Secure Payments By BookingSync #231
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ZenCocoon
requested changes
May 20, 2017
|
|
||
| ## Preface | ||
|
|
||
| If you have an integration with BookingSync and you create bookings on your side according to the instant booking flow (i.e. a booking gets confirmed only when the credit card payment is executed successfully) and you don't have PCI DSS compliant platform for collecting credit card payments, you can use our Secure Payments By BookingSync flow for this purpose. |
There was a problem hiding this comment.
Should still require at least PCI-DSS 3.1+ SAD-A when using a full client side process (JS SDK) and SAQ-D (server-to-server integration) otherwise.
|
|
||
| To handle integration with Secure Payments By BookingSync you need to have an application with `payments_write` or `payments_write_owned` scope. We recommend using `payments_write_owned` for this purpose to make sure the payment is not editable by anyone else, only by your application. | ||
|
|
||
| Also, the rental for which the booking will be created requires to be instantly bookable and the it needs to have a payment gateway assigned (which will be used for executing the credit card payment) which supports the currency that is set for the rental. |
|
|
||
| * Create a tentative booking | ||
| * Create a tentative instant booking payment | ||
| * Send credit card data and payment id to our PCI DSS platform for executing payment, which will confirm both booking and payment if the payment is successfully executed |
There was a problem hiding this comment.
for executing payment > for executing the payment
|
|
||
| ## Creating A Tentative Booking | ||
|
|
||
| Instant Booking flow requires payment to confirm the booking, so we recommend creating a tentative booking and leaving the confirmation to our PCI DSS platform. The confirmation process should take up to few minutes, so we recommend to set tentative expire date to 5 or 10 minutes from now. To create a tentative booking you need to provide 2 params (besides the requires one): |
There was a problem hiding this comment.
what about? confirmation to our PCI DSS platform > confirmation to our PCI DSS payment platform
There was a problem hiding this comment.
hoo, right, looks odd without the payment
| * tentative_expires_at - to set the expiry date | ||
| * booked - set it to `false` | ||
|
|
||
| You can find more about the bookings' attributes and how to create them [here](/reference/endpoints/bookings/). |
There was a problem hiding this comment.
Not fan of here links, what about on the [bookings endpoint documentation](/reference/endpoints/bookings/).
| Another step would be creating a tentative payment (i.e. not confirmed payment) of `instant-booking` kind for the given booking. This payment will get confirmed once the successful credit card payment is executed. Here the essential attributes you need to provide for such payment: | ||
|
|
||
| * amount_in_cents - amount in cents for the payment that will be charged | ||
| * currency - currency of the payment |
There was a problem hiding this comment.
Good to mention that it should be the same as the booking currency.
|
|
||
| We also recommend including more details like `fullname`, `email`, `zip` and other address related field. | ||
|
|
||
| You can find more about the payments' attributes and how to create them [here](/reference/endpoints/payments/). |
| "card_number": 4111111111111111, | ||
| "cardholder_name": "John Doe", | ||
| "expires_at_month": "12", | ||
| "expires_at_year": "2020" |
| "address1": "some address 1 / 10", | ||
| "zip": "12312", | ||
| "city": "San Francisco", | ||
| "country_code": "US" |
There was a problem hiding this comment.
Good to provide state if using a US example.
|
|
||
| ## Executing Payment | ||
|
|
||
| Once you have created a payment, you need to take its id and collect the credit card data. |
There was a problem hiding this comment.
Odd wording regarding credit card data collection. What about?
Once you have created a payment, you need to execute the payment using its id and the credit card data.
There was a problem hiding this comment.
Yeah, looks sounds better.
|
@ZenCocoon Done. |
Azdaroth
changed the title
ZenCocoon
reviewed
May 23, 2017
| We also recommend including more details like `fullname`, `email`, `zip` and other address related field. | ||
|
|
||
| You can find more about the payments' attributes and how to create them [here](/reference/endpoints/payments/). | ||
| You can find more about the payments' attributes and how to create themin the [payments endpoint documentation](/reference/endpoints/payments/). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.