This article shows how to handle payment flows when implementing a Create Transaction
endpoint. For general information about this endpoint, see Processing Payments.
The Payment Provider Platform supports the following payment flows:
The following sections include examples of each payment flow. These examples are based on the Create Transaction
request body and the Submit Event
request body. The values in these examples are fake. Examples are applicable for both live
and sandbox
modes.
Card payments are payments made using a credit or debit card. In the simplest case, card payments are processed without additional buyer input. These payments are either instantly approved or declined, or are in a pending state for a short time while fraud verification is completed. In some cases, card payments require additional buyer input in the form of 3D Secure verification. In these cases, the PSP must treat the card payment as a redirection-based payment. See 3D Secure Payments for more information.
Here are some examples of instant card payments flows:
Wix calls Create Transaction
. The total amount for the payment and the credit card details are included in the request body as follows:
The PSP approves the payment and responds with an HTTP status code of 200
, and this JSON object:
The PSP sends this webhook to Submit Event
:
Wix marks the payment as approved and responds with an HTTP status code of 200
and an empty JSON object.
Note: In some cases of instant decline, a PSP may not create a transaction ID. In these cases, the PSP doesn't need to include a pluginTransactionId
field in the response in step 1 of this flow, or in the webhook in step 2.
Wix calls Create Transaction
. The remaining card limit isn't enough to cover the payment. The PSP responds with an HTTP status code of 200
, and the following JSON object:
The PSP sends this webhook to Submit Event
:
Wix marks the payment as declined and responds with an HTTP status code of 200
and an empty JSON object.
Wix calls Create Transaction
. The payment requires fraud verification. The PSP responds with an HTTP status code of 200
and this JSON object:
The PSP sends this webhook to Submit Event
:
Wix marks the payment as pending and responds with an HTTP status code of 200
, and an empty JSON object.
If the fraud verification passes, the PSP sends the following webhook to indicate a successful payment:
Wix marks the payment as approved and responds with an HTTP status code of 200
, and an empty JSON object.
If fraud verification fails, the PSP sends the following webhook:
Wix marks the payment as declined and responds with an HTTP status code of 200
and an empty JSON object.
The Payment Provider Platform supports payments from digital wallet services such as Google Pay. Digital wallet transaction requests are similar to credit card requests but include additional decrypted payment data. The platform will never send an encrypted digital wallet token such as a Google Pay token as part of a transaction request. Because of this, PSPs never need to contact merchants about these transactions. They should process these requests the same way they process credit card payments.
In some cases, digital wallet transactions require additional buyer input in the form of 3D Secure verification. In these cases, the PSP must treat the digital wallet payment as a redirection-based payment. See the examples below for more details.
Note: Currently, the platform only supports instant payment transactions for digital wallets. Recurring payments are not supported.
Here are some examples of sample flows for the digital wallet services currently supported by the platform:
Google Pay transaction requests include the decrypted payment details from a Google Pay transaction as well other relevant data. These requests never include Card Verification Values (CVV) since these are not supported by Google Pay.
Wix calls Create Transaction
. The total amount for the payment and the Google Pay payment details are included in the request body as follows:
The PSP approves the payment and responds with an HTTP status code of 200
, and this JSON object:
The PSP sends this webhook to Submit Event
:
Instant decline Google Pay payments are handled the same way as instant decline credit card payments.
Wix calls Create Transaction
. The total amount for the payment and the Google Pay payment details are included in the request body as follows:
The PSP responds with an HTTP status code of 200
, and this JSON object.
The object includes a redirectUrl
field, whose value is the URL of the PSP's web page where the buyer can complete 3DS verification.
Wix opens the redirectUrl
in an iframe or in a browser window for the buyer to complete verification.
If the verification succeeds, the PSP's page redirects the browser to the successUrl
sent in the Create Transaction
request. The PSP sends this webhook to Submit Event
:
If the verification fails, is canceled, or is pending the PSP's page must redirect to other URLs and send different webhooks, depending on the case. See Redirection-based payments for more details.
The Payment Provider Platform allows PSPs to support redirection-based payments. In these cases, buyers select a payment method, such as Paypal, during checkout. Wix then redirects the buyer to the PSP's web page to complete the payment. The PSP then redirects the buyer back to Wix. Wix supports a large number of payment methods. If the payment method you need isn't supported, you can implement a hosted-page payment flow. In this case, the buyer is redirected to a page hosted by the PSP where they can select a payment method.
Credit cards that require 3D Secure verification are also treated as redirection-based payments. See 3D Secure payments for more information.
Configure the redirection-based payment methods you support in your app's payment gateway extension in the Wix Developers Center.
Note: Hosted-page payment methods don't support 3D Secure verification or recurring payments.
Here is an example of a redirection-based payment flow:
Wix calls Create Transaction
.
If the payment method selected is supported by Wix, it's included as the value for the paymentMethod
field in the request body. For hosted-page payments, a string representing the PSP's Wix app ID is included. The request body also includes an order.returnUrls
field with the URLs of the pages to redirect the buyer to after handling the payment request. Here is a sample request body with the relevant fields highlighted:
The PSP responds with an HTTP status code of 200
, and this JSON object.
The object includes a redirectUrl
field, whose value is the URL of the PSP's web page where the buyer can complete the payment.
Wix opens the redirectUrl
in an iframe or in a browser window for the buyer to complete. There are 4 possible outcomes, depending on the buyer's actions. The PSP must respond to each outcome differently:
successUrl
sent in the Create Transaction
request. The PSP sends this webhook to Submit Event
:
errorUrl
sent in the Create Transaction
request. The PSP sends a webhook indicating why the payment failed. For example:
cancelUrl
sent in the Create Transaction
request. The PSP sends this webhook:
pendingUrl
sent in the Create Transaction
request. The PSP sends this webhook with a 5005
reason code:
In each case, Wix marks the payment appropriately and responds with an HTTP status code of 200
and an empty JSON object.
If the payment was pending, the PSP sends a webhook to update the payment as either approved or declined when it's finalized.
Payment approved request:
Payment declined request:
Wix marks the payment as approved or declined and responds with an HTTP status code of 200
and an empty JSON object.
Cards that support 3D Secure (3DS) verification require buyers to complete an additional verification step when making a payment. This verification step is completed on a web page hosted by the PSP. The flow for handling 3DS payments is similar to the flow for other redirection-based payments. The difference is that the value of paymentMethod
in the Create Transaction
request body is creditCard
. It's up to the PSP to determine if the card supports 3DS verification and send the appropriate redirect response.
Recurring payments (also known as subscription payments, automatic payments, or recurring billing) occur when buyers authorize a merchant to charge them repeatedly for goods or services on a prearranged schedule such as monthly, weekly, or annually. In these cases, Wix sends a request to the PSP to set up the recurring payment. The PSP responds with a unique identifier for the recurring payment. Wix uses this identifier to charge the buyer based on an agreed schedule.
The Payment Provider Platform supports these unique identifiers for recurring payments:
The payment processing flow for recurring payments includes these phases:
Here are examples of each phase:
Create Transaction
with a request to set up a recurring payment.setupCredentialsOnFile
field whose value is an object with a field called offSession
whose value is true
. This flag indicates that Wix is requesting that the PSP set up a recurring payment, not process a one-time payment.
Here is a sample request body with the relevant fields highlighted:
200
, and a JSON object that includes a credentialsOnFile
field. The value of this field depends on the type of recurring payment identifier the PSP supports.
Note: If 3DS verification occurs, the PSP must include the dsTransactionId
field in the cardReference
object. This field's value is the ID of the 3DS verification transaction.
For tokens, the response looks like this:
Submit Event
to confirm the recurring payment setup request.
200
, and an empty JSON object.Wix calls Create Transaction
with a request to charge a recurring payment.
This request's paymentMethod
field has a value of creditCard
. The request also includes a field called offSession
whose value is true
. This flag indicates that Wix is requesting that the PSP charge a recurring payment. The request's paymentMethodData
field includes different data depending on the type of recurring payment identifier the PSP sent to Wix when the recurring payment was set up.
For network ID payments:
For token payments:
The PSP processes the payment and responds with an HTTP status code of 200
, and this JSON object:
The PSP sends this webhook to Submit Event
:
A mail order/telephone order (MOTO) payment is a card-not-present transaction where a buyer provides a merchant with their order and payment details by regular mail, fax, or telephone. Once the order details are recorded in the Wix dashboard, Wix sends a request to the PSP to process the payment. This request is the same a standard credit card request, except it includes a field called moto
whose value is true
. The flow for processing this request is the same as for regular card payments.
Wix calls Create Transaction
. The total amount for the payment and the Card reader payment details are included in the request body as follows:
The PSP makes the card reader identified by terminalId to wait for a card and responds with an HTTP status code of 200
and this JSON object. The redirectUrl points to a page with payment instructions reflecting the current state of the payment.
Once transaction is done, PSP sends webhook to Submit Event
: