COPYandPAY registration tokens
Last updated: 2025-12-24
COPYandPAY allows you to securely collect and store (non-)card data from shoppers for future usage for example, recurring payments, one-click payments. The different ways to do this are:
The Tokenisation page offers detailed information on registration tokens. To use network tokens issued by the card networks for your payments, refer to COPYandPAY network tokens.
Standalone tokenisation
Collect card data from the customer via the tokenisation widget and initiate the registration tokenisation. No payment request is involved. A registration token is synchronously provisioned and returned to you so you can store it. The registration token can then be used in subsequent payments.
1. Prepare the checkout
Perform a server-to-server POST request to prepare the checkout with the required customer data. Include createRegistration=true and exclude paymentType. A successful request returns an id, required in the second step to create the registration form.
Sample request:
curl https://sandbox-card.peachpayments.com/v1/checkouts \
-d "entityId=8a8294174e735d0c014e78cf26461790" \
-d "testMode=EXTERNAL" \
-d "createRegistration=true" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data = "entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"&createRegistration=true";
string url = "https://sandbox-card.peachpayments.com/v1/checkouts";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"&createRegistration=true"
def url = "https://sandbox-card.peachpayments.com/v1/checkouts".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()import java.io.*;
import java.net.*;
import javax.net.ssl.HttpsURLConnection;
import org.apache.commons.io.IOUtils;
private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/checkouts");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = "entityId=8a8294174e735d0c014e78cf26461790"
+ "&testMode=EXTERNAL"
+ "&createRegistration=true";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is = (responseCode >= 400) ? conn.getErrorStream() : conn.getInputStream();
return IOUtils.toString(is, "UTF-8");
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/checkouts';
const data = querystring.stringify({
entityId: '8a8294174e735d0c014e78cf26461790',
testMode: 'EXTERNAL',
createRegistration: 'true'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, (res) => {
const buf = [];
res.on('data', (chunk) => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/checkouts";
$data = "entityId=8a8294174e735d0c014e78cf26461790" .
"&testMode=EXTERNAL" .
"&createRegistration=true";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/checkouts"
data = {
'entityId': '8a8294174e735d0c014e78cf26461790',
'testMode': 'EXTERNAL',
'createRegistration': 'true'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/checkouts')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8a8294174e735d0c014e78cf26461790',
'testMode' => 'EXTERNAL',
'createRegistration' => 'true'
})
res = http.request(req)
JSON.parse(res.body)
end
puts request()def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/checkouts"
val data = (
"entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"&createRegistration=true"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode >= 400) {
IOUtils.toString(conn.getErrorStream)
} else {
IOUtils.toString(conn.getInputStream)
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/checkouts"
Dim data As String = "" +
"entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"&createRegistration=true"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
Dim responseData As String = Request()("result")("description"){
"result":{
"code":"000.200.100",
"description":"successfully created checkout"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-24 14:12:19+0000",
"ndc":"404802E23C895DC960A3F512CA4921CA.uat01-vm-tx03",
"id":"404802E23C895DC960A3F512CA4921CA.uat01-vm-tx03"
}2. Create the registration form
Create the registration form by adding the following lines of HTML/JavaScript to your page:
- With the
checkoutIdreceived from first step.<script src="https://sandbox-card.peachpayments.com/v1/paymentWidgets.js?checkoutId={checkoutId}/registration"></script> - With the
shopperResultUrlas the page on your site where the customer should be redirected after the tokenisation is complete.<form action="{shopperResultUrl}" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>
Sample form:
<form action="https://developer.peachpayments.com/docs/oppwa-integrations-copyandpay-registration-tokens" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>body {background-color:#f6f6f5;}var wpwlOptions = {style:"card", registrations: {requireCvv: true}}
Card form.
3. Get the registration status
After processing the tokenisation request, the customer redirects to your shopperResultUrl with a GET parameter resourcePath=/v1/checkouts/{checkoutId}/registration
Sample request:
https://sandbox-card.peachpayments.com/v1/checkouts/404802E23C895DC960A3F512CA4921CA.uat01-vm-tx03/registration
curl -G https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration \
-d "entityId=8a8294174e735d0c014e78cf26461790" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data = "entityId=8a8294174e735d0c014e78cf26461790";
string url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration?" + data;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "GET";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8a8294174e735d0c014e78cf26461790"
def url = ("https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration?" + data).toURL()
def connection = url.openConnection()
connection.setRequestMethod("GET")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
def json = new JsonSlurper().parseText(connection.inputStream.text)
return json
}
println request()import java.io.*;
import java.net.URL;
import javax.net.ssl.HttpsURLConnection;
import org.apache.commons.io.IOUtils;
private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration?entityId=8a8294174e735d0c014e78cf26461790");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) {
is = conn.getErrorStream();
} else {
is = conn.getInputStream();
}
return IOUtils.toString(is, "UTF-8");
}const https = require('https');
const request = async () => {
let path = '/v1/checkouts/{id}/registration';
path += '?entityId=8a8294174e735d0c014e78cf26461790';
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'GET',
headers: {
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, (res) => {
const buf = [];
res.on('data', chunk => buf.push(Buffer.from(chunk)));
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration";
$url .= "?entityId=8a8294174e735d0c014e78cf26461790";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();
echo $responseData;try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration"
url += '?entityId=8a8294174e735d0c014e78cf26461790'
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=b'')
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'GET'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return str(e.reason)
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request
path = "?entityId=8a8294174e735d0c014e78cf26461790"
uri = URI.parse('https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration' + path)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Get.new(uri)
req['Authorization'] = 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
res = http.request(req)
JSON.parse(res.body)
end
puts requestdef initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration?entityId=8a8294174e735d0c014e78cf26461790"
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("GET")
case _ => throw new ClassCastException("Connection is not a secure HTTPS connection")
}
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.asInstanceOf[HttpsURLConnection].getResponseCode >= 400) {
IOUtils.toString(conn.getErrorStream)
} else {
IOUtils.toString(conn.getInputStream)
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/registration" +
"?entityId=8a8294174e735d0c014e78cf26461790"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "GET"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"id":"8ac7a49f9d1f9917019d206be0530e48",
"paymentBrand":"VISA",
"result":{
"code":"000.100.112",
"description":"Request successfully processed in 'Merchant in Connector Test Mode'"
},
"card":{
"bin":"420000",
"binCountry":"US",
"last4Digits":"0091",
"holder":"John Doe",
"expiryMonth":"12",
"expiryYear":"2028"
},
"customer":{
"ip":"41.56.130.170",
"ipCountry":"ZA"
},
"customParameters":{
"SHOPPER_EndToEndIdentity":"306e85587bf7d8d2a5cb358c699450e79c0f2199e0ff17a3612aec191afec7d9"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-24 15:17:13+0000",
"ndc":"F284CFE78EB9400B1B187A2ECC1B921E.uat01-vm-tx04"
}4. Send payment using the token
Perform a server-to-server POST request using the registration token from the previous step. Or use one-click checkout to authorise the payment with a selected stored registration token.
Sample request:
https://sandbox-card.peachpayments.com/v1/registrations/8ac7a49f9d1f9917019d206be0530e48/payments
curl https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments \
-d "entityId=8a8294174e735d0c014e78cf26461790" \
-d "paymentBrand=VISA" \
-d "paymentType=DB" \
-d "amount=17.99" \
-d "currency=EUR" \
-d "standingInstruction.type=UNSCHEDULED" \
-d "standingInstruction.mode=INITIAL" \
-d "standingInstruction.source=CIT" \
-d "testMode=EXTERNAL" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data = "entityId=8a8294174e735d0c014e78cf26461790" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&testMode=EXTERNAL";
string url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream PostData = request.GetRequestStream();
PostData.Write(buffer, 0, buffer.Length);
PostData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8a8294174e735d0c014e78cf26461790" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&testMode=EXTERNAL"
def url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8a8294174e735d0c014e78cf26461790"
+ "&paymentBrand=VISA"
+ "&paymentType=DB"
+ "&amount=17.99"
+ "¤cy=EUR"
+ "&standingInstruction.type=UNSCHEDULED"
+ "&standingInstruction.mode=INITIAL"
+ "&standingInstruction.source=CIT"
+ "&testMode=EXTERNAL";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) {
is = conn.getErrorStream();
} else {
is = conn.getInputStream();
}
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/registrations/{id}/payments';
const data = querystring.stringify({
'entityId': '8a8294174e735d0c014e78cf26461790',
'paymentBrand': 'VISA',
'paymentType': 'DB',
'amount': '17.99',
'currency': 'EUR',
'standingInstruction.type': 'UNSCHEDULED',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'testMode': 'EXTERNAL'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function (res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments";
$data = "entityId=8a8294174e735d0c014e78cf26461790" .
"&paymentBrand=VISA" .
"&paymentType=DB" .
"&amount=17.99" .
"¤cy=EUR" .
"&standingInstruction.type=UNSCHEDULED" .
"&standingInstruction.mode=INITIAL" .
"&standingInstruction.source=CIT" .
"&testMode=EXTERNAL";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization:Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
data = {
'entityId': '8a8294174e735d0c014e78cf26461790',
'paymentBrand': 'VISA',
'paymentType': 'DB',
'amount': '17.99',
'currency': 'EUR',
'standingInstruction.type': 'UNSCHEDULED',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'testMode': 'EXTERNAL'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return str(e.reason)
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request
uri = URI('https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req['Authorization'] = 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
req.set_form_data({
'entityId' => '8a8294174e735d0c014e78cf26461790',
'paymentBrand' => 'VISA',
'paymentType' => 'DB',
'amount' => '17.99',
'currency' => 'EUR',
'standingInstruction.type' => 'UNSCHEDULED',
'standingInstruction.mode' => 'INITIAL',
'standingInstruction.source' => 'CIT',
'testMode' => 'EXTERNAL'
})
res = http.request(req)
JSON.parse(res.body)
end
puts requestimport java.net.URL
import javax.net.ssl.HttpsURLConnection
import org.apache.commons.io.IOUtils
def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
val data = (
"entityId=8a8294174e735d0c014e78cf26461790" +
"&paymentBrand=VISA" +
"&paymentType=DB" +
"&amount=17.99" +
"¤cy=EUR" +
"&standingInstruction.type=UNSCHEDULED" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&testMode=EXTERNAL"
)
val conn = new URL(url).openConnection() match {
case secureConn: HttpsURLConnection =>
secureConn.setRequestMethod("POST")
secureConn
case _ => throw new ClassCastException("Connection is not HTTPS")
}
conn.setDoInput(true)
conn.setDoOutput(true)
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
IOUtils.write(data, conn.getOutputStream, "UTF-8")
conn.connect()
if (conn.getResponseCode >= 400) {
IOUtils.toString(conn.getErrorStream, "UTF-8")
} else {
IOUtils.toString(conn.getInputStream, "UTF-8")
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/registrations/{id}/payments"
Dim data As String = String.Join("&", {
"entityId=8a8294174e735d0c014e78cf26461790",
"paymentBrand=VISA",
"paymentType=DB",
"amount=17.99",
"currency=EUR",
"standingInstruction.type=UNSCHEDULED",
"standingInstruction.mode=INITIAL",
"standingInstruction.source=CIT",
"testMode=EXTERNAL"
})
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Using dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
End Using
Dim response As String
Using res As WebResponse = req.GetResponse()
Using resStream As Stream = res.GetResponseStream()
Using reader As New StreamReader(resStream)
response = reader.ReadToEnd()
End Using
End Using
End Using
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
Dim responseData As String = Request()("result")("description").ToString(){
"id":"8ac7a4a19d1f98d2019d2071ea3513f9",
"paymentType":"DB",
"amount":"17.99",
"currency":"EUR",
"descriptor":"0472.8797.5844 MAC_Channel ",
"result":{
"code":"800.100.100",
"description":"transaction declined for unknown reason"
},
"resultDetails":{
"ExtendedDescription":"transaction declined for unknown reason",
"Error Message":"The request attempted an operation that requires a payment method, but the payment method type specified is not available for this merchant or does not exist at all. Corrective action: Use a payment method type that this merchant is authorized to use.",
"Transaction Status":"ERROR",
"Operation Id":"e0370b17-2660-4d03-a146-fd5a3cda3e8b",
"AcquirerResponse":"ERROR_GET_PAYMENT_METHOD_TYPE",
"Error Code":"ERROR_GET_PAYMENT_METHOD_TYPE"
},
"customParameters":{
"PAYMENT_INHOUSE_FACADE":"true"
},
"risk":{
"score":"0"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-24 15:23:51+0000",
"ndc":"8a8294174e735d0c014e78cf26461790_7492b006d6f344e2813775e02f22b739",
"standingInstruction":{
"source":"CIT",
"type":"UNSCHEDULED",
"mode":"INITIAL"
}
}Tokenisation during payment
Collect card data from customer using the payment widget and start registration tokenisation with either account verification (zero-amount auth) or an initial purchase. The process provisions a registration token and synchronously returns it after payment completion. Use the token for subsequent payments.
There are two ways to store the raw card details during a payment checkout:
- Merchant-determined tokenisation (see below): Add
createRegistration=truein the checkout request to tokenise card details. - Shopper-determined tokenisation: Add a checkbox to the COPYandPAY form to let customers choose whether to store their card details.
1. Prepare the checkout
Perform a server-to-server POST request to prepare the checkout with the required payment and customer data, including the order type, amount, and currency. A successful request returns an id, required in the second step to create the payment form.
curl https://sandbox-card.peachpayments.com/v1/checkouts \
-d "entityId=8a8294174e735d0c014e78cf26461790" \
-d "testMode=EXTERNAL" \
-d "createRegistration=true" \
-d "amount=31.12" \
-d "currency=EUR" \
-d "paymentType=DB" \
-d "standingInstruction.mode=INITIAL" \
-d "standingInstruction.source=CIT" \
-d "standingInstruction.type=UNSCHEDULED" \
-d "customer.givenName=Smith" \
-d "customer.ip=192.168.0.0" \
-d "customer.surname=John" \
-d "customer.language=DE" \
-d "[email protected]" \
-d "billing.city=MyCity" \
-d "billing.country=DE" \
-d "billing.postcode=712121" \
-d "billing.state=DE" \
-d "billing.street1=MyStreet" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request()
{
Dictionary<string, dynamic> responseData;
string data = "entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"&createRegistration=true" +
"&amount=31.12" +
"¤cy=EUR" +
"&paymentType=DB" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&standingInstruction.type=UNSCHEDULED" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&[email protected]" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet";
string url = "https://sandbox-card.peachpayments.com/v1/checkouts";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
Stream postData = request.GetRequestStream();
postData.Write(buffer, 0, buffer.Length);
postData.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
string resultDescription = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"&createRegistration=true" +
"&amount=31.12" +
"¤cy=EUR" +
"&paymentType=DB" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&standingInstruction.type=UNSCHEDULED" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&[email protected]" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet"
def url = "https://sandbox-card.peachpayments.com/v1/checkouts".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream << data
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/checkouts");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8a8294174e735d0c014e78cf26461790"
+ "&testMode=EXTERNAL"
+ "&createRegistration=true"
+ "&amount=31.12"
+ "¤cy=EUR"
+ "&paymentType=DB"
+ "&standingInstruction.mode=INITIAL"
+ "&standingInstruction.source=CIT"
+ "&standingInstruction.type=UNSCHEDULED"
+ "&customer.givenName=Smith"
+ "&customer.ip=192.168.0.0"
+ "&customer.surname=John"
+ "&customer.language=DE"
+ "&[email protected]"
+ "&billing.city=MyCity"
+ "&billing.country=DE"
+ "&billing.postcode=712121"
+ "&billing.state=DE"
+ "&billing.street1=MyStreet";
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes(data);
wr.flush();
wr.close();
int responseCode = conn.getResponseCode();
InputStream is = (responseCode >= 400) ? conn.getErrorStream() : conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/checkouts';
const data = querystring.stringify({
'entityId': '8a8294174e735d0c014e78cf26461790',
'testMode': 'EXTERNAL',
'createRegistration': 'true',
'amount': '31.12',
'currency': 'EUR',
'paymentType': 'DB',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'standingInstruction.type': 'UNSCHEDULED',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'customer.email': '[email protected]',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, function(res) {
const buf = [];
res.on('data', chunk => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/checkouts";
$data = "entityId=8a8294174e735d0c014e78cf26461790" .
"&testMode=EXTERNAL" .
"&createRegistration=true" .
"&amount=31.12" .
"¤cy=EUR" .
"&paymentType=DB" .
"&standingInstruction.mode=INITIAL" .
"&standingInstruction.source=CIT" .
"&standingInstruction.type=UNSCHEDULED" .
"&customer.givenName=Smith" .
"&customer.ip=192.168.0.0" .
"&customer.surname=John" .
"&customer.language=DE" .
"&[email protected]" .
"&billing.city=MyCity" .
"&billing.country=DE" .
"&billing.postcode=712121" .
"&billing.state=DE" .
"&billing.street1=MyStreet";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Set this to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/checkouts"
data = {
'entityId': '8a8294174e735d0c014e78cf26461790',
'testMode': 'EXTERNAL',
'createRegistration': 'true',
'amount': '31.12',
'currency': 'EUR',
'paymentType': 'DB',
'standingInstruction.mode': 'INITIAL',
'standingInstruction.source': 'CIT',
'standingInstruction.type': 'UNSCHEDULED',
'customer.givenName': 'Smith',
'customer.ip': '192.168.0.0',
'customer.surname': 'John',
'customer.language': 'DE',
'customer.email': '[email protected]',
'billing.city': 'MyCity',
'billing.country': 'DE',
'billing.postcode': '712121',
'billing.state': 'DE',
'billing.street1': 'MyStreet'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/checkouts')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8a8294174e735d0c014e78cf26461790',
'testMode' => 'EXTERNAL',
'createRegistration' => 'true',
'amount' => '31.12',
'currency' => 'EUR',
'paymentType' => 'DB',
'standingInstruction.mode' => 'INITIAL',
'standingInstruction.source' => 'CIT',
'standingInstruction.type' => 'UNSCHEDULED',
'customer.givenName' => 'Smith',
'customer.ip' => '192.168.0.0',
'customer.surname' => 'John',
'customer.language' => 'DE',
'customer.email' => '[email protected]',
'billing.city' => 'MyCity',
'billing.country' => 'DE',
'billing.postcode' => '712121',
'billing.state' => 'DE',
'billing.street1' => 'MyStreet'
})
req['Authorization'] = 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
res = http.request(req)
JSON.parse(res.body)
end
puts request()import java.net.URL
import javax.net.ssl.HttpsURLConnection
import org.apache.commons.io.IOUtils
def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/checkouts"
val data = (
"entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"&createRegistration=true" +
"&amount=31.12" +
"¤cy=EUR" +
"&paymentType=DB" +
"&standingInstruction.mode=INITIAL" +
"&standingInstruction.source=CIT" +
"&standingInstruction.type=UNSCHEDULED" +
"&customer.givenName=Smith" +
"&customer.ip=192.168.0.0" +
"&customer.surname=John" +
"&customer.language=DE" +
"&[email protected]" +
"&billing.city=MyCity" +
"&billing.country=DE" +
"&billing.postcode=712121" +
"&billing.state=DE" +
"&billing.street1=MyStreet"
)
val conn = new URL(url).openConnection().asInstanceOf[HttpsURLConnection]
try {
conn.setRequestMethod("POST")
conn.setDoInput(true)
conn.setDoOutput(true)
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
IOUtils.write(data, conn.getOutputStream(), "UTF-8")
val responseStream = if (conn.getResponseCode >= 400) conn.getErrorStream else conn.getInputStream
IOUtils.toString(responseStream, "UTF-8")
} catch {
case e: Exception => s"Error: ${e.getMessage}"
} finally {
conn.disconnect()
}
}Imports System.IO
Imports System.Net
Imports System.Text
Imports System.Web.Script.Serialization
Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/checkouts"
Dim data As String = String.Join("&", {
"entityId=8a8294174e735d0c014e78cf26461790",
"testMode=EXTERNAL",
"createRegistration=true",
"amount=31.12",
"currency=EUR",
"paymentType=DB",
"standingInstruction.mode=INITIAL",
"standingInstruction.source=CIT",
"standingInstruction.type=UNSCHEDULED",
"customer.givenName=Smith",
"customer.ip=192.168.0.0",
"customer.surname=John",
"customer.language=DE",
"[email protected]",
"billing.city=MyCity",
"billing.country=DE",
"billing.postcode=712121",
"billing.state=DE",
"billing.street1=MyStreet"
})
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Using dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
End Using
Dim response As String
Using res As WebResponse = req.GetResponse()
Using resStream As Stream = res.GetResponseStream()
Using reader As New StreamReader(resStream)
response = reader.ReadToEnd()
End Using
End Using
End Using
Dim jss As New JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
' Usage
Dim responseData As Dictionary(Of String, Object) = Request()
Dim description As String = responseData("result")("description").ToString()
Console.WriteLine("Response Description: " & description){
"result":{
"code":"000.200.100",
"description":"successfully created checkout"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-24 15:28:18+0000",
"ndc":"D13E84B9F923E92FB56186C14D258274.uat01-vm-tx01",
"id":"D13E84B9F923E92FB56186C14D258274.uat01-vm-tx01"
}2. Create the payment form
Create the payment form by adding the following lines of HTML/JavaScript to your page:
- With the
checkoutIdreceived from the first step:<script src="https://sandbox-card.peachpayments.com/v1/paymentWidgets.js?checkoutId={checkoutId}"></script> - With the
shopperResultUrlas the page on your site where the customer redirects after the payment completes:<form action="{shopperResultUrl}" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>
Sample form:
<form action="https://developer.peachpayments.com/docs/oppwa-integrations-copyandpay-registration-tokens" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>body {background-color:#f6f6f5;}var wpwlOptions = {style:"card", registrations: {requireCvv: true}}
Card form.
3. Get the payment status
The system redirects the customer to your shopperResultUrl with a GET parameter resourcePath to confirm if the payment and registration token succeeded. The parameter is resourcePath=/v1/checkouts/{checkoutId}/payment.
Sample request:
https://sandbox-card.peachpayments.com/v1/checkouts/D13E84B9F923E92FB56186C14D258274.uat01-vm-tx01/payment
curl -G https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment \
-d "entityId=8a8294174e735d0c014e78cf26461790" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data = "entityId=8a8294174e735d0c014e78cf26461790";
string url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment?" + data;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "GET";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var serializer = new JavaScriptSerializer();
responseData = serializer.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
var resultDescription = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8a8294174e735d0c014e78cf26461790"
def url = ("https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment?" + data).toURL()
def connection = url.openConnection()
connection.setRequestMethod("GET")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment?entityId=8a8294174e735d0c014e78cf26461790");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
int responseCode = conn.getResponseCode();
InputStream is = (responseCode >= 400) ? conn.getErrorStream() : conn.getInputStream();
return IOUtils.toString(is);
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
let path = '/v1/checkouts/{id}/payment';
path += '?entityId=8a8294174e735d0c014e78cf26461790';
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'GET',
headers: {
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, res => {
const buf = [];
res.on('data', chunk => buf.push(Buffer.from(chunk)));
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment";
$url .= "?entityId=8a8294174e735d0c014e78cf26461790";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Set this to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment"
url += '?entityId=8a8294174e735d0c014e78cf26461790'
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=b'')
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'GET'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
path = "?entityId=8a8294174e735d0c014e78cf26461790"
uri = URI.parse('https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment' + path)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Get.new(uri)
req['Authorization'] = 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
res = http.request(req)
JSON.parse(res.body)
end
puts request()def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment"
url += "?entityId=8a8294174e735d0c014e78cf26461790"
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("GET")
case _ => throw new ClassCastException
}
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode >= 400) {
IOUtils.toString(conn.getErrorStream)
} else {
IOUtils.toString(conn.getInputStream)
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment" +
"?entityId=8a8294174e735d0c014e78cf26461790"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "GET"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"result":{
"code":"000.200.000",
"description":"transaction pending"
},
"buildNumber":"2a7cf1d3d14ccb52500fbcb1ceb7ff4a15b6843b@2026-03-27 00:42:41 +0000",
"timestamp":"2026-03-27 09:35:24+0000",
"ndc":"6CA0C88427F71C4028381E06F48ABDE1.uat01-vm-tx03"
}One-click checkout
Re-use raw card data a customer entered before to speed up the checkout process. A customer returns to the merchant's website where they've already tokenised a card. Perform an unscheduled one-click purchase with one of the saved registration tokens. Authorise a cardholder-initiated (CIT) payment with the real card data saved for the registration token.
1. Prepare the checkout
Perform a server-to-server POST request to prepare the checkout with the required payment data, including the registration token IDs. Send the stored card on files in the registrations[n].id parameter, where n is a sequence number starting from zero, incrementing for each customer's registration ID. The response to a successful request includes an id required in the second step to create the one-click payment form.
Sample request:
curl https://sandbox-card.peachpayments.com/v1/checkouts \
-d "entityId=8a8294174e735d0c014e78cf26461790" \
-d "testMode=EXTERNAL" \
-d "registrations[0].id=8ac7a4a294f705870194f8be552d0418" \
-d "registrations[1].id=8ac7a4a194f81a9e0194f8be5779563e" \
-d "registrations[2].id=8ac7a49f94f81a9d0194f8be596056a6" \
-d "amount=31.13" \
-d "currency=EUR" \
-d "paymentType=DB" \
-d "standingInstruction.mode=REPEATED" \
-d "standingInstruction.source=CIT" \
-d "standingInstruction.type=UNSCHEDULED" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data = "entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"®istrations[0].id=8ac7a4a294f705870194f8be552d0418" +
"®istrations[1].id=8ac7a4a194f81a9e0194f8be5779563e" +
"®istrations[2].id=8ac7a49f94f81a9d0194f8be596056a6" +
"&amount=31.13" +
"¤cy=EUR" +
"&paymentType=DB" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=CIT" +
"&standingInstruction.type=UNSCHEDULED";
string url = "https://sandbox-card.peachpayments.com/v1/checkouts";
byte[] buffer = Encoding.ASCII.GetBytes(data);
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Method = "POST";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
request.ContentType = "application/x-www-form-urlencoded";
using (Stream postData = request.GetRequestStream()) {
postData.Write(buffer, 0, buffer.Length);
}
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
}
return responseData;
}
var responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"®istrations[0].id=8ac7a4a294f705870194f8be552d0418" +
"®istrations[1].id=8ac7a4a194f81a9e0194f8be5779563e" +
"®istrations[2].id=8ac7a49f94f81a9d0194f8be596056a6" +
"&amount=31.13" +
"¤cy=EUR" +
"&paymentType=DB" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=CIT" +
"&standingInstruction.type=UNSCHEDULED"
def url = "https://sandbox-card.peachpayments.com/v1/checkouts".toURL()
def connection = url.openConnection()
connection.setRequestMethod("POST")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
connection.doOutput = true
connection.outputStream.withWriter { writer ->
writer << data
}
def json = new JsonSlurper().parseText(connection.inputStream.text)
return json
}
println request()import javax.net.ssl.HttpsURLConnection;
import java.io.*;
import java.net.URL;
import org.apache.commons.io.IOUtils;
private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/checkouts");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
conn.setDoInput(true);
conn.setDoOutput(true);
String data = ""
+ "entityId=8a8294174e735d0c014e78cf26461790"
+ "&testMode=EXTERNAL"
+ "®istrations[0].id=8ac7a4a294f705870194f8be552d0418"
+ "®istrations[1].id=8ac7a4a194f81a9e0194f8be5779563e"
+ "®istrations[2].id=8ac7a49f94f81a9d0194f8be596056a6"
+ "&amount=31.13"
+ "¤cy=EUR"
+ "&paymentType=DB"
+ "&standingInstruction.mode=REPEATED"
+ "&standingInstruction.source=CIT"
+ "&standingInstruction.type=UNSCHEDULED";
try (DataOutputStream wr = new DataOutputStream(conn.getOutputStream())) {
wr.writeBytes(data);
wr.flush();
}
int responseCode = conn.getResponseCode();
InputStream is = responseCode >= 400 ? conn.getErrorStream() : conn.getInputStream();
return IOUtils.toString(is, "UTF-8");
}const https = require('https');
const querystring = require('querystring');
const request = async () => {
const path = '/v1/checkouts';
const data = querystring.stringify({
'entityId': '8a8294174e735d0c014e78cf26461790',
'testMode': 'EXTERNAL',
'registrations[0].id': '8ac7a4a294f705870194f8be552d0418',
'registrations[1].id': '8ac7a4a194f81a9e0194f8be5779563e',
'registrations[2].id': '8ac7a49f94f81a9d0194f8be596056a6',
'amount': '31.13',
'currency': 'EUR',
'paymentType': 'DB',
'standingInstruction.mode': 'REPEATED',
'standingInstruction.source': 'CIT',
'standingInstruction.type': 'UNSCHEDULED'
});
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': data.length,
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
}
};
return new Promise((resolve, reject) => {
const postRequest = https.request(options, (res) => {
const buf = [];
res.on('data', (chunk) => {
buf.push(Buffer.from(chunk));
});
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
postRequest.on('error', reject);
postRequest.write(data);
postRequest.end();
});
};
request().then(console.log).catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/checkouts";
$data = "entityId=8a8294174e735d0c014e78cf26461790" .
"&testMode=EXTERNAL" .
"®istrations[0].id=8ac7a4a294f705870194f8be552d0418" .
"®istrations[1].id=8ac7a4a194f81a9e0194f8be5779563e" .
"®istrations[2].id=8ac7a49f94f81a9d0194f8be596056a6" .
"&amount=31.13" .
"¤cy=EUR" .
"&paymentType=DB" .
"&standingInstruction.mode=REPEATED" .
"&standingInstruction.source=CIT" .
"&standingInstruction.type=UNSCHEDULED";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // this should be set to true in production
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/checkouts"
data = {
'entityId': '8a8294174e735d0c014e78cf26461790',
'testMode': 'EXTERNAL',
'registrations[0].id': '8ac7a4a294f705870194f8be552d0418',
'registrations[1].id': '8ac7a4a194f81a9e0194f8be5779563e',
'registrations[2].id': '8ac7a49f94f81a9d0194f8be596056a6',
'amount': '31.13',
'currency': 'EUR',
'paymentType': 'DB',
'standingInstruction.mode': 'REPEATED',
'standingInstruction.source': 'CIT',
'standingInstruction.type': 'UNSCHEDULED'
}
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=urlencode(data).encode('utf-8'))
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'POST'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
uri = URI('https://sandbox-card.peachpayments.com/v1/checkouts')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Post.new(uri.path)
req.set_form_data({
'entityId' => '8a8294174e735d0c014e78cf26461790',
'testMode' => 'EXTERNAL',
'registrations[0].id' => '8ac7a4a294f705870194f8be552d0418',
'registrations[1].id' => '8ac7a4a194f81a9e0194f8be5779563e',
'registrations[2].id' => '8ac7a49f94f81a9d0194f8be596056a6',
'amount' => '31.13',
'currency' => 'EUR',
'paymentType' => 'DB',
'standingInstruction.mode' => 'REPEATED',
'standingInstruction.source' => 'CIT',
'standingInstruction.type' => 'UNSCHEDULED'
})
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/checkouts"
val data = (""
+ "entityId=8a8294174e735d0c014e78cf26461790"
+ "&testMode=EXTERNAL"
+ "®istrations[0].id=8ac7a4a294f705870194f8be552d0418"
+ "®istrations[1].id=8ac7a4a194f81a9e0194f8be5779563e"
+ "®istrations[2].id=8ac7a49f94f81a9d0194f8be596056a6"
+ "&amount=31.13"
+ "¤cy=EUR"
+ "&paymentType=DB"
+ "&standingInstruction.mode=REPEATED"
+ "&standingInstruction.source=CIT"
+ "&standingInstruction.type=UNSCHEDULED"
)
val conn = new URL(url).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("POST")
case _ => throw new ClassCastException
}
conn.setDoInput(true)
conn.setDoOutput(true)
IOUtils.write(data, conn.getOutputStream())
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode() >= 400) {
return IOUtils.toString(conn.getErrorStream())
}
else {
return IOUtils.toString(conn.getInputStream())
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/checkouts"
Dim data As String = "" +
"entityId=8a8294174e735d0c014e78cf26461790" +
"&testMode=EXTERNAL" +
"®istrations[0].id=8ac7a4a294f705870194f8be552d0418" +
"®istrations[1].id=8ac7a4a194f81a9e0194f8be5779563e" +
"®istrations[2].id=8ac7a49f94f81a9d0194f8be596056a6" +
"&amount=31.13" +
"¤cy=EUR" +
"&paymentType=DB" +
"&standingInstruction.mode=REPEATED" +
"&standingInstruction.source=CIT" +
"&standingInstruction.type=UNSCHEDULED"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "POST"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(data)
req.ContentLength = byteArray.Length
Dim dataStream As Stream = req.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
Dim res As WebResponse = req.GetResponse()
Dim resStream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
responseData = Request()("result")("description"){
"result":{
"code":"000.200.100",
"description":"successfully created checkout"
},
"buildNumber":"9092e7a6af8301accda2f9a3a38f743f907dadd5@2026-03-23 16:50:06 +0000",
"timestamp":"2026-03-24 15:39:00+0000",
"ndc":"447D33CE6C9DBE38581DDF90B2E54D1D.uat01-vm-tx03",
"id":"447D33CE6C9DBE38581DDF90B2E54D1D.uat01-vm-tx03"
}2. Create the payment form
Add the following lines of HTML/JavaScript to your page:
- With the
checkoutIdreceived from the prepare checkout step:<script src="https://sandbox-card.peachpayments.com/v1/paymentWidgets.js?checkoutId={checkoutId}"></script> - With the
shopperResultUrlas the page on your site that the system redirects the customer to after completing the payment:<form action="{shopperResultUrl}" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>
When COPYandPAY builds the payment form, it automatically fetches the registration data from the server and displays the pre-filled widgets to the customer.
Sample form:
<form action="https://developer.peachpayments.com/docs/oppwa-integrations-copyandpay-registration-tokens?id=D13E84B9F923E92FB56186C14D258274.uat01-vm-tx01&resourcePath=%2Fv1%2Fcheckouts%2FD13E84B9F923E92FB56186C14D258274.uat01-vm-tx01%2Fpayment" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>body {background-color:#f6f6f5;}var wpwlOptions = {style:"card", registrations: {requireCvv: true}}
One-click checkout.
3. Get the payment status
The system redirects the customer to your shopperResultUrl with the GET parameter resourcePath=/v1/checkouts/{checkoutId}/payment.
https://sandbox-card.peachpayments.com/v1/checkouts/447D33CE6C9DBE38581DDF90B2E54D1D.uat01-vm-tx03/payment
curl -G https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment \
-d "entityId=8a8294174e735d0c014e78cf26461790" \
-H "Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ="public Dictionary<string, dynamic> Request() {
Dictionary<string, dynamic> responseData;
string data = "entityId=8a8294174e735d0c014e78cf26461790";
string url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment?" + data;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(url);
request.Method = "GET";
request.Headers["Authorization"] = "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=";
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) {
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
var s = new JavaScriptSerializer();
responseData = s.Deserialize<Dictionary<string, dynamic>>(reader.ReadToEnd());
reader.Close();
dataStream.Close();
}
return responseData;
}
responseData = Request()["result"]["description"];import groovy.json.JsonSlurper
public static String request() {
def data = "entityId=8a8294174e735d0c014e78cf26461790"
def url = ("https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment?" + data).toURL()
def connection = url.openConnection()
connection.setRequestMethod("GET")
connection.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
def json = new JsonSlurper().parseText(connection.inputStream.text)
json
}
println request()private String request() throws IOException {
URL url = new URL("https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment?entityId=8a8294174e735d0c014e78cf26461790");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=");
int responseCode = conn.getResponseCode();
InputStream is;
if (responseCode >= 400) {
is = conn.getErrorStream();
} else {
is = conn.getInputStream();
}
return IOUtils.toString(is, "UTF-8");
}const https = require('https');
const request = async () => {
const path = '/v1/checkouts/{id}/payment?entityId=8a8294174e735d0c014e78cf26461790';
const options = {
port: 443,
host: 'sandbox-card.peachpayments.com',
path: path,
method: 'GET',
headers: {
'Authorization': 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=',
},
};
return new Promise((resolve, reject) => {
const req = https.request(options, (res) => {
const buf = [];
res.on('data', (chunk) => buf.push(Buffer.from(chunk)));
res.on('end', () => {
const jsonString = Buffer.concat(buf).toString('utf8');
try {
resolve(JSON.parse(jsonString));
} catch (error) {
reject(error);
}
});
});
req.on('error', reject);
req.end();
});
};
request()
.then(console.log)
.catch(console.error);function request() {
$url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment";
$url .= "?entityId=8a8294174e735d0c014e78cf26461790";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
));
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$responseData = curl_exec($ch);
if (curl_errno($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $responseData;
}
$responseData = request();
echo $responseData;try:
from urllib.parse import urlencode
from urllib.request import build_opener, Request, HTTPHandler
from urllib.error import HTTPError, URLError
except ImportError:
from urllib import urlencode
from urllib2 import build_opener, Request, HTTPHandler, HTTPError, URLError
import json
def request():
url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment"
url += '?entityId=8a8294174e735d0c014e78cf26461790'
try:
opener = build_opener(HTTPHandler)
request = Request(url, data=b'')
request.add_header('Authorization', 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=')
request.get_method = lambda: 'GET'
response = opener.open(request)
return json.loads(response.read())
except HTTPError as e:
return json.loads(e.read())
except URLError as e:
return e.reason
responseData = request()
print(responseData)require 'net/https'
require 'uri'
require 'json'
def request()
path = ("?entityId=8a8294174e735d0c014e78cf26461790")
uri = URI.parse('https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment' + path)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req = Net::HTTP::Get.new(uri)
req['Authorization'] = 'Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ='
res = http.request(req)
return JSON.parse(res.body)
end
puts request()def initialPayment: String = {
val url = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment"
val fullUrl = s"$url?entityId=8a8294174e735d0c014e78cf26461790"
val conn = new URL(fullUrl).openConnection()
conn match {
case secureConn: HttpsURLConnection => secureConn.setRequestMethod("GET")
case _ => throw new ClassCastException
}
conn.setRequestProperty("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
conn.connect()
if (conn.getResponseCode >= 400) {
IOUtils.toString(conn.getErrorStream)
} else {
IOUtils.toString(conn.getInputStream)
}
}Public Function Request() As Dictionary(Of String, Object)
Dim url As String = "https://sandbox-card.peachpayments.com/v1/checkouts/{id}/payment" &
"?entityId=8a8294174e735d0c014e78cf26461790"
Dim req As WebRequest = WebRequest.Create(url)
req.Method = "GET"
req.Headers.Add("Authorization", "Bearer OGE4Mjk0MTc0ZTczNWQwYzAxNGU3OGNmMjY2YjE3OTR8SFV3I3JGQTQ9bWpxaWYrPz9OWVQ=")
req.ContentType = "application/x-www-form-urlencoded"
Dim res As WebResponse = req.GetResponse()
Dim resStream As Stream = res.GetResponseStream()
Dim reader As New StreamReader(resStream)
Dim response As String = reader.ReadToEnd()
reader.Close()
resStream.Close()
res.Close()
Dim jss As New System.Web.Script.Serialization.JavaScriptSerializer()
Dim dict As Dictionary(Of String, Object) = jss.Deserialize(Of Dictionary(Of String, Object))(response)
Return dict
End Function
Dim responseData As String = Request()("result")("description").ToString(){
"result":{
"code":"000.200.000",
"description":"transaction pending"
},
"buildNumber":"2a7cf1d3d14ccb52500fbcb1ceb7ff4a15b6843b@2026-03-27 00:42:41 +0000",
"timestamp":"2026-03-27 09:37:14+0000",
"ndc":"B3BAAB69F567A53F1E6199F804834BAE.uat01-vm-tx01"
}Updated about 4 hours ago