Hosted Payments is an application to allow you to quickly, easily, and securely integrate payments into your existing web application.
Hosted Payments uses Fullsteam hosted iFrames to collect sensitive card data to keep you out of PCI scope.
How it Works
Your backend provides credentials to FullsteamPay Gateway (/api/authenticationKey/accountId/create) in exchange for a one time use authentication key
The retrieved authentication key is used by your website to initialize and embed Fullsteam Hosted Payment inputs via iFrames
The user enters sensitive payment details into the Fullsteam Hosted Payment input fields
The user submits the payment. Payment details and the authentication key are sent to Fullsteam. Fullsteam returns a HostedPaymentsAccountID which represents the non-verified payment details
Your website sends the HostedPaymentsAccountID and other purchase details to your backend
Your backend sends the HostedPaymentsAccountID to the FullsteamPay Gateway to perform one of the following actions:
Authorize (allows you to authorize a transaction and come back later to capture it)
Charge (allows you to perform one call that both authorizes and adds the transaction to the batch)
Tokenization (allows you to convert the HostedPaymentsAccountID to a Fullsteam Token that can be used in the future)
Payment details are verified and results of the specified action are returned
Embedding Inputs
Hosted Forms
Hosted Forms uses a Popup style iFrame input form to collect all the data in one place. The Hosted Forms option is easier to integrate to, but
gives less control over the look and feel of the data entry.
Hosted Controls
Hosted Controls uses individual data field iFrames for each element that is to be collected on the page. This allows the host page to have
complete control over the look and feel of the data entry experience but is more complicated to set up.