Spreedly Update

Spreedly is adding Enhanced Security around their payment method tokenisation. This API endpoint supports this functionality by providing the metadata that the integrator needs to pass to Spreedly.

Topics

• Spreedly Update
  • Endpoints
    • Get Spreedly iFrame Params
  • Errors

Endpoints

Get Spreedly iFrame Params

GET payment/spreedlyIframeParams.json

Obtains parameters required to support Spreedly Authenticated Tokenization. This API call should be made before any and every Spreedly tokenization and its values should not be retained or reused.

This is not needed when using a previously retained SavedSpreedlyTokenPaymentMethod – only when tokenizing a payment for one-time use, or when creating a new saved token. The values returned from this endpoint should be piped directly into Spreedly as documented.

The following authentication methods are allowed for this endpoint:

• B2B authentication
• OAuth authentication
• Anonymous authentication

Query Parameters:  

• merchantId (Integer) – (required) Paytronix-assigned merchant ID to perform the operation in.

"result": "success"

JSON Parameters:  

• result (String) – (required) success
• certificateToken (String) – (required) Token associated with Spreedly certificate used to generate signature
• environmentKey (String) – (required) Spreedly environment key
• nonce (String) – (required) Unique value used to generate signature
• signature (String) – (required) Signature generated by Paytronix for Spreedly tokenization
• timestamp (String) – (required) Timestamp used to generate signature

"result": "failure"

JSON Parameters:  

• result (String) – (required) failure
• errorCode (String) – (required) The error code of the failure.
• errorMessage (String) – (required) The (human readable) error message of the failure.

Paytronix may enable or disable enhanced security for tokenization in our sandbox environments before the deprecation date for testing purposes. When not enabled, Spreedly will ignore these additional fields sent during tokenization (ie. Spreedly will not throw an error unless enhanced security is turned on).

Errors

When attempting to tokenize payment with Spreedly and the following error is returned, it means that the enhanced security has not been correctly implemented and/or the values passed in are invalid.

Note that this is a Spreedly error and is subject to change. See Spreedly Response Codes for details.

Spreedly Error:

{"errors": [
     {
         "key": "errors.invalid_enhanced_authentication_params",
         "message": "Missing or invalid required parameters for enhanced iframe security."
     }
 ]}