This guide walks through the full payment lifecycle in the Advanced Flow — from checking eligible payment methods and displaying saved cards, to collecting card details, creating the payment, and optionally registering a card for future use.
Flow overview
Step 1 — Check eligible payment methods
Before rendering the checkout, call the eligibility endpoint to determine which payment methods are available for the order. This prevents presenting options that cannot be fulfilled by the PSP.
Required fields: entity_id, amount, currency, order.
The customer object is optional but recommended — it enables PSP-level eligibility checks based on customer profile.
curl -X POST 'https://api.purse-sandbox.com/payment/v2/eligible-solutions' \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer ${ACCESS_TOKEN}" \
--data-raw '{
"entity_id": "${ENTITY_ID}",
"amount": 4999,
"currency": "EUR",
"customer": {
"reference": "customer-123",
"type": "PERSON",
"ip_address": "203.0.113.195",
"locale": "fr-FR"
},
"order": {
"reference": "order-456",
"net_amount": 4999,
"tax_amount": 833,
"billing_address": {
"first_name": "Emily",
"last_name": "Parker",
"address_lines": ["67 Rue de Luxembourg"],
"city": "Lille",
"postal_code": "59777",
"country_code": "FR"
}
}
}'
- Endpoint:
/payment/v2/eligible-solutions
- Method:
POST
- API Reference
Response:
{
"amount": 4999,
"currency": "EUR",
"eligible_solutions": [
{ "partner": "dalenys", "method": "creditcard" },
{ "partner": "oney", "method": "cb3x" },
{ "partner": "paypal", "method": "wallet" }
]
}
Use eligible_solutions to conditionally render payment method buttons — for example, show a "Pay in 3x" option only when oney/cb3x is present.
If the order is the first of a recurring payment series, pass "allow_future_usage": true. This signals to the PSP that the card may be charged again in the future.
Step 2 — Display saved cards
If the customer has an account, fetch their active tokens directly from the Wallet API v3 — no session required.
curl -X GET \
'https://api.purse-sandbox.com/wallet/v3/merchants/${ENTITY_ID}/customers/${CUSTOMER_REFERENCE}/tokens?status=ACTIVE' \
--header "Authorization: Bearer ${ACCESS_TOKEN}"
- Endpoint:
/wallet/v3/merchants/{merchant_id}/customers/{customer_reference}/tokens
- Method:
GET
- API Reference
Response:
{
"tokens": [
{
"id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"status": "ACTIVE",
"description": {
"brand_name": "VISA",
"display_token": "****4242",
"holder_name": "Emily Parker"
},
"expiration_date": "2027-01-01T00:00:00Z",
"favorite": true
}
],
"total_elements": 1
}
Render a button per token using description.display_token and description.brand_name. When the customer selects a token, initialize a CVV-only SecureFields form — see Token Payment.
When the customer has no saved cards or chooses to enter a new card, render the full SecureFields form:
import { loadSecureFields } from '@purse-eu/web-sdk';
const sf = await loadSecureFields('sandbox');
const secureForm = await sf.initSecureFields({
tenantId: '${VAULT_TENANT_ID}',
config: {
brands: ['VISA', 'MASTERCARD', 'CARTE_BANCAIRE'],
brandSelector: true,
fields: {
cardNumber: { target: 'pan-placeholder', placeholder: '1234 5678 9012 3456' },
cvv: { target: 'cvv-placeholder', placeholder: '123' },
expDate: { target: 'exp-placeholder', placeholder: 'MM/YY' },
holderName: { target: 'holder-placeholder', placeholder: 'John Doe' },
},
},
});
await secureForm.render();
const result = await secureForm.submit({ saveToken: false });
See Getting Started for the complete SecureFields initialization and event handling.
Step 4 — Create a payment
With a new card
Your backend receives the vault_form_token from the frontend and calls the Payment API:
curl -X POST 'https://api.purse-sandbox.com/payment/v2/payments' \
--header 'Content-Type: application/json' \
--header "x-api-key: ${API_KEY}" \
--header "Authorization: Bearer ${ACCESS_TOKEN}" \
--data-raw '{
"entity_id": "${ENTITY_ID}",
"amount": 4999,
"currency": "EUR",
"order": {
"reference": "order-456"
},
"split": [
{
"vault_form_token": "${VAULT_FORM_TOKEN}",
"three_ds_authentication_options": {
"challenge_indicator": "NO_CHALLENGE_REQUESTED"
}
}
],
"browser": {
"user_agent": "Mozilla/5.0...",
"accept_header": "text/html",
"color_depth": 32,
"screen_height": 1200,
"screen_width": 1920,
"locale": "fr-FR",
"utc_time_zone": 60
}
}'
With a saved token
After the customer submits the CVV-only form, the frontend sends both vault_form_token and wallet_token_id to the backend:
curl -X POST 'https://api.purse-sandbox.com/payment/v2/payments' \
--header 'Content-Type: application/json' \
--header "x-api-key: ${API_KEY}" \
--header "Authorization: Bearer ${ACCESS_TOKEN}" \
--data-raw '{
"entity_id": "${ENTITY_ID}",
"amount": 4999,
"currency": "EUR",
"split": [
{
"vault_form_token": "${CVV_VAULT_FORM_TOKEN}",
"wallet_token": "${WALLET_TOKEN_ID}"
}
],
"browser": {
"user_agent": "Mozilla/5.0...",
"accept_header": "text/html",
"color_depth": 32,
"screen_height": 1200,
"screen_width": 1920,
"locale": "fr-FR",
"utc_time_zone": 60
}
}'
Step 5 — Register a token
Automatically during payment
Pass save_token: true in the split item. After a successful payment, the card is automatically added to the customer's wallet.
"split": [
{
"vault_form_token": "${VAULT_FORM_TOKEN}",
"save_token": true
}
]
The payment response includes token_saved: true and the wallet_token ID when registration succeeds.
Always obtain explicit customer consent before saving a card. Use a checkbox in your checkout UI and only pass save_token: true when the customer has opted in.
Manually via the Wallet API
To register a card independently of a payment — for example, in an account management screen — call the Wallet API v3 directly:
curl -X POST \
'https://api.purse-sandbox.com/wallet/v3/merchants/${ENTITY_ID}/customers/${CUSTOMER_REFERENCE}/tokens' \
--header 'Content-Type: application/json' \
--header "Authorization: Bearer ${ACCESS_TOKEN}" \
--data-raw '{
"token": "${VAULT_CARD_TOKEN}",
"expiration_date": "2027-01-01T00:00:00Z",
"description": {
"brand_name": "VISA",
"display_token": "****4242",
"holder_name": "Emily Parker"
},
"scope": {
"partner": "dalenys",
"method": "creditcard",
"origin": "purse"
}
}'
- Endpoint:
/wallet/v3/merchants/{merchant_id}/customers/{customer_reference}/tokens
- Method:
POST
- API Reference
The response returns a TokenProjectionV3 with the assigned id, which you can store to reference the token in future payments.
Next steps