Introduction
This feature is in the Feature Preview stage, which means that it is available for experimentation and feedback. However, it is still undergoing development and is subject to modifications.
A stored payment method is a payment method that can be used later by customers without providing all payment details. Saleor has synchronous webhooks that allow delegating the stored payment methods management to payment apps.
Key concepts
The HANDLE_PAYMENTS permission is required for the App to receive store payment method webhooks.
The usage of the webhook is strictly related to the usage of stored payment method. You can find more details about it in the Stored Payment Methods.
This feature is dedicated to third-party apps.
List stored payment methods
LIST_STORED_PAYMENT_METHODS
This feature was introduced in Saleor 3.15.
A synchronous webhook is called when the user wants to fetch stored payment methods. Triggered when a customer requested a field User.storedPaymentMethod, checkout.storedPaymentMethods.
The webhook expects to return a list of payment methods that are assigned to the customer. The payment methods from the webhook response will be returned as a response for User.storedPaymentMethod, checkout.storedPaymentMethods fields.
To reduce the number of HTTP requests triggered to the payment app, the response is cached on Saleor side. Saleor will trigger a new request when the cache expires or becomes invalid.
Request
Saleor will send a LIST_STORED_PAYMENT_METHODS webhook by using the ListStoredPaymentMethods subscription type or with a pre-defined payload in case of a missing subscription query.
You can find more details about building webhook subscription query here.
The example below shows a sample webhook subscription defined to list stored payment methods:
subscription {
event {
... on ListStoredPaymentMethods {
user {
id
}
channel {
id
}
}
}
}
The example below shows the pre-defined payload that will be used in the case when a subscription query is not provided:
{
"user_id": "VXNlcjoyOA==",
"channel_slug": "main"
}
Response
The app needs to return a list of stored payment methods that can be used by customer.
The response in this case should have the following structure:
{
"paymentMethods": [
{
"id": "<ID of stored payment method>",
"supportedPaymentFlows": "<list of supported flows that can be performed with this payment method>",
"type": "<type of the payment method. For example: Credit Card>",
// "creditCardInfo": [Optional] credit card information if the payment method is a credit card.
"creditCardInfo": {
"brand": "<credit card brand>",
"lastDigits": "<last digits>",
"expMonth": "<expiration month>",
"expYear": "<expiration year>",
"firstDigits": "<[Optional] first digits>"
},
"name": "<[Optional] name of the payment method. For example: last 4 digits of credit card, obfuscated email>",
"data": "<[Optional] JSON data that will be returned to client>"
}
]
}
Below are the possible supportedPaymentFlows values and their explanations:
INTERACTIVE- When the user needs to be present to prove the ownership of the payment method (instead of, for example, a subscription-based payment which does not require user interaction).
There is no default payment flow. If the supportedPaymentFlows list is empty, the payment method will not be returned.
Delete stored payment method requested
STORED_PAYMENT_METHOD_DELETE_REQUESTED
This feature was introduced in Saleor 3.16.
A synchronous webhook STORED_PAYMENT_METHOD_DELETE_REQUESTED is called when the user requests the deletion of the stored payment method. User can request the deletion of the stored payment method by triggering the mutation storedPaymentMethodRequestDelete. More details about the flow can be found here.
Request
The example below shows a sample webhook subscription defined for STORED_PAYMENT_METHOD_DELETE_REQUESTED webhook:
subscription {
event {
... on StoredPaymentMethodDeleteRequested {
user {
id
}
paymentMethodId
channel {
currencyCode
}
}
}
}
The example below shows the pre-defined payload that will be used in the case when a subscription query is not provided:
{
"payment_method_id": "payment-method-id",
"user_id": "VXNlcjoyOA==",
"channel_slug": "main"
}
Response
The app needs to return the status of the requested deletion.
The response in this case should have the following structure:
- Response that reports successful delete action
{
"result": "SUCCESSFULLY_DELETED"
}
- Response that reports failure to delete action
{
"result": "FAILED_TO_DELETE",
"error": "Error message that will be passed to the frontend."
}
The result field is an enum value of StoredPaymentMethodRequestDeleteResult.
In case of returning failure result, the error message will be attached
to the error returned by storedPaymentMethodRequestDelete mutation.
Initialize payment gateway session
PAYMENT_GATEWAY_INITIALIZE_TOKENIZATION_SESSION
This feature was introduced in Saleor 3.16.
The synchronous PAYMENT_GATEWAY_INITIALIZE_TOKENIZATION_SESSION webhook is triggered when a customer requests the initialization of the payment gateway to tokenize a payment method. This webhook is activated by executing the paymentGatewayInitializeTokenization mutation.
The webhook payload includes details about the customer, channel, and data. The data field contains the JSON data provided as input in the paymentGatewayInitializeTokenization mutation.
The response must adhere to the expected format and will be returned within the paymentGatewayInitializeTokenization mutation.
Request
Saleor will send a PAYMENT_GATEWAY_INITIALIZE_TOKENIZATION_SESSION webhook using the PaymentGatewayInitializeTokenizationSession subscription type or with a predefined payload in case of a missing subscription query.
For more details on building webhook subscription queries, refer to this documentation.
The example below demonstrates a sample webhook subscription defined to handle the initialization of the payment gateway for tokenizing a payment method:
subscription {
event {
... on PaymentGatewayInitializeTokenizationSession {
user {
id
}
channel {
id
}
data
}
}
}
The following example illustrates the predefined payload that will be used if a subscription query is not provided:
{
"user_id": "VXNlcjoyOA==",
"channel_slug": "main",
"data": { "data": "from-input" }
}
Response
The application should return the status of the initialization and optionally data required to finalize the initialization on the client side.
- Response indicating successful initialization:
{
"result": "SUCCESSFULLY_INITIALIZED",
"data": { "data": "additional-data" }
}
- Response indicating failed initialization:
{
"result": "FAILED_TO_INITIALIZE",
"error": "Error message that will be passed to the frontend."
}
The result field is an enum value of PaymentGatewayInitializeTokenizationResultEnum. In the event of returning a failure result, the errors message will be attached to the error returned by the paymentGatewayInitializeTokenization mutation.
Initialize payment method tokenization
PAYMENT_METHOD_INITIALIZE_TOKENIZATION_SESSION
This feature was introduced in Saleor 3.16.
The synchronous PAYMENT_METHOD_INITIALIZE_TOKENIZATION_SESSION webhook is triggered when a customer requests the tokenization of a payment method. This webhook is activated by executing the paymentMethodInitializeTokenization mutation.
The webhook payload includes details about the customer, channel, and data. The data field contains the JSON data provided as input in the paymentMethodInitializeTokenization mutation.
The response must conform to the expected format and will be returned within the paymentMethodInitializeTokenization mutation.
Request
Saleor will send a PAYMENT_METHOD_INITIALIZE_TOKENIZATION_SESSION webhook using the PaymentMethodInitializeTokenizationSession subscription type or with a predefined payload in case of a missing subscription query.
For detailed information on building webhook subscription queries, please refer to this documentation.
The following example demonstrates a sample webhook subscription defined to handle the tokenization of a payment method:
subscription {
event {
... on PaymentMethodInitializeTokenizationSession {
paymentFlowToSupport
user {
id
}
channel {
id
}
data
}
}
}
The next example illustrates the predefined payload that will be used if a subscription query is not provided:
{
"user_id": "VXNlcjoyOA==",
"channel_slug": "main",
"data": { "data": "from-input" },
"payment_flow_to_support": "interactive"
}
Response
- A response indicating successful tokenization should include the
result, theidof the stored payment method, and optionallydatato be passed to the client:
{
"result": "SUCCESSFULLY_TOKENIZED",
"id": "payment-method-id",
"data": { "data": "additional-data" }
}
- A response indicating a required additional action should contain the expected
result, theid, and optionallydata:
{
"result": "ADDITIONAL_ACTION_REQUIRED",
"id": "id",
"data": { "data": "additional-data" }
}
- A response indicating a pending tokenization:
{
"result": "PENDING",
"data": { "data": "additional-data" }
}
- A response indicating a failed tokenization:
{
"result": "FAILED_TO_TOKENIZE",
"error": "Error message that will be passed to the frontend."
}
The result field is an enum value of PaymentMethodTokenizationResultEnum. In case of a failure result, the error message will be attached to the error returned by the paymentMethodInitializeTokenization mutation.
Process additional actions for payment method tokenization
PAYMENT_METHOD_PROCESS_TOKENIZATION_SESSION
This feature was introduced in Saleor 3.16.
The synchronous PAYMENT_METHOD_PROCESS_TOKENIZATION_SESSION webhook is triggered when a customer requests to process additional actions required for tokenizing the payment method. This webhook is activated by executing the paymentMethodProcessTokenization mutation.
The webhook payload includes details about the customer, channel, and [data]. The data field contains the JSON data provided as input in the paymentMethodProcessTokenization mutation.
The response must adhere to the expected format and will be returned within the paymentMethodProcessTokenization mutation.
Request
Saleor will send a PAYMENT_METHOD_PROCESS_TOKENIZATION_SESSION webhook using the PaymentMethodProcessTokenizationSession subscription type or with a predefined payload in case of a missing subscription query.
For detailed information on building webhook subscription queries, please refer to this documentation.
The following example demonstrates a sample webhook subscription defined to handle the tokenization of a payment method:
subscription {
event {
... on PaymentMethodProcessTokenizationSession {
id
user {
id
}
channel {
id
}
data
}
}
}
The next example illustrates the predefined payload that will be used if a subscription query is not provided:
{
"user_id": "VXNlcjoyOA==",
"channel_slug": "main",
"data": { "data": "from-input" }
}
Response
- A response indicating successful tokenization should include the
result, theidof the stored payment method, and optionallydatato be passed to the client:
{
"result": "SUCCESSFULLY_TOKENIZED",
"id": "payment-method-id",
"data": { "data": "additional-data" }
}
- A response indicating a required additional action should contain the expected
result, anid, and optionaldata:
{
"result": "ADDITIONAL_ACTION_REQUIRED",
"id": "payment-method-id",
"data": { "data": "additional-data" }
}
- A response indicating a pending tokenization:
{
"result": "PENDING",
"data": { "data": "additional-data" }
}
- A response indicating a failed tokenization:
{
"result": "FAILED_TO_TOKENIZE",
"error": "Error message that will be passed to the frontend."
}
The result field is an enum value of PaymentMethodTokenizationResultEnum. In case of a failure result, the error message will be attached to the error returned by the paymentMethodProcessTokenization mutation.