Get set up with Secure Fields to vault and process
cards.

Introduction

Secure Fields

mattilda Pay

Grow your payment capabilities with code.

Overview

How scalable payments flow

A list of best practices for integrating Gr4vy into your checkout.

Best practice

Get Started

Cloud Vault

Access your Cloud Vault environments via the API

API access

Access the Cloud Vault API

Capture and securely vault card data with Secure Fields

Capture card data

Vault card data with Secure Fields

Securely forward a vaulted card to any third-party PCI compliant endpoint.

Forward vaulted data

Forward vaulted cards to any PCI endpoint

Securely convert a vaulted card into a token for any PSP

Provision PSP tokens

Provision PSP tokens for a vaulted card

Securely convert a vaulted card into a network token for use with any PSP

Provision network tokens

Provision network tokens for a vaulted card

Keep vaulted card data up-to-date with our built-in account updater.

Account updater

Keep vaulted card data up-to-date

vault

Client errors

Client-side errors (4XX)

Server errors

Server-side errors (5XX)

List 4XX errors

square-terminal

API Reference

Connections

About mattilda Pay

Events

Embed events

Locales

Embed localization

Theming

Embed Theming

Options

Embed options

In-app browsers

In-app browsers with Embed

Use Secure Fields to collect the CVV for cards previously stored.

Stored cards

Secure Fields with stored cards

Each field can be customized to match your brand using the `styles` property
when adding the field.

Secure Fields Theming

Secure Fields events

Secure Fields and 3DS

Vault token import

Import file

Token import file creation

Upload tokens

Token import file upload

Buyers & payment methods

Creating buyers & payment methods on import

Vault Forwarding

Enable endpoint

Enable a Vault Forwarding endpoint

Forward to endpoint

Forward card data to API endpoint

Generate and schedule transactions via the dashboard.

Reports

The specification of a report as defined by the API.

Report specification

Learn how to create a report via the dashboard.

How to create a report

3-D Secure

Setup

Setup 3-D Secure

Embed

3-D Secure in Embed

Hosted via API

Hosted 3-D Secure

External 3DS server

External 3-D Secure server

Testing

3-D Secure Testing

Using scheme tokens with payment orchestration

Network tokens

How to use scheme tokens with or without payment orchestration

Implementation

Network token implementation

Managing the full lifecycle of network tokens

Lifecycle

Network token lifecycle management

Network Token Testing

Common scenarios

In Embed

Recurring transactions with Embed

Open or Closed-loop

Open-loop versus closed-loop

Recurring payments with network tokens

Webhooks

Payload

Webhook events

Technical considerations

API authentication basics and best practices.

Authentication

Sandbox and Production environments within an instance.

Environments

Best practices on handling errors and other exceptions.

Errors

Error handling

Best practices on handling retries in an idempotent way.

Idempotent Requests

Best practices on handling the original IP address for a transaction.

IP Address Forwarding

Best practices on handling pagination in the API.

Pagination

Lists all transactions for an account. Sorted by last updated at.

List transactions

Attempts to create an authorization for a payment method. In some cases it is
not possible to create the authorization without redirecting the user for
their authorization. In these cases the status is set to
indicate buyer approval is pending and an approval URL is returned.

Duplicated gift card numbers are not supported. This includes both stored gift
cards, as well as those directly provided via the request.


New transaction

Get transaction

Captures a previously authorized transaction.

Capture transaction

Voids a transaction.

If the transaction was not yet successfully authorized, or was already
captured, the void will not be processed. Captured transactions can be
refunded instead.

Voiding zero-amount authorized transactions is not supported.

Once voided, the status of the transaction will be either `authorization_voided`,
`authorization_void_pending`, or if the void fails the original status will remain.

Void transaction

Get a list of events related to processing a transaction.

List events for transaction

List buyers

Adds a buyer, allowing for payment methods and transactions to be associated
to this buyer.


New buyer

Get buyer

Update buyer

Deletes a buyer record. Any associated stored payment methods will remain
in the system but no longer associated to the buyer.

Delete buyer

New checkout session

Gets details about a current Checkout Session.

Get checkout session

Update checkout session

Delete checkout session

Updates the Secure Fields of the Checkout Session.

Update fields for checkout session

Returns a list of available payment method options for the combination of
amount, currency, country and metadata.

If the amount is zero, payment options which do not support zero amounts,
will be omitted in the response.

Checkout flow rules are used to limit these result.

List payment options

Returns a list of available payment method options for the combination of
amount, currency, country, metadata and list of cart items.

If the amount is zero, payment options which do not support zero amounts,
will be omitted in the response.

Checkout flow rules are used to limit these result.

List payment options with POST

Lists all refunds associated with a certain transaction.

List refunds

Refunds a transaction, fully or partially.

If the transaction was not yet successfully captured, the
refund will not be processed. Authorized transactions can be
voided instead.

Refund transaction

Refunds a transaction fully across all instruments.

Refund all instruments

Refund all instruments in a transaction

Gets information about a refund associated with a certain transaction.

Get refund

Returns a list of all available card scheme definitions.

List card scheme definitions

Returns a list of stored payment methods for a buyer in a summarized format.
Only payment methods that are compatible with at least one active payment
service in that region are shown.

List payment methods for buyer

Returns a list of stored payment methods.

List payment methods

Stores and vaults a new payment method.

Vaulting a card only stores its information but doesn't validate it against any
PSP, so ephemeral data like the security code, often referred to as the CVV or
CVD, won't be used. In order to validate the card data, a CIT (Customer Initiated
Transaction) must be done, even if it's a zero-value one.


New payment method

Gets the details for a stored payment method.

Get payment method

Delete payment method

Returns a list of all available payment method definitions.

List payment method definitions

Creates an Account Updater job.

A request is submitted to a third-party service, containing inquiries for a given
set of payment methods. The job is not processed right away, but once created, it
will store new card details automatically, if there are, when results are ready.

A payment method is considered for the job if the following conditions are met:
* It exists.
* It's in a valid state: `status` is either `succeeded` or `processing`.
* It corresponds to a card: `method` is `card`.
* Its scheme is supported: `scheme` is `amex`, `discover`, `mastercard` or `visa`.
* It doesn't have an in-progress inquiry already.

The endpoint works in a best-efforts basis and it doesn't return any error when a payment
method doesn't qualify for an inquiry. To determine what payment methods were considered
for the job, an `inquiries` field, returned in the response body, contains the submitted
inquiries. If none of the payment methods qualified for an inquiry, the job is not created
and a `204 No Content` status code is returned.

Create a job

Create Account Updater job

Get stored network tokens for the given payment method.

Get network tokens

Provision a network token for a stored card.


Provision network token

Issue a cryptogram for a stored network token of a stored card.
The endpoint is disabled by default, please contact our team for more information on enablement.


Issue cryptogram

Suspend network token

Resume network token

Delete network token

Get all payment service tokens for a given payment method and payment service.

Get payment service tokens

Tokenize stored card against a payment service.


Provision payment service token

Deletes a specific payment service token.

Delete payment service token

Forward an API call to a PCI endpoint. The request body is evaluated and any template fields are replaced by the card data before the request is sent to the given destination.

Forward PCI data

List reports

Retrieves the details of a single report.

Get report

New report

Updates a report. This is mostly used with scheduled reports.

Update report

Returns a list of executions belonging to any report.

List all report executions

Returns a list of executions for a report. For a
one-off report there will only be one, where for scheduled ones
there may be more.

Getting Started

Payments

Cloud Vault

Dashboard

Features

API

Secure Fields