ZenPayments
  1. Hosted Fields Token
ZenPayments
  • General Information
    • Authentication
    • Errors
    • Responses
    • Filters
      • Example - gte
      • Example - between
      • Example - like
      • Example - in
      • Example - non-empty
    • Pagination
      • 10 results per page
    • Data Types
  • Merchants
    • Sandbox
      • Sandbox Payment Gateway
    • Card Payments
      • Authorization
      • Sale
      • Capture
      • Partial Capture
      • Refund
      • Partial Refund
      • Soft/Dynamic Descriptor
      • Card Authentication
      • Card Tokenization
      • Card Tokenization with Global Token
      • Sale with a Fee Terminal
    • Hosted Form
      • Generate
      • Generate with Billing and Contact Information
    • Hosted Fields
      • How it Works
      • Hosted Fields Token
        • Hosted Fields Token
          POST
      • Integration Guide
        • Step 1: Include the JavaScript Library
        • Step 2: Add HTML Elements for all payment fields
        • Step 3: Set the AccessToken and Configure the rest of the form
        • Step 4: Add styling
        • Step 5: Listen for Events
        • Step 6: Get the tokenized card
          • Get the tokenized card
        • Add Payment Method Page
        • Testing your integration
    • CustomerVault
      • Sandbox
        • Sandbox Dashboard
      • Hosted Card Form
        • Generate
      • Customers
        • List
        • View
        • Create
        • Update
        • Archive
        • Delete
      • Cards
        • List Cards
        • View
        • Add Card
        • Update Exp Date
        • Archive
        • Unarchive
        • Delete
      • Billing Information
        • List
        • View
        • Update
        • Create
      • Shipping Information
        • List
        • View
        • Update
        • Create
      • Recurring Payment
        • List
        • View
        • Update
        • Create
    • Transaction Reporting
      • List
      • View
    • Response Codes
      • Verification Response Codes
    • 3DSecure
      • Version
      • Create
        • Create
      • Check
        • Check
      • Test Cards
    • Account Updater
      • Card Compatibility
      • How It Works
        • Sale with Account Updater
    • ACH Payments
      • General Information
      • Transactions
        • SEC Codes
        • Statuses
        • Actions
          • Action
        • History Log
          • Log
        • List
        • View
        • Create ACH
        • Create ACH & Save Customer
        • Create ACH for an existing Customer
        • Create ACH for an existing Customer and specific Account
        • Remove
      • Hosted Form
        • Example Request
      • Customers
        • List Customers
        • View specific Customer
        • Create Customer
        • Update Customer
        • Delete a Customer
      • Customer Accounts
        • List Customer Accounts
        • Create Customer Account
        • Update Customer Account
        • Delete a Customer Account
      • Bank Information
        • View
      • ACH Settlements
        • List
        • View
      • ACH Webhooks
        • New ACH Record
        • ACH Status Update
        • New ACH Customer
    • Reporting
      • Sandbox
        • Sandbox Dashboard
      • Authorizations
        • List
        • List with Filters
      • Batches
        • List
        • List with Filters
        • Summary
      • Payouts
        • List
        • View
        • Export
      • Chargebacks
        • Disputes
          • Upload a temporary file
          • Create a Dispute
          • Preview
          • Submit
        • Webhooks
          • Signatures
          • Events
            • Chargeback
              • New Chargeback Record
              • Chargeback Update
        • View
          • List
          • View
      • Statements
        • List
        • Download
      • Reserve
        • List
      • Fraud Report
        • Generate
      • Visa Verifi
        • Submiting External Transactions
          • Submit
        • List
      • Other Reports
        • Request a Report
        • Check Status
        • Download
    • Gateway Test Cards
  • Platforms
    • Sandbox
      • Sandbox Dashboard
    • Onboarding
      • Boarding Applications
        • Campaigns
          • List
        • Equipment
          • Terminals
            • List
            • View
          • View
          • Update
        • List
          • List Boarding Applications
        • Create
          • Create Boarding Application
        • Delete
          • Delete Boarding Application
        • View
          • View Boarding Application
        • Update
          • Update Boarding Application
        • Principals
          • List Principals
          • Create Principal
          • Update a Single Principal
          • Mass update Principals
          • Delete Principal
        • Processing
          • View Processing section
          • Update Processing section
        • Merchant Category Codes (MCCs)
          • List MCCs
        • ACH
          • View ACH section
          • Update ACH section
        • Documents
          • Attachment About
            • List All Document Categories
          • View all documents
          • MPA
          • Assign a single document
          • Assign multiple documents
          • Update a single document
          • Delete a single document
        • Fees
          • Types
            • List
          • Other Fees
            • Add
            • Update
            • Delete
          • List all fees
          • View a specific fee
          • Update a single fee
          • Update multiple fees
        • Bank Accounts
          • Add
          • Update
          • Change
        • Validate
          • Validate a Boarding Application
        • URL
          • GET URL of Boarding Application
        • Signature
          • Request E-sign
            • Request Signature
          • Embed E-sign
            • Embeded E-sign Example Flow 1
            • Embeded E-sign Example Flow 2
            • Request Embed
          • Manually Signing
            • Manual Sign
          • External eSign Signing
            • External eSign
        • Automation
          • AutoSign
            • Set AutoSign
          • AutoUnderwriting
            • Set AutoUnderwriting
        • Status
          • Set status to Underwriting
        • Notes
          • List
          • Create
      • Merchants
        • Terminals
          • List Terminals
          • View a specific Terminal
          • VAR Sheet
          • VAR View
        • List Merchants
      • DBA
        • List
        • View
      • Attachments
        • Temporary Upload
          • Temporary Upload
        • Chunk Upload
          • Initialize
          • Upload Request 1/2
          • Upload Request 2/2
        • Standard Upload
        • List attachments
        • View
        • View in browser
        • Download
        • Delete
      • Webhooks
        • Signatures
        • Events
          • Boarding Application
          • Merchant
            • Account
              • New Acquiring Account
              • New ACH Account
              • Closed Acquiring Account
              • Closed ACH Account
            • Terminal
              • New Terminal Record
              • Update Terminal Record
              • Delete Terminal Record
    • Reporting
      • Authorizations
        • List
        • List with Filters
      • Batches
        • List
        • List with Filters
        • Summary
      • Payouts
        • List
        • View
        • Export
      • Chargebacks
        • View
          • List
          • View
        • Disputes
          • Upload a temporary file
          • Create a Dispute
          • Preview
          • Submit
        • Webhooks
          • Signatures
          • Events
            • Chargeback
              • New Chargeback Record
              • Chargeback Update
      • Statements
        • List
        • Download
      • Reserve
        • List
      • Fraud Report
        • Generate
      • Other Reports
        • Request a Report
        • Check Status
        • Download
    • Residuals
      • List
      • View
    • Tickets
      • Update Ticket Status
        • Close
        • Re-Open
      • Responses
        • List
        • Create
        • Add an Attachment
      • Attachments
        • List
        • View
        • Create
        • Delete
      • Categories
        • List
      • Notes
        • List
        • View
        • Create
        • Update
        • Delete
        • Attachments
      • List
      • Create
      • View a specific ticket
    • Connect
      • Webhooks
        • Access Granted
        • Access Updated
        • Access Revoked
    • Misc
      • Address Checker
        • List Countries
        • List States
        • List Cities and Zip Codes
        • Filter by City and State
      • BIN Check
        • Get BIN Information
  1. Hosted Fields Token

Hosted Fields Token

POST
/api/hosted-fields/token
Supported Parameters:
FieldsDescriptionTypeDefaultRequired
expirationToken expiration in minutes. The maximum allowed value is 30Integer30No
terminalThe ID of your terminal on which the payment will be processed. Must be an active terminal using our GatewayIntegerN/AYes
domainThe Website domain on which the token will be used. Please use full URL Name. E.g. https://my.website.comStringN/AYes
saveCardWhether you want to retrieve the tokenized card after the payment is made. Allowed values: required, optional, disabledStringdisabledNo
3dsEnable or Disable 3DS checks.booleanfalseNo

expiration Parameter#

Controls the expiration time of the token. Defaults to 15 minutes if not provided. The maximum allowed value is 30. If card saving (card tokenization) was allowed by the user during the payment process (or if you made it a requirement), you must retrieve the tokenized card while the Hosted Fields Token is still active.
For example if you issue an Hosted Fields Token with an expiration time of 10 minutes, then the payment and card token retrieval must occur within this time limit. Otherwise, you will need to issue a new Hosted Fields Token. If the payment is made within the time limit but the card token is not retrieved within the same period, it will be lost and will not be available to you

terminal Parameter#

Specifies the terminal ID on which the payment will be processed. The terminal must be in Active status and must be an internal terminal, pointing to our gateway.

domain Parameter#

Specifies the URL on which the Hosted Fields Token will be used and the payment form will be rendered. You need to specify the full URL. E.g: https://my.website.com. If your website is accessed with a port number, you need to provide it too. E.g: https://my.website.com:3000

saveCard Parameter#

Specifies whether you want to save the tokenized card after the payment is made. Accepted values: required, optional, disabled.
required#
The card will be tokenized and available for you to fetch after the payment is processed. A message will be rendered above the payment form submit button informing the user that their card will be saved. You are responsible for requesting the tokenized card after the payment.
optional#
Card tokenization will be optional. The user will be presented with a checkbox to explicitly confirm that they want their card to be saved for future payments. If unchecked the card token will not be available for you.
disabled#
This is the default value of the saveCard parameter. Card tokenization will not be performed and the card token will not be available to you.

3ds Parameter#

Enables or disables the 3DS Verification when it is set as optional on the terminal. If the terminal you specified requires 3DS Verification, then the 3DS will be enabled by default and you wont be able to disable it in your hosted fields form. If 3DS verification is disabled on your terminal, then the 3DS will also be disabled. If you still request 3DS verification for the Hosted Fields Token when 3DS is disabled, an exception will be thrown.

Request

Authorization
Provide your bearer token in the
Authorization
header when making requests to protected resources.
Example:
Authorization: Bearer ********************
Body Params application/json

Example
{
    "expiration": 15,
    "terminal": 3,
    "domain": "https://my.website.com",
    "saveCard": "required",
    "3ds": false
}

Request Code Samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST '/api/hosted-fields/token' \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "expiration": 15,
    "terminal": 3,
    "domain": "https://my.website.com",
    "saveCard": "required",
    "3ds": false
}'

Responses

🟢200Hosted Fields Token
application/json
Body

Example
{
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczpcL1wvZGFzaGJvYXJkLmludCIsInN1YiI6Ikhvc3RlZCBGaWVsZHMgQWNjZXNzVG9rZW4iLCJhdWQiOm51bGwsImV4cCI6MTc0MTcwMjY0MiwiaWF0IjoxNzQxNzAxNzQyLCJzYXZlQ2FyZCI6InJlcXVpcmVkIiwidGhyZWVkcyI6ZmFsc2UsImlmcmFtZVNyYyI6Imh0dHBzOlwvXC9kYXNoYm9hcmQuaW50XC9nYXRld2F5XC9ob3N0ZWQtZmllbGRzIiwiZG9tYWluIjoiaHR0cHM6XC9cL2xvY2FsaG9zd",
    "issued_at": 1741701742,
    "expiration": 15,
    "expires_at": "2025-03-11 14:17:22 UTC"
}
Modified at 2025-08-09 05:39:41
Previous
Hosted Fields Token
Next
Step 1: Include the JavaScript Library
Built with