User Consent Setup on Apaya Checkout

Send your users to the Apaya Checkout where they can select their desired payment mechanism and provide their consent for future non-Checkout-triggered billing transactions. Apaya will manage the identification for all users and gather their consent, enabling billing via the Apaya API. Ability to perform refunds is available depending on the payment mechanism.

Breakdown of steps:

  1. Generate a unique token to access the Apaya Checkout by calling the RequestToken API method.
    Note: You must use a tokenTypeId of 6 when requesting a token for Consent Setup.

  2. Send your user to the Apaya Consent Setup URL by appending the token, https://pay.apaya.io/setup/[token].e.g. https://pay.apaya.io/setup/WHrH7zOq2hnDbJcYUuSgUXLwZ9J0LEfqemRV2x12345

  3. Your user will provide their consent on the Apaya Consent Setup page, and upon successful completion, or upon failure (or if the user cancels the flow mid-way) they are returned to your endpoint. Note: This return endpoint is configured by Apaya on a product-by-product basis.

  4. The user will return to your endpoint containing the following information in the URL:
    e.g.http://www.example.com/?token=A9IotQFdJBSYjth7h)hGWmFAgzVjxU6xeGGT)AaAbB= &success=1&pt=ExamplePTValue&status=SUCCESS
    &HashedIdentifer=%2A%2A%2A%2A%2A%2A%2A%2A881&MX=nRjrQf7rkGX-437Y6)5gR)5uMlRi3cy-3Ft9s2qvzD4&MCC=234&MNC=11

    • token - Populated with the original token passed in when starting the Apaya Checkout flow.

    • pt - The pass-through value provided in the Token

    • success - '1' signifying that successful acquisition has taken place. '0' if not.
      Note: 'success' parameter will not be returned in the return URL when the end-user clicks to 'cancel and return' thus abandoning the flow. The 'status' in this case will contain 'ABANDONED'.

    • status - Contains a brief description of the status of the user during/after the acquisition flow. See Status Values for details.

    • HashedIdentifier - Contains a URL encoded 'hashed' user identifier (MSISDN or other) which you can display on your UI after being decoded. MSISDNs will be hashed with a * (star) character except for the final 3 digits. E.g. encoded version: %2A%2A%2A%2A%2A%2A%2A%2A881, decoded version: ********881

    • MX - The user’s encrypted MSISDN. Store this to use when calling SendBill to trigger a charge. If the user abandons the flow or fails consent, this will be returned as an empty string.

    • MCC - Mobile Country Code. If the user abandons the flow or fails consent, this will be returned as an empty string.

    • MNC - Mobile Network Code. If the user abandons the flow or fails consent, this will be returned as an empty string.

  5. Log details of the Consent Setup in your platform and if successful, allow the user to perform billing transactions now that they have given pre-authorisation to future billing for this service. Access the billing API documentation here.

  6. The Apaya platform can also send asynchronous webhook notification to your platform with billing information. Click here for more details.

Get Production access:

  1. Once you're happy with your Sandbox tests and you want Production access, sign in and go to Products and click on Production. Configure a 'subscription' just as you did for Sandbox. Give your subscription a relevant name, again you can change this later if required.

  2. Your Production subscription will be sent to Apaya for approval. Once approved, you will have access to the production API. Click on the green 'Try It' button to test your request and see a response from any of the required production API methods. Note: Your API access key will only be pre-populated after your Production subscription request has been approved by Apaya.

  3. If you require any assistance, contact us on support@apaya.io