This section describes the classic integration with the Adyen payments platform. To know more about a newer integration, refer to the Checkout documentation instead.
Local payment methods
If you want to learn how to accept local payment methods, see Directory Lookup.
Before you begin
- Create a test account as described in the Getting started tutorial.
- Get your API key or basic authentication credentials. Save a copy as you'll need it for API calls you make to the Adyen payments platform.
- Get the Library location from the Customer Area. This is a unique URL for you to retrieve the CSE library hosted by Adyen.
Your card payments go through many stages. The diagram below helps you understand the flow:
If you are integrating the Adyen payments platform with a third-party system, we strongly recommend you follow defensive programming best practices.
Start by creating a payment form integrated with the Client-Side Encryption (CSE) library, which you can retrieve using the unique URL provided to you by Adyen.
Ensure that your payment form includes the mandatory fields. To test the given code example, replace [payment request handler] with your payment handler URL of your server.
You must encrypt card input fields by annotating them with the
data-encrypted-name attribute. Do not use the
This ensures that the call does not send unencrypted card data to your server.
generationtime field is used to include a server-side timestamp in the data you submit the form. It determines whether a payment request is valid or not. Adyen refuses the transactions sent later than 24 hours from the timestamp. This value must be obtained on the server-side as the client’s system clock may not be correctly synchronized which can cause the payment transaction to fail.
- Format: ISO 8601; YYYY-MM-DDThh:mm:ss.sssTZD
- Example: 2017-07-17T13:42:40.428+01:00
Prevent payment form reload
For example, you can:
- Pass an additional options parameter in the
- Change the name of the encrypted data container. Its default name is
- Submit the form using AJAX instead of the default submit action, as shown in this example:
From your server, make an HTTP POST request to the
To test the payment request, use one of our test credit cards.
reference, and the payment
amount. The amount's value is in minor units, e.g. 20000 is 200 euros. You can find the number of decimal points per currency in Currency codes.
additionalData object in the payment authorisation request needs to include
card.encrypted.json, which you should set to the
adyen.encrypted.data value. This value contains encrypted information about the shopper's credit card, as well as the timestamp:
- Card holder
- Card number
- Expiry date
- Generation time
To know more about the required fields, see PaymentRequest.
If the message passes validation, Adyen performs a risk analysis. Depending on the outcome, we attempt authorisation, and you receive a payment response. The response includes a PSP reference that uniquely identifies each payment and can be used later for capture, cancel, or refund.
For other possible response codes and fields of the payment response, refer to PaymentResult.
Capture a payment
Capture approved authorisation when it's necessary to complete the payment.
Set up notifications
Receive confirmation when a payment is authorised or fails.
Before going live, fill out the SAQ-A form and Adyen will add the Client-Side Encryption (CSE) role to your web service user.