Till.js allows you to securely collect card data from shopper and initiate provisioning
of an omni token in the Token Vault.
To better understand omni tokens for eCommerce and inStore, please read
Tokenization Guide.
To use network tokens issued by the card networks for your payments,
please be informed that an enhanced integration will be made available.
The merchant collects card data from shopper via widget and initiates omni tokenization along an account verification (zero amount auth) or initial purchase.
An omni token is synchronously provisioned and returned to the merchant once the payment is complete. The omni token can then be used in subsequent payments.
There are two ways to store the raw card details during a payment checkout:
Merchant-determined tokenization (see below).
Add createOmniToken=true in the checkout request.
Shopper-determined
tokenization. Add a checkbox to the Till.js form to let the customer decide whether
or not to store the raw card details.
Find out if the payment and omni token were successful.
Transactions:
1. Prepare the checkout
Perform a server-to-server POST request to prepare the checkout with the required payment and customer data, including the order type,
amount and currency. The response to a successful request is an id required in the second step to create the payment form.
The merchant collects card data from shopper via widget and initiates omni tokenization. No payment request/flow involved.
An omni token is synchronously provisioned and returned back to the merchant. The omni token can then be used in subsequent payments.
Perform a server-to-server POST request to prepare the checkout with the required customer data, including createOmniToken=true
but excluding paymentType. The response to a successful request is an id required in the second step to create the tokenization form.
Sample request:
Language:
curl
c#
groovy
java
node.js
php
python
ruby
scala
vb.net
playground
curl https://test.tillpayments.io/v1/checkouts \ -d "entityId=Configuration not ready. Please reset in Administration > OPP > Developer Portal." \ -d "testMode=EXTERNAL" \ -d "createOmniToken=true" \ -d "integrity=true" \ -H "Authorization: Bearer OGE4Mjk0MTg0ZTU0MmE1YzAxNGU2OTFkMzQwNzA4Y2N8MmdtWkhBZVNXSw=="
Perform a server-to-server POST request over the omni token retrieved in the previous step.
Alternatively, use one-click checkout to authorize the payment with a
selected stored omni token. Before proceeding with the payment based on the omniToken, a detokenization occurs to ensure the necessary card
details are available for the transaction.
Speed up of the checkout process by re-using the raw card data a shopper entered previously. A shopper returns on the
merchant’s website (card is already omni tokenized). An unscheduled one-click purchase with one of the saved omni tokens is performed.
A cardholder initiated (CIT) payment is authorized with the real card data as retrieved from the Token Vault for the omni token.
Perform a server-to-server POST request to prepare the checkout with the required payment data, including the omni token IDs.
The stored card on files should be sent in the omniToken[n].id parameter, where n is a sequence number from zero, incrementing for
each of the customer's omni token IDs. The response to a successful request is an id required in the second step to
create the one-click payment form.
When Till.js builds the payment form to display stored cards, the system performs a separate detokenization
request for each stored card or omniToken via the Token Vault. This happens before the shopper selects a card, and is used
to retrieve non-sensitive details such as:
Last four digits of the card number
Expiry date
Cardholder name (if available)
These detokenization requests are not recorded as transactions in the system—they are purely for display purposes.
Once the shopper selects a stored card to complete the payment, a detokenization transaction is created and logged
in the system with the DT paymentType, reflecting the actual use of the token for payment.
