COPYandPAY Omni Tokens

Last updated:April 16, 2025

COPYandPAY allows you to securely collect card data from shopper and initiate provisioning of an omni token in the Token Vault.

To better understand omni tokens for eCommerce and inStore, please read Tokenization Guide.
To use network tokens issued by the card networks for your payments, please be informed that an enhanced integration will be made available.

Use cases

Tokenization during payment

Provision an omni token during the initial payment or account verification.

Select

Standalone tokenization

Provision an omni token to be used later in payments.

Select

One-click checkout

Authorize payment with a selected stored omni token.

Select

Tokenization during payment

The merchant collects card data from shopper via widget and initiates omni tokenization along an account verification (zero amount auth) or initial purchase. An omni token is synchronously provisioned and returned to the merchant once the payment is complete. The omni token can then be used in subsequent payments.

There are two ways to store the raw card details during a payment checkout:

Merchant-determined tokenization (see below). Add createOmniToken=true in the checkout request.
Shopper-determined tokenization. Add a checkbox to the COPYandPAY form to let the customer decide whether or not to store the raw card details.

How it works

Prepare the checkout

Send the request parameters server-to-server to prepare the payment form.

Create the payment form

Display the payment form on your checkout page. Shopper submits the card and payment information.

Card is omni-tokenized and made available to merchant for subsequent payments.

Payment authorization is performed with real card data.

Get the payment status

Find out if the payment and omni token were successful.

Transactions:

1. Prepare the checkout

Perform a server-to-server POST request to prepare the checkout with the required payment and customer data, including the order type, amount and currency. The response to a successful request is an id required in the second step to create the payment form.

Sample request:

2. Create the payment form

Create the payment form by adding the following lines of HTML/JavaScript to your page:

With the checkout_id received from first step

<script
	src="https://eu-test.oppwa.com/v1/paymentWidgets.js?checkoutId={checkout_id}"
	integrity="{integrity}"
	crossorigin="anonymous">
</script>

With the shopperResultUrl as the page on your site where the end consumer should be redirected after the payment is complete
```
<form action="{shopperResultUrl}" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>
```

Sample form:

3. Get the payment status

Once the payment request is processed, the customer is redirected to your shopperResultUrl along with a GET parameter resourcePath.

resourcePath=/v1/checkouts/{checkout_id}/payment

Sample request:

Standalone tokenization

The merchant collects card data from shopper via widget and initiates omni tokenization. No payment request/flow involved. An omni token is synchronously provisioned and returned back to the merchant. The omni token can then be used in subsequent payments.

How it works

Prepare the checkout

Send the request parameters server-to-server to prepare the tokenization form.

Create the token form

Display the tokenization form on your checkout page. Shopper submits the card information to create omni token.

Get the token status

Find out if the omni token was successful.

OPTIONAL

Send the payment using the token

Send the payment using the stored omni token.

Transactions:

1. Prepare the checkout

Perform a server-to-server POST request to prepare the checkout with the required customer data, including createOmniToken=true but excluding paymentType. The response to a successful request is an id required in the second step to create the tokenization form.

Sample request:

2. Create the token form

Create the tokenization form by adding the following lines of HTML/JavaScript to your page:

With the checkout_id received from first step

<script
	src="https://eu-test.oppwa.com/v1/paymentWidgets.js?checkoutId={checkout_id}"
	integrity="{integrity}"
	crossorigin="anonymous">
</script>

With the shopperResultUrl as the page on your site where the end consumer should be redirected after the tokenization is complete
```
<form action="{shopperResultUrl}" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>
```

Sample form:

3. Get the token status

Once the tokenization request is processed, the customer is redirected to your shopperResultUrl along with a GET parameter resourcePath.

resourcePath=/v1/checkouts/{checkout_id}/omnitoken

Sample request:

4. Send payment using the token

Perform a server-to-server POST request over the omni token retrieved in the previous step.
Alternatively, use one-click checkout to authorize the payment with a selected stored omni token. Before proceeding with the payment based on the omniToken, a detokenization occurs to ensure the necessary card details are available for the transaction.

Sample request:

One-click checkout

Speed up of the checkout process by re-using the raw card data a shopper entered previously. A shopper returns on the merchant’s website (card is already omni tokenized). An unscheduled one-click purchase with one of the saved omni tokens is performed. A cardholder initiated (CIT) payment is authorized with the real card data as retrieved from the Token Vault for the omni token.

How it works

Prepare the checkout

Send the request parameters server-to-server to prepare the payment form.

Create the payment form

Display the one-click checkout payment form. Shopper selects the tokenized card and submits the payment information.

Payment authorization is performed with real card data as retrieved from the Token Vault.

Get the payment status

Find out if the payment was successful.

Transactions:

1. Prepare the checkout

Perform a server-to-server POST request to prepare the checkout with the required payment data, including the omni token IDs. The stored card on files should be sent in the omniToken[n].id parameter, where n is a sequence number from zero, incrementing for each of the customer's omni token IDs. The response to a successful request is an id required in the second step to create the one-click payment form.

Sample request:

2. Create the payment form

Create the payment form by adding the following lines of HTML/JavaScript to your page:

With the checkout_id received from first step

<script
	src="https://eu-test.oppwa.com/v1/paymentWidgets.js?checkoutId={checkout_id}"
	integrity="{integrity}"
	crossorigin="anonymous">
</script>

With the shopperResultUrl as the page on your site where the end consumer should be redirected after the payment is complete
```
<form action="{shopperResultUrl}" class="paymentWidgets" data-brands="VISA MASTER AMEX"></form>
```

When COPYandPAY builds the payment form to display stored cards, a detokenization process is performed for each available stored card or omniToken using the Token Vault. This process retrieves essential card details such as the last four digits, expiry date, and holder name (if available). The detokenization operation will now appear as a separate transaction in the system, identified by the DT paymentType.

Sample form:

3. Get the payment status

Once the payment request is processed, the customer is redirected to your shopperResultUrl along with a GET parameter resourcePath.

resourcePath=/v1/checkouts/{checkout_id}/payment

Sample request:

COPYandPAY Omni Tokens

Last updated:April 16, 2025

Use cases

Tokenization during payment

Standalone tokenization

One-click checkout

Tokenization during payment

How it works

1. Prepare the checkout

2. Create the payment form

3. Get the payment status

Standalone tokenization

How it works

1. Prepare the checkout

2. Create the token form

3. Get the token status

4. Send payment using the token

One-click checkout

How it works

1. Prepare the checkout

2. Create the payment form

3. Get the payment status

See also