Checkout Web integration
This guide helps you get started with the Checkout SDK on web browsers.
Prerequisite
- A Mangopay ClientId and API key (get a Sandbox API key for free)
- A User and their associated Wallet to complete the pay-in
- A card to register or payment method setup (see Testing - Payment methods for testing information)
Supported browsers: Chrome 117, Firefox 118, Safari 16, or higher
Installation
You can install the Mangopay Checkout SDK using npm or yarn.
Install with npm:
Install with yarn:
Install via CDN
If you are using script tags to load files, include the Mangopay SDK script in your HTML:
Warning – Load script from Mangopay Checkout domain
To maintain PCI compliance, the script must be loaded directly from the Mangopay Checkout domain:
http://checkout.mangopay.com
The script must not be bundled or hosted on other domains. You must reference it directly from our domain.
Content Security Policy (CSP)
Caution - Allow policies if using CSP
If your web page is using the Content-Security-Policy response header, you need to allow the policies below.
Initialization
Initialize the SDK and specify the configuration options.
Initialization parameters
options
The child parameters of the options object parameter:
Configuration
Configure the MangopayCheckout parameters and delegates.
Example - Vanilla JS
Example - ReactJS
MangopayCheckout parameters
Updating options
After the SDK has been initialized you can update the options without needing to fully reinitialize again by using the updateOptions method. Make sure you pass a complete updated options object as specified in the Configuration section.
Handling redirection
Warning – Use Mangopay Checkout domain as return URL
When making the pay-in request from your backend, use the Mangopay Checkout URL as the SecureModeReturnURL or ReturnURL (depending on the payment method):
http://checkout.mangopay.com
The user must be returned to this URL after redirection.
Some payment methods (card, Google Pay, PayPal) require or may require the user to be redirected to authorize or complete a transaction.
The Checkout SDK allows you to manage the entire payment flow seamlessly while retaining control over transaction logic in your backend. Once a payment method is selected and payment details are provided, use the options.onCreatePayment function to request the transaction from your backend.
Subsequently, and when necessary for the transaction type, the Checkout SDK seamlessly manages additional redirect actions for 3DS authorization or otherwise validating the payment.
To manage transaction redirects effectively with the SDK:
Define onCreatePayment
In your paymentMethods configurations, define an options.onCreatePayment attribute as a function.
Within your function:
- Request a transaction from your server and subsequently, Mangopay.
- Return the unaltered transaction response object to the SDK.
The SDK:
- Redirects the user to the payment authentication page when necessary.
- Manages payment provider redirects back to the SDK.
- Triggers the
onPaymentCompleteevent with the ID and status of the transaction. - Confirms the redirect result on your server by invoking the corresponding GET API of the transaction.
- Presents the payment result to the user.
Configuring card payments
To configure the card payment method, specify card as the type of the paymentMethods object. For the options, use the following configuration parameters.
options
Card configuration example
Card tokenization
In the options for the card payment method, create a function to handle creation of Card Registration event handler in the paymentMethods object:
- Your
onCreateCardRegistrationfunction calls your server, and passes it the card brand of the user. - Your server makes a request to Create a Card Registration.
- In response, your server receives a Card Registration object.
- In your
onCreateCardRegistrationfunction, return the unmodified Card Registration object to the SDK. - The SDK tokenizes the card and updates the Card Registration object to create the
CardIdwhich is used for payment.
tokenizationComplete output
Requesting card pay-ins
You can use a registered card (CardId) for requests with the following API objects:
- The Card Validation object, to validate a card without debit
- The Direct Card PayIn object, for one-shot card payments
- The Recurring PayIn Registration object, for recurring card payments
- The Preauthorization object, for 7-day preauthorized card payments
- The Deposit Preauthorization object, for 30-day preauthorized card payments
In your requests:
- Ensure that the
SecureModeReturnURLparameter is set tohttps://checkout.mangopay.com - Submit the
PreferredCardNetworkvalue if it was received byonCreatePayment
Managing saved cards
The Checkout SDK can allow the user to save their card for a future payment.
Enable saving cards
To enable saving cards, set enableSaveCard to true to present a Save card checkbox on the user interface.
Deactivate if card not saved
If the user doesn’t check the box, then the CreatePaymentData object returns SaveCard : false. In this case, you must systematically call PUT Deactivate or edit a Card to deactivate it in the Mangopay API.
If saved, store tokenized card in your system
If the user checks the box, the SaveCard flag is set to true and passed to your onCreatePayment handler. You can then store the card object in your system.
Re-use saved cards
To present the user’s saved cards in the next payment session, send an array of card objects in the savedCards array in the payment method configuration.
If sent, then a dropdown appears in the interface in the card number input field. When a saved card is selected, the SDK uses it for the payment process.
Deactivate card if user removes it
In the dropdown, there is an option for the user to remove a saved card. In this case, the onDeactivateSavedCard is triggered and you must:
- Remove the card in your system
- Call PUT Deactivate or edit a Card to deactivate it in the Mangopay API
Caution - Deactivate card systematically unless user saves it
Under no circumstances should card information be kept without the end user’s approval.
If CreatePaymentData returns SaveCard : false, indicating the user doesn’t wish to save it, then you must call PUT Deactivate or edit a Card to deactivate it in the Mangopay API.
The same is true if the onDeactivateSavedCard is triggered, indicating that the user wishes to remove the card.
Diagram - Saved cards
The following diagram shows the flow of managing saved cards:
Saved card example
Configuring Apple Pay
Note - Apple Pay integration required
Offering Apple Pay requires additional setup by the platform, including certification and integration. For more information, see the Apple Pay guide.
Caution - Apple Pay on the Web availability
Apple Pay on the Web, using the JavaScript Checkout SDK, is only available on Mac and iOS devices. Apple Pay on the Web also requires additional certification.
To configure the Apple Pay payment method, specify apple_pay as the type of the paymentMethods object. For the options, use the following configuration parameters.
Apple Pay configuration options
paymentRequest
Requesting the merchant session from your server
Displaying the Apple Pay payment sheet using the Mangopay Checkout SDK works as follows:
- You generate the merchant session from your server
- The SDK’s
onValidateMerchantfunction calls your server and passes it the static hostnameapple-pay-gateway.apple.comas the validation URL. In the China region, usecn-apple-pay-gateway.apple.com. - Your server uses the validation URL to request a session from the Apple Pay server, as described in Requesting an Apple Pay Payment Session.
- In the response, your server receives an opaque merchant session object:
MerchantSession. - You pass the merchant session object to the
completeMerchantValidationmethod of the SDK (see Apple Pay documentation for more information on this method).
Requesting Apple Pay pay-in
To request the payment, use the Create an Apple Pay PayIn endpoint and include the Apple Pay PaymentData.
- Set up payment delegate – Assign a delegate function to the
onCreatePaymentattribute in your Apple Pay options. - Handle payment authorization – After the user successfully authorizes a card for payment through the Apple Pay sheet, the SDK will call your
onCreatePaymentfunction and pass thePaymentDatato it. - Create pay-in – Implement the backend creation of the Apple Pay PayIn on your server using the
PaymentDataprovided. - Return pay-in object – After creating the pay-in, return the pay-in object to the SDK.
Apple Pay configuration example
Configuring Google Pay
Note - Google Pay setup required
Offering Google Pay requires additional setup by the platform. For more information, see the Google Pay guide.
Caution - Add Mangopay Checkout to your Google Console
You need to add checkout.mangopay.com along with your domain to the authorized list in the Google Business Console to view the Google Pay payment popup.
This allows the Checkout SDK to ensure the Google Pay experience is presented appropriately to your users. Not following this guidance may impact your payment acceptance on Google Pay.
To configure the Google Pay payment method, specify google_pay as the type of the paymentMethods object. For the options, use the following configuration parameters.
Google Pay configuration options
Obtaining Google Pay token
The onTokenizationComplete function is called after the user approves the payment on the Google Pay form. The output contains the paymentData object (see Google Pay documentation) which is needed to request the Google Pay payment via the API from your backend.
Requesting Google Pay pay-in
To request the payment, use the Create a Google Pay PayIn endpoint. Include the Google Pay PaymentData and ensure that the SecureModeReturnURL parameter is set to https://checkout.mangopay.com.
- Set up payment delegate – Assign a delegate function to the
onCreatePaymentattribute in your Google Pay options. - Handle payment authorization – After the user successfully authorizes a card for payment through the Google Pay sheet, the SDK will call your
onCreatePaymentfunction and pass thePaymentDatato it. - Create pay-in – Implement the backend creation of the Google Pay PayIn on your server using the
PaymentDataprovided. - Return pay-in object – After creating the pay-in, return the pay-in object to the SDK.
Google Pay configuration example
Configuring PayPal
Note – PayPal setup required
Offering PayPal requires approval from PayPal and activation. For more information, see the PayPal article.
PayPal configuration options
To configure PayPal, specify paypal as the type of the paymentMethods object. For the options, use the following configuration parameters.
PayPal configuration example
Requesting PayPal pay-in
To request the payment, use the POST Create a PayPal PayIn endpoint. Ensure that the ReturnURL parameter is set to https://checkout.mangopay.com.
Configuring PayPal One-Click payments
PayPal One-Click allows returning customers to pay without re-entering their PayPal credentials. When enabled, the SDK displays a checkbox that lets customers opt in to save their PayPal account for future payments.
How it works
- You configure the SDK with the
clientToken(root-level, see below) andenableOneClickset totrue(PayPal options) - The SDK renders a checkbox allowing the customer to opt in for one-click payments
- When the customer completes the payment,
onCreatePaymentreceives a second boolean argument indicating if the checkbox was checked - If
true, your backend creates a Recurring PayIn Registration object and then a linked CIT pay-in - When the customer returns, the one-click payment experience is rendered automatically, allowing them to pay without logging in to PayPal
- For the subsequent payments, you create a non-recurring PayPal pay-in
Prerequisites
Before implementing PayPal One-Click payments, you must have PayPal activated on your platform (see PayPal setup requirements).
Obtaining the clientToken
To initialize the SDK for PayPal One-Click, you need to obtain the clientToken as follows:
- Contact Mangopay (via the Dashboard) to obtain a dedicated API key for use with
clientTokenfeatures - From your server, call the POST Create an OAuth bearer token endpoint using the API key (with Basic authentication, encoding the string
ClientId:ApiKeyin Base64) - Using the
access_tokenreturned from the previous step, from your server call the POST Create an access token for Checkout SDK features using Bearer authentication
In response, the API returns another access_token which is the value to use as the clientToken when initializing the SDK for PayPal One-Click. The clientToken has a validity of 15 minutes, meaning the user must complete the transaction in that time.
PayPal One-Click configuration options
Complete code example
Backend implementation
When enableOneClick is true, your backend should:
- Call POST Create a Recurring PayIn Registration (PayPal) for the user
- Call POST Create a Recurring PayPal PayIn with the CIT payload
- Store the
RecurringPayinRegistrationIdfor future one-click payments
For subsequent one-click payments for the user, call the non-recurring POST Create a PayPal PayIn endpoint.
Standard PayPal vs PayPal One-Click comparison
Obtaining browser info for a pay-in
The browserInfo object is required when submitting a pay-in request. To get the required values for the transaction, use the getBrowserInfo function from the Checkout SDK instance. Pass on the values to your server.
Verifying the payment result
Once the onPaymentComplete event is triggered, verify the status of the relevant Mangopay API object:
Caution – Check payment result from backend
You should confirm the transaction result returned by the Checkout SDK by calling the Mangopay API from your backend.
Showing and dismissing the loading spinner
When processing a token request, the SDK shows a loading spinner and retains it until the loading state is set to false. This provides a temporary state for the user until the full payment is complete, including calls from your platform’s backend.
The setLoading method handles the loading state for displaying and dismissing the spinner.
Using Card Element
Card Element is a ready-made component that allows you to create your own card payment experience and tokenize card payment details. With Card Element, you can incorporate a custom pay button and have control over the tokenization process.
When using Card Element, you still benefit from card data validation, and the ability to customize the payment form.
Initialize the cardFormElement with your ClientId and select your environment (Sandbox or Production).
cardFormElement-specific options
Vanilla JS usage example
ReactJS usage example
Branding
You can customize the appearance of the checkout using the branding object.
Theme variables and rules
You can use the rules and variables objects for further customization.
Variables
Variables are CSS variables that you can declare and use in your theme rules.
Rules
Rules allows you to apply CSS styles to Checkout SDK components. To do so, target components by class names, with or without the CSS class selector prefix (FieldContainer or .FieldContainer), and specify the styles to apply. The feature supports all native CSS properties and nesting.
Localization
Mangopay Checkout SDK has built-in localization support for: DE, EN, ES, FR, NL, PT
You can customize labels, placeholder and success and error messages by providing a customLanguage object.