This procedure is used when your Square account isn't a developer account and your application uses only a seller account access token. The customer, card, and payment are all created in a seller account.
Create a Card on File and a Payment
Before saving a card on file, you need to get a valid single-use payment token that represents a buyer's payment card using the Web Payments SDK
Important
The postal code entered in the SDK's payment card form must match the postal code used in the CreateCard
You can use Sandbox test card information
Use the CreateCustomer
The following example CreateCustomer
request is made with an access token from the seller Square account:
Create customer
The Customers API returns the following response:
{ "customer": { "id": "Q6VKKKGW8GWQNEYMDRMV01QMK8", "created_at": "2021-03-31T18:27:07.803Z", "updated_at": "2021-03-31T18:27:07Z", "given_name": "Amelia", "family_name": "Earhart", "email_address": "Amelia.Earhart@example.com", "preferences": { "email_unsubscribed": false }, "creation_source": "THIRD_PARTY" } }
The id
field in the response is used in the following step.
Call the CreateCard
The following example uses the customer_id
value of Q6VKKKGW8GWQNEYMDRMV01QMK8
returned in the response in the previous step:
Create card
The Cards API returns the following response:
{ "card": { "id": "ccof:uIbfJXhXETSP197M3GB", "billing_address": { "address_line_1": "500 Electric Ave", "address_line_2": "Suite 600", "locality": "New York", "administrative_district_level_1": "NY", "postal_code": "10003", "country": "US" }, "bin": "411111", "card_brand": "VISA", "card_type": "CREDIT", "cardholder_name": "Amelia Earhart", "customer_id": "Q6VKKKGW8GWQNEYMDRMV01QMK8", "enabled": true, "exp_month": 11, "exp_year": 2024, "last_4": "1111", "prepaid_type": "NOT_PREPAID", "reference_id": "user-id-1", "version": 1 } }
Important
Always ask customers for permission before saving their card information. For example, include a checkbox in your purchase flow that customers can select to specify that they want to save their card information for future purchases.
Linking cards on file without obtaining customer permission can result in your application being disabled without notice.
Use CreatePayment
Did you know?
The access token that you use in any Square API call determines which Square account the call applies to.
This is an optional step that you do only if you want to take a payment with the card that was just stored on file. If you don't want to take a payment, skip this step. The customer payment card is already stored on file.
Create a new payment in the seller account where the source_id
is the ID of the newly saved card on file from step 2 and the customer_id
from step 1.
Create payment