Last Updated: 28 February 2024 | Change Log

Get started with our Verified Tokens API

Make yourself familiar with our API Principles to ensure a resilient integration.


Set your headers

Setting your headers is an important part of an API request. The headers represent the meta-data associated with your API request.

Authorization : {your_credentials}
Content-Type : application/vnd.worldpay.verified-tokens-v1.hal+json
Accept : application/vnd.worldpay.verified-tokens-v1.hal+json
HeaderDescription
AuthorizationThe Authorization header is used for authentication and identification of our merchants within Access Worldpay. You must use the Authorization header for any request you send to our Verified Tokens API.
Content-TypeThe Content-Type header is required if the request you're sending includes a request body, and if the HTTP method is a POST or a PUT.
AcceptThe Accept header is used to identify which version of our Verified Tokens API you are using. You must use the Accept header for any request you send to our Verified Tokens API.

If you're using both the Content-Type and Accept headers, they must match.

Note

Replace {your_credentials} with your base64-encoded Basic Auth username and password. To get your Access Worldpay credentials contact your Implementation Manager.

Next Steps

We have reviewed our API Principle approach and consider our resources stable and unlikely to change. This means you can skip querying the root resource for a quicker integration and POST directly to the API resource

If you do want to discover all available resources, you can expand the below section "Query the root resource" for further steps.

Query the root resource

Our APIs guide you by providing you with links to the next available actions.

To discover and start using our APIs you can query the root resource first. This returns the available resources within Access Worldpay.

Request

GET https://try.access.worldpay.com/

Note

No request body is needed for this request.

Response

You receive all our available API resources in the response.

{
  "_links": {
    "payments:authorize": {
      "href": "https://try.access.worldpay.com/payments/authorizations"
    },
    "service:payments": {
      "href": "https://try.access.worldpay.com/payments"
    },
    "service:sessions": {
      "href": "https://try.access.worldpay.com/sessions"
    },
    "service:tokens": {
      "href": "https://try.access.worldpay.com/tokens"
    },
    "service:verifications/accounts": {
      "href": "https://try.access.worldpay.com/verifications/accounts"
    },
    "service:verifications/customers/3ds": {
      "href": "https://try.access.worldpay.com/verifications/customers/3ds"
    },
    "service:verifiedTokens": {
      "href": "https://try.access.worldpay.com/verifiedTokens"
    },
    "service:fraudsight": {
      "href": "https://try.access.worldpay.com/fraudsight"
    },
    "service:exemptions": {
      "href": "https://try.access.worldpay.com/exemptions"
    },
    "service:payouts": {
      "href": "https://try.access.worldpay.com/payouts"
    },
    "service:payments/alternative/direct": {
      "href": "https://try.access.worldpay.com/payments/alternative/direct"
    },
    "service:payments/alternative/action/paypal": {
      "href": "https://try.access.worldpay.com/payments/alternative/action/paypal"
    },
    "service:payments/alternative/action/ideal": {
      "href": "https://try.access.worldpay.com/payments/alternative/action/ideal"
    },
    "service:payouts/accounts": {
      "href": "https://try.access.worldpay.com/payouts/accounts"
    },
    "service:payouts/events": {
      "href": "https://try.access.worldpay.com/payouts/events"
    },
    "service:moneyTransfers": {
      "href": "https://try.access.worldpay.com/moneyTransfers"
    },
    "service:foreignExchange": {
      "href": "https://try.access.worldpay.com/foreignExchange"
    },
    "service:accounts/statements": {
      "href": "https://try.access.worldpay.com/accounts/statements"
    },
    "service:accounts/balance": {
      "href": "https://try.access.worldpay.com/accounts/balance"
    },
    "service:accounts/transfer": {
      "href": "https://try.access.worldpay.com/accounts/transfer"
    },
    "curies": [
      {
        "href": "https://try.access.worldpay.com/rels/payments/{rel}",
        "name": "payments",
        "templated": true
      }
    ]
  }
}

Query the Verified Tokens root resource

Query the service:verifiedTokens resource which gives you links to your next available actions and resources for our Verified Tokens API.

The request

GET https://try.access.worldpay.com/verifiedTokens

Note

No request body is needed for this request.

The response

{
    "_links": {
        "verifiedTokens:cardOnFile": {
            "href": "https://try.access.worldpay.com/verifiedTokens/cardOnFile"
        },
        "verifiedTokens:sessions": {
            "href": "https://try.access.worldpay.com/verifiedTokens/sessions"
        },
        "resourceTree": {
            "href": "https://try.access.worldpay.com/rels/verifiedTokens/resourceTree.json"
        },
        "curies": [{
            "href": "https://try.access.worldpay.com/rels/verifiedTokens/{rel}.json",
            "name": "verifiedTokens",
            "templated": true
        }]
    }
}

Resources

ResourcesDescription
verifiedTokens:cardOnFileCreate a Verified Token that you will use to take cardOnFile payments. cardOnFile payments are payments made by the cardholder using payment instrument details that have already been stored.
verifiedTokens:sessionsUsed by the [Access Checkout SDK]/products/access/checkout) to create a sessionState.

DNS Whitelisting

Whitelist the following URLs:

  • https://try.access.worldpay.com/
  • https://access.worldpay.com/

Please ensure you use DNS whitelisting not explicit IP whitelisting.

Note

When you make a request within Access Worldpay, you should always cache the response returned.

Next steps


Create a verified token