Last Updated: 28 February 2024 | Change Log
Get started with our Verified Tokens API
Make yourself familiar with our API Principles to ensure a resilient integration.
Set your headers
Setting your headers is an important part of an API request. The headers represent the meta-data associated with your API request.
Authorization : {your_credentials} Content-Type : application/vnd.worldpay.verified-tokens-v1.hal+json Accept : application/vnd.worldpay.verified-tokens-v1.hal+json
| Header | Description |
|---|---|
Authorization | The Authorization header is used for authentication and identification of our merchants within Access Worldpay. You must use the Authorization header for any request you send to our Verified Tokens API. |
Content-Type | The Content-Type header is required if the request you're sending includes a request body, and if the HTTP method is a POST or a PUT. |
Accept | The Accept header is used to identify which version of our Verified Tokens API you are using. You must use the Accept header for any request you send to our Verified Tokens API. |
If you're using both the Content-Type and Accept headers, they must match.
Replace {your_credentials} with your base64-encoded Basic Auth username and password. To get your Access Worldpay credentials contact your Implementation Manager.
Next Steps
We have reviewed our API Principle approach and consider our resources stable and unlikely to change. This means you can skip querying the root resource for a quicker integration and POST directly to the API resource
If you do want to discover all available resources, you can expand the below section "Query the root resource" for further steps.
Query the root resource
Our APIs guide you by providing you with links to the next available actions.
To discover and start using our APIs you can query the root resource first. This returns the available resources within Access Worldpay.
Request
GET https://try.access.worldpay.com/
No request body is needed for this request.
Response
You receive all our available API resources in the response.
{ "_links": { "payments:authorize": { "href": "https://try.access.worldpay.com/payments/authorizations" }, "service:payments": { "href": "https://try.access.worldpay.com/payments" }, "service:sessions": { "href": "https://try.access.worldpay.com/sessions" }, "service:tokens": { "href": "https://try.access.worldpay.com/tokens" }, "service:verifications/accounts": { "href": "https://try.access.worldpay.com/verifications/accounts" }, "service:verifications/customers/3ds": { "href": "https://try.access.worldpay.com/verifications/customers/3ds" }, "service:verifiedTokens": { "href": "https://try.access.worldpay.com/verifiedTokens" }, "service:fraudsight": { "href": "https://try.access.worldpay.com/fraudsight" }, "service:exemptions": { "href": "https://try.access.worldpay.com/exemptions" }, "service:payouts": { "href": "https://try.access.worldpay.com/payouts" }, "service:payments/alternative/direct": { "href": "https://try.access.worldpay.com/payments/alternative/direct" }, "service:payments/alternative/action/paypal": { "href": "https://try.access.worldpay.com/payments/alternative/action/paypal" }, "service:payments/alternative/action/ideal": { "href": "https://try.access.worldpay.com/payments/alternative/action/ideal" }, "service:payouts/accounts": { "href": "https://try.access.worldpay.com/payouts/accounts" }, "service:payouts/events": { "href": "https://try.access.worldpay.com/payouts/events" }, "service:moneyTransfers": { "href": "https://try.access.worldpay.com/moneyTransfers" }, "service:foreignExchange": { "href": "https://try.access.worldpay.com/foreignExchange" }, "service:accounts/statements": { "href": "https://try.access.worldpay.com/accounts/statements" }, "service:accounts/balance": { "href": "https://try.access.worldpay.com/accounts/balance" }, "service:accounts/transfer": { "href": "https://try.access.worldpay.com/accounts/transfer" }, "curies": [ { "href": "https://try.access.worldpay.com/rels/payments/{rel}", "name": "payments", "templated": true } ] } }
Query the Verified Tokens root resource
Query the service:verifiedTokens resource which gives you links to your next available actions and resources for our Verified Tokens API.
The request
GET https://try.access.worldpay.com/verifiedTokens
No request body is needed for this request.
The response
{ "_links": { "verifiedTokens:cardOnFile": { "href": "https://try.access.worldpay.com/verifiedTokens/cardOnFile" }, "verifiedTokens:sessions": { "href": "https://try.access.worldpay.com/verifiedTokens/sessions" }, "resourceTree": { "href": "https://try.access.worldpay.com/rels/verifiedTokens/resourceTree.json" }, "curies": [{ "href": "https://try.access.worldpay.com/rels/verifiedTokens/{rel}.json", "name": "verifiedTokens", "templated": true }] } }
Resources
| Resources | Description |
|---|---|
verifiedTokens:cardOnFile | Create a Verified Token that you will use to take cardOnFile payments. cardOnFile payments are payments made by the cardholder using payment instrument details that have already been stored. |
verifiedTokens:sessions | Used by the [Access Checkout SDK]/products/access/checkout) to create a sessionState. |
DNS Whitelisting
Whitelist the following URLs:
https://try.access.worldpay.com/https://access.worldpay.com/
Please ensure you use DNS whitelisting not explicit IP whitelisting.
Link Caching
When you make a request within Access Worldpay, you should always cache the response returned.
Next steps