Skip to main content

Payment.js authorization

The payment.js library supports two types of authorization. Before you implement the payment.js library, you must determine which type you want to use, because each authorization scenario gives access to different methods in the library. Both methods reduce your PCI DSS compliance scope to SAQ A-EP by handling payment method data securely. The two types of authorization are:

  1. Use a public developer key (PDK) to generate a token, which you can use to tokenize payment method details before they are sent to the payment gateway.
  2. Use a user-scoped client OAuth token to send payment details to the payment gateway directly. This method might be desirable if you already have an integration that retrieves user-scoped tokens.

Was this page helpful?