Server-to-Server Omni Tokens

Last updated:January 17, 2025

This Server-to-Server guide describes how you can store the data and subsequently use the stored card details to perform payment transactions.

To better understand omni tokens in eCommerce and inStore, please read Tokenization guide.
To collect card data, you must be PCI-DSS compliant. To minimize your compliance requirements, please use SecurePay Omni Tokens.
To use network tokens issued by the card networks for your payments, please be informed that an enhanced integration will be made available.

Use cases

Tokenization during payment

The merchant collects card data from shopper and initiates omni tokenization along an account verification (zero amount auth) or initial purchase. An omni token is synchronously provisioned and returned to the merchant once payment is complete. The omni token can then be used in subsequent payments.


How it works

Create the token during payment

Send the payment request with the collected card data asking for the card to be tokenized once the payment ends successfully.

Transactions:
DB
DB
TK
TK

1. Create the token during payment

Perform a server-to-server POST request with createOmniToken=true and all required payment and customer data, including payment type, amount and currency. The response to a successful request is a card.omniToken that should be stored and used in subsequent payments. A new token transaction will be created in the system, identified by the TK paymentType.

Sample request:


See also