--- title: "Tokenization" description: "Store and use stored payment details with our tokenization feature with Drop-in." url: "https://docs.adyen.com/standard/integration/drop-in/tokenization" source_url: "https://docs.adyen.com/standard/integration/drop-in/tokenization.md" canonical: "https://docs.adyen.com/standard/integration/drop-in/tokenization" last_modified: "2026-06-11T16:00:17+02:00" language: "en" --- # Tokenization Store and use stored payment details with our tokenization feature with Drop-in. [View source](/standard/integration/drop-in/tokenization.md) You can store your shoppers' payment details so that they can pay without entering their payment details again. Storing payment details creates an associated token that can be used for subsequent payments. Because the payment session contains all the information needed to securely create and pay with tokens, Drop-in handles the sensitive payment data for you. This minimizes your [PCI DSS](/development-resources/pci-dss-compliance-guide/) scope and qualifies you for the simplest form of PCI validation [(SAQ A)](/development-resources/pci-dss-compliance-guide/saq-a-eligibility/). You can: * [**Store payment details** ](#store-payment-details): Create a token when the shopper makes a payment, or with a [zero-value authorization](/get-started-with-adyen/adyen-glossary/#zero-value-auth) to verify payment details without collecting a payment. * [**Make a one-click payment** ](#make-a-one-click-payment): Use the token for shopper-initiated payments where the returning shopper uses their stored payment details for a faster checkout. ## Requirements Before you begin, take into account the following requirements, limitations, and preparations. | Requirement | Description | | ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | **Integration type** | A [standard integration](/standard/integration). | | **API credential roles** | Make sure that you have the following roles:- **Checkout webservice role** - **Merchant Recurring role** | | **Webhooks** | Subscribe to the [**Recurring tokens life cycle events** webhook type](/development-resources/webhooks/webhook-types/#other-webhooks). | | **Setup steps** | Before you begin:- [Add the payment methods](/payment-methods/add-payment-methods) that [support recurring payments](/payment-methods/?features%5B0%5D=recurring). | ## How it works The following diagrams show the flow for storing payment details and making a one-click payment. Storing payment details: 1. The shopper proceeds to checkout on your website. 2. Your server creates a payment session with additional tokenization parameters. Adyen returns session data. 3. Your client website creates an instance of `AdyenCheckout` and initializes Drop-in with the session data. 4. The shopper selects their payment method, selects the checkbox to store their payment details, and submits their payment. Drop-in handles the payment flow. 5. Adyen authorizes the payment and creates a token for the shopper's payment details. 6. Your webhook server receives a webhook message with the token associated with the shopper's stored payment details. 7. You store the token and the shopper reference in your database. ```mermaid sequenceDiagram participant Shopper participant Client as Your client website participant Server as Your payment server participant Adyen participant Webhook as Your webhook server Shopper->>Client: 1. Go to checkout page Client->>Server: Trigger request for payment session Server->>Adyen: 2. Create payment session with tokenization parameters (POST /sessions) Adyen-->>Server: Session data Server->>Client: Pass session data Client->>Client: 3. Create instance of AdyenCheckout and initialize Drop-in Client->>Shopper: Show payment UI Shopper->>Client: 4. Select payment method, consent to store details, and submit payment Client->>Adyen: Drop-in handles the payment flow Adyen->>Adyen: 5. Authorize payment and create token Adyen->>Webhook: 6. Webhook message with token (recurringTokenCreated) Webhook->>Webhook: 7. Store token and shopper reference ``` Making a one-click payment: 1. The shopper proceeds to checkout on your website. 2. Your server creates a payment session with additional tokenization parameters. Adyen returns session data. 3. Your client website creates an instance of `AdyenCheckout` and initializes Drop-in with the session data. 4. The shopper selects their stored payment method and submits the payment. Drop-in handles the payment flow. 5. Your webhook server receives a webhook message with the outcome of the payment. ```mermaid sequenceDiagram participant Shopper participant Client as Your client website participant Server as Your payment server participant Adyen participant Webhook as Your webhook server Shopper->>Client: 1. Go to checkout page Client->>Server: Trigger request for payment session Server->>Adyen: 2. Create payment session with tokenization parameters (POST /sessions) Adyen-->>Server: Session data Server->>Client: Pass session data Client->>Client: 3. Create instance of AdyenCheckout and initialize Drop-in Client->>Shopper: Show stored payment methods Shopper->>Client: 4. Select stored payment method and submit payment Client->>Adyen: Drop-in handles the payment flow Adyen-->>Client: Result of the payment session Adyen->>Webhook: 5. Webhook message with payment outcome ``` ## Store payment details To store your shopper's payment details and get a token that you can use for future payments: 1. Before the shopper pays on your website, ask for their consent to store their payment details for future payments. 2. [Create a session with tokenization parameters](#create-a-session-with-tokenization-parameters). 3. [Get the token from the webhook](#get-the-token-from-the-webhook). ### Create a session with tokenization parameters When the shopper proceeds to make a payment, [create a session](/standard/integration/drop-in#create-payment-session) and include the following additional parameters for tokenization: | Parameter | Required | Description | | -------------------------- | ------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `shopperInteraction` | ![Required](/user/pages/reuse/image-library/01.icons/required/required.svg?decoding=auto\&fetchpriority=auto) | Indicates the sales channel through which the shopper gives their card details. Set to **Ecommerce**. | | `recurringProcessingModel` | ![Required](/user/pages/reuse/image-library/01.icons/required/required.svg?decoding=auto\&fetchpriority=auto) | The type of recurring payment the token is intended for. Set to **CardOnFile**. | | `storePaymentMethodMode` | ![Required](/user/pages/reuse/image-library/01.icons/required/required.svg?decoding=auto\&fetchpriority=auto) | Indicates if the shopper's payment details will be stored. **Possible values:**- **askForConsent**: The payment form shows a checkbox that the shopper can select to store their payment details. We create an associated token. - **enabled**: Store the payment details and create an associated token, without showing a checkbox in the payment form. | To store the shopper's payment details without collecting a payment, you can use a zero-value authorization: set the `amount.value` to **0** to verify the payment details. If you want to store the payment details as part of an actual transaction, use the amount for the current transaction. Some payment methods, like [iDEAL](/payment-methods/ideal/), require a minimum amount more than **0**. **Example request for a session that creates a token** ```bash curl https://checkout-test.adyen.com/v72/sessions \ -X POST \ -H 'x-api-key: ADYEN_API_KEY' \ -H 'idempotency-key: YOUR_IDEMPOTENCY_KEY' \ -H 'content-type: application/json' \ -d '{ "merchantAccount": "ADYEN_MERCHANT_ACCOUNT", "amount": { "value": 1000, "currency": "EUR" }, "returnUrl": "https://your-company.example.com/checkout?shopperOrder=12xy..", "reference": "Your-payment-reference-123-abc", "countryCode": "NL", "channel": "Web", "shopperEmail": "s.hopper@example.com", "shopperReference": "YOUR_SHOPPER_REFERENCE", "shopperInteraction": "Ecommerce", "recurringProcessingModel": "CardOnFile", "storePaymentMethodMode": "enabled" }' ``` The token is created after a successful payment authorization to ensure that the shopper's payment details are linked to an active account that can be charged. ### Get the token from the webhook After the transaction is authorized, you receive a [recurring.token.created](https://docs.adyen.com/api-explorer/Tokenization-webhooks/latest/post/recurring.token.created) webhook with the token you can use for future payments. Store the `storedPaymentMethodId` together with the `shopperReference`, so that you associate the token with the shopper. **Example token created webhook** ```json { "createdAt": "2024-01-14T18:10:49+01:00", "environment": "test", "type": "recurring.token.created", "data": { "merchantAccount": "ADYEN_MERCHANT_ACCOUNT", "storedPaymentMethodId": "M5N7TQ4TG5PFWR50", "type": "visa", "operation": "created", "shopperReference": "YOUR_SHOPPER_REFERENCE" }, "eventId": "QBQQ9DLNRHHKGK38" } ``` To receive these updates, enable the [Recurring tokens life cycle events](/development-resources/webhooks/webhook-types/#other-webhooks) webhook. We recommend that you [set up the webhook](/development-resources/webhooks/#set-up-webhooks-in-your-customer-area) with all default events. ## Make a one-click payment After you have stored a shopper's payment details, you can use the token for one-click payments where the returning shopper uses their stored payment details for a faster checkout. 1. From your server, make a POST [/sessions](https://docs.adyen.com/api-explorer/Checkout/latest/post/sessions) request including: | Parameter | Required | Description | | -------------------------- | ------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | | `shopperReference` | ![Required](/user/pages/reuse/image-library/01.icons/required/required.svg?decoding=auto\&fetchpriority=auto) | Your unique identifier for the shopper. We use it to check if you have stored payment details associated with this shopper. | | `shopperInteraction` | ![Required](/user/pages/reuse/image-library/01.icons/required/required.svg?decoding=auto\&fetchpriority=auto) | Indicates the sales channel through which the shopper uses the stored payment details. Set to **Ecommerce**. | | `recurringProcessingModel` | ![Required](/user/pages/reuse/image-library/01.icons/required/required.svg?decoding=auto\&fetchpriority=auto) | The type of recurring payment. Set to **CardOnFile**. If you set this to any other value, we internally change it to **CardOnFile**. | If you use 3D Secure for PSD2 SCA compliance, some issuing banks require SCA for **ContAuth** with **CardOnFile** transactions. See the [PSD2 SCA compliance guide](/online-payments/psd2-sca-compliance-and-implementation-guide#are-my-payments-affected) for more information. **Example request for a session with a one-click payment** ```bash curl https://checkout-test.adyen.com/v72/sessions \ -X POST \ -H 'x-api-key: ADYEN_API_KEY' \ -H 'idempotency-key: YOUR_IDEMPOTENCY_KEY' \ -H 'content-type: application/json' \ -d '{ "merchantAccount": "ADYEN_MERCHANT_ACCOUNT", "amount": { "value": 2000, "currency": "EUR" }, "returnUrl": "https://your-company.example.com/checkout?shopperOrder=12xy..", "reference": "Your-payment-reference-123-abc", "countryCode": "NL", "channel": "Web", "shopperReference": "YOUR_SHOPPER_REFERENCE", "shopperInteraction": "ContAuth", "recurringProcessingModel": "CardOnFile" }' ``` 2. If the shopper selects the option to pay with their stored payment details, Drop-in handles the payment flow. 3. Get the outcome of the payment in a webhook message. ## Test and go live Follow our [testing guide for tokenization](/development-resources/testing/tokenization/) and make sure that you can successfully store payment details and make payments with a token. When you are ready to go live: * Enable the **Recurring tokens life cycle events** webhooks in your [live Customer Area](https://ca-live.adyen.com/). * Follow the [Tokenization end-to-end testing checklist](/online-payments/go-live-checklist#tokenization).