8zHQUXrSORn9IaI6kzJnMu2HWwEJOqKnWLvRCMy:fr4ptatJJrmRVON8WTjisJL:sd3TJ9uDcO:gD+q+Q01y++Mzop0k8y3bDcnNBpsG:8xf4uKGGYO3EcAWA=="
        },
        "payments:events": {
            "href": "https://try.access.worldpay.com/payments/events/eyJrIjoiazUyOTVhMSIsImxpbmtWZXJzaW9uIjoiMy4wLjAifQ==.7uyuNo1ShOgM5rTwStg86LXzb0a2wdLW1lwX:DIQ2Ecrp4gw65VLnHmjsAVqzpa2NcwixaBb2p8R2x5NPXdRpybJ2ndKlbkNOc9gj+ruN20iaTdYqv2FNgB3ZAw3g+yyUMUlQDFD8DU++ZswXpUQe8YTBHmTP8zHQUXrSORn9IaI6kzJnMu2HWwEJOqKnWLvRCMy:fr4ptatJJrmRVON8WTjisJL:sd3TJ9uDcO:gD+q+Q01y++Mzop0k8y3bDcnNBpsG:8xf4uKGGYO3EcAWA=="
        },
        "payments:cardOnFileAuthorize": {
            "href": "https://try.access.worldpay.com/payments/authorizations/cardOnFile/eyJrIjoiazUyOTVhMSIsImxpbmtWZXJzaW9uIjoiMS4wLjAifQ==.R6PzeBs1kC+VT5dtn2WKHquYi:0CPtdsTmoC0CiPjw6CkE+Ujvons6ZVs+R2JwUJmXAx1+34Kz67cP9hSVZNkQ=="
        },
        "payments:recurringAuthorize": {
            "href": "https://try.access.worldpay.com/payments/authorizations/recurring/eyJrIjoiazUyOTVhMSIsImxpbmtWZXJzaW9uIjoiMS4wLjAifQ==.R6PzeBs1kC+VT5dtn2WKHquYi:0CPtdsTmoC0CiPjw6CkE+Ujvons6ZVs+R2JwUJmXAx1+34Kz67cP9hSVZNkQ=="
        },
        "tokens:token": {
            "href": "https://access.worldpay.com/tokens/linkData"
        },
        "curies": [{
            "name": "payments",
            "href": "https://try.access.worldpay.com/rels/payments/{rel}",
            "templated": true
        }]
    }
}

You can use the payments:settle action link to settle the payment straight away. Alternatively you can cache the response and use the link to settle the payment later.

Next Steps


Take a subsequent recurring payment with the token you have received in your card on file response.