Area: Optimizely B2B Commerce

TokenEx API call

Recommended reading 

We use TokenEx (https://tokenex.com/) as a common payment gateway provider for our Cloud offering for a variety of reasons including improved security, and simpler PCI compliance. To use this provider, all Cloud customers must implement an iframe to capture the credit card number and CVV. Our implementation also has some credit card formatting as the card number is entered. See iFramed Credit Card Processing for Cloud for more information.

TokenEx API Endpoint

Whenever we use TokenEx to pass in a credit card, we need to obtain a temporary authentication key, which is good for 30 minutes. The API endpoint to retrieve this key is called /api/v1/tokenexconfig and supports the GET function. The call doesn't need any parameters and is not overridable, as there is not a handler involved. (To test, just provide the authorization bearer token to view the response. See this article for more on surfacing the bearer token.)

The API response includes the following:

Element Value
Origin Primary website URL.
Timestamp Year, month, day and time of request.
TokenEx ID The value entered in this field under the Use TokenEx Gateway setting.
Token Scheme The value entered in this field under the Use TokenEx Gateway setting.
AuthenticationKey Encoded value that expires after 30 minutes.

TokenEx API Response Example

Do you find this information helpful? Please log in to provide feedback.

Last updated: Dec 11, 2020

Recommended reading