Tokenization - Cashier Payment Integration
This document describes the integration process of Tokenization cashier integration mode.
In the cashier integration mode, after placing an order, the user jumps to the H5 cashier page built by PayerMax to pay for the order. the PayerMax H5 cashier page displays a list of optional payment methods, and supports adaptive device screen size, multi-language, and other features. With this integration mode, merchants do not need to develop a cashier page, which greatly simplifies merchant integration and shortens the go-live cycle.
For more information about the cashier integration mode, please refer to Overview of Integration Modes.
1. Integration Preparation
Upload test merchant public key,get the platform public key, AppID, test merchant number and other integration information;
Configure the callback address (WebHook), including the payment result callback address, refund result callback address, and so on;
Understand the principles of request message signing and verification, for generating a
signsignature string for each HTTP request Header.
2. Interaction Process
3. Interface List
| Associative Interaction Timing | Calling direction | Interface PATH |
| 1.3 Create a payment, call the cashier's order interface | Merchant -> PayerMax | /orderAndPay |
| 5.1 Payment result asynchronous notification | PayerMax -> Merchant | /collectResultNotifyUrl |
| 6.1 Querying Payment Transactions | Merchant -> PayerMax | /orderQuery |
4. Environmental Information
Test environment request address:https://
pay-gate-uat.payermax.com/aggregate-pay/api/gateway/<Interface PATH>Production environment request address:https://
pay-gate.payermax.com/aggregate-pay/api/gateway/<Interface PATH>
5. Integration Steps
5.1 Create Payment
The Token payment scenario in the cashier mode currently does not support the full cashier, but only supports specified payment methods or payment methods + target institutions.
Payments are created by calling the Create Payment/OrderAndPay API interface and initiating an HTTP POST request.PayerMax Cashier Integration Mode supports merchants to customize the available payment methods for users to choose from. If the merchant does not specify the payment method, the full amount of payment methods will be displayed by default, and the user interaction interface will display the referral link; if the merchant specifies the payment method, PayerMax cashier page will selectively display some of the available payment methods according to the request entry settings, and the user interaction interface will display in Cashier Payment Introduction.
Note:
Merchants can specify the payment close time in seconds for a single payment via the interface entry expireTime, the value must be greater than 1800 (30 minutes) and less than 86400 (24 hours). If the value passed in is less than 1800, the system will reset to the minimum value of 30min; if the value passed in is less than 86400, the system will reset to the maximum value of 86400. If the merchant does not specify it, the exact time to close the payment will be different depending on the payment method used.
Create Payment/orderAndPay API example of an interface request:
curl --request POST \
--url https://pay-gate-uat.payermax.com/aggregate-pay/api/gateway/orderAndPay \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'sign: FPFVT3o227JrFRbqu19boZCpVVTF9KznxyRawUmxpfXilHV/0yK46haPhAjNu1hPUMy7Vw/ILXhfzffNm4Fj0apWknlTY9OJxnSoQxS9BTFtc61tn5yV1q69x/kkBl82/qwg+XTJ4fOzy7Mar3VaC1E2PlDA6RkkKBUyNE6RYgsdB+Su7an4+4HVTNAnoe74WyvBgxTLMNg28igBTdqxaO3w/UBY6ObVp7vkqkQGdL1Y+HgmMYaAVwrM3+ALWGId0sJ+YqTY4WJ+0xCRGhaSnybiIjZsQEYyID68WNUfuavDLDsEhaMm/HfQvf5p0R1Ltovp3wwJnEbQcjY458iX5A==' \
--data '{
"version": "1.4",
"keyVersion": 1,
"requestTime": "2025-05-14T16:30:27.174+08:00",
"appId": "test516e8ab74578be8eecd8c4803fbe",
"merchantNo": "TEST010117960578",
"data": {
"outTradeNo": "test5141630270627",
"integrate": "Hosted_Checkout",
"subject": "US $4.99 Stargem",
"totalAmount": 4.99,
"currency": "USD",
"country": "US",
"frontCallbackUrl": "https://pay.your.com/official_v2/redirect/web_payermax_web_v1",
"userId": "test_1743900006925",
"reference": "gp_huq_u",
"notifyUrl": "https://pay.your.com/official_v2/notify/web_payermax_web_v1",
"paymentDetail": {
"paymentMethodType": "CARD", # Specify payment method
"allowedCardOrg": [ # Specify the card group, can be empty
"MASTERCARD"
],
"tokenForFutureUse": true,
"buyerInfo": {
"firstName": "Deborah",
"lastName": "Swinstead",
"email": "your@gmail.com",
"phoneNo": "0609 031 114",
"address": "Test Address",
"city": "Holden Hill",
"region": "SA",
"zipCode": "5088",
"clientIp": "211.52.321.225",
"userAgent": "Mozilla/5.0 (iPad; CPU OS 18_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/22E252 [FBAN/FBIOS;FBAV/513.1.0.55.90;FBBV/735017191;FBDV/iPad13,16;FBMD/iPad;FBSN/iPadOS;FBSV/18.4.1;FBSS/2;FBID/tablet;FBLC/en_GB;FBOP/5;FBRV/737247184]"
}
}
}'If a merchant does not want to pass notifyUrl every time they make a payment, they can configure a unified payment callback result address through the PayerMax Merchant Platform.
If the merchant wants to limit the card brand that the user pays with, this can be done by setting the request entry paymentDetail.allowedCardOrg. As in the above example, if you specify the card brand as MASTERCARD, then when PayerMax renders the checkout page, it will only display payment organizations that support MASTERCARD.
Create Payment/orderAndPay API example of an interface request:
{
"msg": "Success.",
"code": "APPLY_SUCCESS",
"data": {
"redirectUrl": "https://cashier-n.payermax.com/v2/index.html#/payments?merchantId=TEST010117960578&merchantAppId=test516e8ab74578be8eecd8c4803fbe&orderNo=test5141630270627&country=US&tradeToken=T2019051408217377899667&paymentMode=CARD&targetOrg=*&token=acd8b556379140ee9a6ea067d6e68e35&amount=4.99¤cy=USD&version=1.4&cashierId=T2019051408217377899667&frontCallbackUrl=https%3A%2F%2Fpay.your.com%2Fofficial_v2%2Fredirect%2Fweb_payermax_web_v1&pmaxLinkV=1",
"outTradeNo": "test5141630270627", # Merchant trade order number, consistent with outTradeNo in the request
"tradeToken": "T2019051408217377899667", # PayermMax Transaction Number
}
}5.2 Jump to PayerMax checkout page
Create Payment/orderAndPay API The interface response redirectUrl represents the PayerMax checkout page URL, and after receiving the response, the merchant can redirect to jump to the PayerMax checkout page, where the user completes the payment.
5.3 Jump to payment result page
After the user completes the payment, the PayerMax Cashier page redirects to jump to the PayerMax Payment Results page.The PayerMax Payment Results page displays the results of the payment (as shown in the image below), and the page contains or button, when the user clicks on it, it jumps to the page frontCallBackUrl specified by the merchant.
Merchants should ensure that the frontCallBackUrl they pass in is available to external browsers. The differences between the different frontCallBackUrl forms of the jump are as follows:
| frontCallBackUrl form | Jump flow after payment completion | Recommended or Not | Advantages | Disadvantages |
| Ordinaryh5 (http/https) | Stay in the system browser and display the H5 page | No | / | Does not have the ability to evoke an app |
| Built-in active evoke APP logic h5 (http/https) | Display this H5 page, and at the same time, the logic within the page actively recognizes the scenario for merchant app evocation action, or stays on this page | Yes | Flexible logic and controlled processes | Complex development, to evoke the APP still need to use URL Scheme or AppLink/Universal Link |
| URL Scheme (Customized scheme://) | The system automatically tries to evoke the APP specified by Scheme. If the APP exists and has permission, it can open the corresponding APP; If the APP does not exist or has no permission, it stays in the system browser and displays a blank page; | No | Easy to develop | No degradation logic, will show a blank page when APP is not evoked |
| AppLink/Universal Link (http/https) | The system automatically tries to evoke the APP specified by Scheme. If the APP exists and has permission, it can open the corresponding APP; If the APP doesn't exist or doesn't have permission, it stays in the system browser and displays the content of the degraded H5 page | Yes | Development logic is relatively simple, can be downgraded to use H5 to deal with business logic |
The URL back to Merchant consists of two parts, the first part is theCreate Payment/orderAndPay API frontCallbackUrlof the interface request,the second part is the extra parameters attached to PayerMax. Below is a complete example of a jump URL:
The additional parameters attached to PayerMax include:
outTradeNo:Merchant Order Number;tradeToken:PayerMax order number;status:Order Status. In particular, please do not use this value to update the merchant order status directly, you should follow Step 4: Get Payment Result as the basis for processing as a way to ensure the accuracy of the transaction status.
5.4 Get Payment Results
5.4.1 Adoption of notification of payment results
See Get Payment Result Integration - Adoption of Payment Result Notification.
Token payment notification example:
curl --request POST \
--url https://pay-gate-uat.payermax.com/collectResultNotifyUrl \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'sign: FPFVT3o227JrFRbqu19boZCpVVTF9KznxyRawUmxpfXilHV/0yK46haPhAjNu1hPUMy7Vw/ILXhfzffNm4Fj0apWknlTY9OJxnSoQxS9BTFtc61tn5yV1q69x/kkBl82/qwg+XTJ4fOzy7Mar3VaC1E2PlDA6RkkKBUyNE6RYgsdB+Su7an4+4HVTNAnoe74WyvBgxTLMNg28igBTdqxaO3w/UBY6ObVp7vkqkQGdL1Y+HgmMYaAVwrM3+ALWGId0sJ+YqTY4WJ+0xCRGhaSnybiIjZsQEYyID68WNUfuavDLDsEhaMm/HfQvf5p0R1Ltovp3wwJnEbQcjY458iX5A==' \
--data '{
"appId": "ff4f0273d212386sdxxxxxxxxx",
"code": "APPLY_SUCCESS",
"data": {
"country": "UN",
"totalAmount": 9.99,
"channelNo": "PPC8xxxx017516227301xxxx",
"outTradeNo": "ORDxxxx51006xx",
"completeTime": "2025-07-04T09:52:11.249Z",
"currency": "USD",
"tradeToken": "T20xxx704098xxxx349xx",
"paymentDetails": [
{
"cardInfo": {
"cardOrg": "VISA",
"country": "NZ",
"cardIdentifierNo": "123456******1234",
"cardIdentifierName": "Z**************"
},
"paymentTokenID": "PMTOKEN20230424072005899168200035002", //This field is returned only when Token is paid
"paymentMethodType": "CARD"
}
],
"thirdChannelNo": "151764",
"status": "SUCCESS"
},
"keyVersion": "1",
"merchantNo": "P01010118640464",
"msg": "Success.",
"notifyTime": "2025-07-04T09:52:11.280Z",
"notifyType": "PAYMENT"
}'Merchant response parameter example:
{
"msg": "Success",
"code": "SUCCESS"
}5.4.2 Inquiry via Payment Orders
See Get Payment Result Integration - Inquiry via payment order.
Query input parameters:
curl --request POST \
--url https://pay-gate-uat.payermax.com/aggregate-pay/api/gateway/orderQuery \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'sign: FPFVT3o227JrFRbqu19boZCpVVTF9KznxyRawUmxpfXilHV/0yK46haPhAjNu1hPUMy7Vw/ILXhfzffNm4Fj0apWknlTY9OJxnSoQxS9BTFtc61tn5yV1q69x/kkBl82/qwg+XTJ4fOzy7Mar3VaC1E2PlDA6RkkKBUyNE6RYgsdB+Su7an4+4HVTNAnoe74WyvBgxTLMNg28igBTdqxaO3w/UBY6ObVp7vkqkQGdL1Y+HgmMYaAVwrM3+ALWGId0sJ+YqTY4WJ+0xCRGhaSnybiIjZsQEYyID68WNUfuavDLDsEhaMm/HfQvf5p0R1Ltovp3wwJnEbQcjY458iX5A==' \
--data '{
"version": "1.4",
"keyVersion": "1",
"requestTime": "2022-01-17T07:51:15.597+00:00",
"appId": "a0dddd1f622243cb9aa11234e808b5f8",
"merchantNo": "02021382716699",
"data": {
"outTradeNo": "P164241068068119384" # Merchant order number
}
}'Response result:
{
"msg": "Success.",
"code": "APPLY_SUCCESS",
"data": {
"reference": "reference查询和回调返回",
"country": "SA",
"totalAmount": 10,
"outTradeNo": "P164241068068119384",
"currency": "SAR",
"channelNo": "DMCP000000000177005",
"thirdChannelNo": "4ikqJ6ktEqyRawE1dvqb9c",
"paymentCode": "2312121212",
"tradeToken": "T2024062702289232000001",
"completeTime": "2023-10-20T03:28:23.092Z",
"paymentDetails": [
{
"cardInfo": {
"cardOrg": "VISA",
"country": "SA",
"cardIdentifierNo": "400555******0001",
"cardIdentifierName": "**ngwei"
},
"paymentMethodType": "CARD",
"paymentTokenID": "PMTOKEN20230424072005899168200035002", //This field is returned only when Token is paid
"payAmount": 10,
"exchangeRate": "1",
"paymentMethod": "CARD",
"payCurrency": "SAR"
}
],
"status": "SUCCESS",
"resultMsg": ""
}
}5.5 Payment Using PaymentTokenID
Follow the above 4 steps, after the user completes the payment, PayerMax will return the PaymentTokenID to the merchant. The merchant needs to save the PaymentTokenID and record which user and payment method the paymentTokenID belongs to; When making subsequent payments, the merchant uses /orderAndPay API to pass the payment method, user ID and PaymentTokenID to PayerMax to complete the deduction, and no longer needs to send sensitive card information such as cardInfo.
5.5.1 Create Payment
Merchants integrate /orderAndPay API through API mode to complete order payment.
/orderAndPay API Interface request example:
curl --request POST \
--url 'https://pay-gate-uat.payermax.com/aggregate-pay/api/gateway/orderAndPay' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'sign: FPFVT3o227JrFRbqu19boZCpVVTF9KznxyRawUmxpfXilHV/0yK46haPhAjNu1hPUMy7Vw/ILXhfzffNm4Fj0apWknlTY9OJxnSoQxS9BTFtc61tn5yV1q69x/kkBl82/qwg+XTJ4fOzy7Mar3VaC1E2PlDA6RkkKBUyNE6RYgsdB+Su7an4+4HVTNAnoe74WyvBgxTLMNg28igBTdqxaO3w/UBY6ObVp7vkqkQGdL1Y+HgmMYaAVwrM3+ALWGId0sJ+YqTY4WJ+0xCRGhaSnybiIjZsQEYyID68WNUfuavDLDsEhaMm/HfQvf5p0R1Ltovp3wwJnEbQcjY458iX5A==' \
--data '{
"requestTime": "2025-05-28T03:52:42.591-02:00",
"keyVersion": "1",
"appId": "tested7c863c439a9e29b4519867965a",
"version": "1.4",
"merchantNo": "TEST10116880289",
"data": {
"integrate": "Direct_Payment", # In API mode, specify Direct_Payment
"totalAmount": 39.99,
"country": "SA",
"expireTime": "3600",
"paymentDetail": {
"buyerInfo": {
"clientIp": "176.16.34.144",
"userAgent": "Chrome"
},
"paymentMethodType": "CARD",
"paymentTokenID": "PMTOKEN20230424072005899168200035002"
},
"frontCallbackUrl": "https://front.your.com/pay/index.html",
"subject": "River Game HK Limited",
"outTradeNo": "ov1_da78b1f3c2f9443b966347fc89305fc9",
"notifyUrl": "https://notify.your.com/pay/paymentWebHookPayerMaxServlet",
"currency": "SAR",
"userId": "1822613953000446",
"terminalType": "WEB"
}
}'Response result when No 3ds verification required:
{
"msg": "Success.",
"code": "APPLY_SUCCESS",
"data": {
"outTradeNo": "test_da78b1f3c2f9443b966347fc89305fc9",
"tradeToken": "T2024052805951921811176",
"status": "SUCCESS"
}
}Response result when 3ds verification required:
{
"msg": "Success.",
"code": "APPLY_SUCCESS",
"data": {
// If the payment is subject to 3ds verification, the 3ds verification address will be returned and the user needs to complete the verification
"redirectUrl": "https://cashier-n.payermax.com/index.html#/cashier/home?merchantId=020213827212251&merchantAppId=3b242b56a8b64274bcc37dac281120e3&country=ID&tradeToken=TOKEN20220117091121294138752&language=en&token=IHjqkZ8%2F%2FFcnfDPxWTvJFOrulUAKfXFUkxHJSiTdlnjnX1G6AOuTiSl6%2BN05EzxTaJkcSsSyGh5a1q%2FACwWN0sDD%2FgwY5YdWu3ghDcH2wqm%2BJIcEh0qZqo%2BQFnXp65bvkLZnY7VO7HwZGzyrpMBlPhfRCQxwBbc6lJcSYuPf%2Fe8%3D&amount=10000¤cy=IDR&frontCallbackUrl=https%3A%2F%2Fwww.payermax.com",
"outTradeNo": "test_da78b1f3c2f9443b966347fc89305fc9",
"tradeToken": "T2024052805951921811176",
"status": "PENDING"
}
}5.5.2 Get Payment Results
To obtain the payment result, please refer to Adoption of notification of payment results and Inquiry via Payment Orders in step 4.
6. PaymentTokenID Management
Merchants can query all PaymentTokenIDs bound to a user through the PaymentTokenID Query API interface. When a user wants to remove the bound PaymentTokenID, the merchant can remove the PaymentTokenID through the PaymentTokenID Unbinding API.
6.1 Query PaymentTokenID
Merchants can query all PaymentTokenIDs bound to a user based on the payment method, or specify a PaymentTokenID to query. The query result will return the corresponding masked card number and the status of the corresponding PaymentTokenID.
PaymentTokenID query API Interface request example:
{
"version": "1.5",
"keyVersion": "1",
"requestTime": "{{requestTime}}",
"appId": "6666c8b036a24579974497c2f9a33333",
"merchantNo": "010213834784554",
"data": {
"userId": "songjiuhuaTest", // Required
"tokenScope": "tokenAcq", // Required, fixed value tokenAcq
"paymentMethodType": "CARD", // Optional
"targetOrg": null, // Optional This field is optional when the value of paymentMethodType is not CARD.
"cardOrg": "MASTERCARD", // Optional. This field is optional when the value of paymentMethodType is CARD.
"paymentTokenID": "PMTOKEN20250626075108220812006000001" // Optional. If not filled, all paymentTokenIDs bound to the user will be returned.
}
}PaymentTokenID query API interface response example:
{
"msg": "",
"code": "APPLY_SUCCESS",
"data": {
"tokenList": [
{
"tokenScope": "tokenMit",
"cardInfo": "538774******9957",
"merchantInitiated": true,
"paymentTokenStatus": "Activated",
"userId": "songjiuhuaTest",
"paymentTokenExpiry": "2099-12-31T23:59:59.000Z",
"targetOrg": "",
"ifCVV": "N",
"paymentTokenID": "PMTOKEN20250523093224475590582000114",
"accountDisplay": "",
"paymentMethodType": "CARD",
"brand": "MASTERCARD"
},
{
"tokenScope": "tokenMit",
"cardInfo": "538774******1234",
"merchantInitiated": true,
"paymentTokenStatus": "Activated",
"userId": "songjiuhuaTest",
"paymentTokenExpiry": "2099-12-31T23:59:59.000Z",
"targetOrg": "",
"ifCVV": "N",
"paymentTokenID": "PMTOKEN20250523092615726590582000110",
"accountDisplay": "",
"paymentMethodType": "CARD",
"brand": "MASTERCARD"
}
]
}
}6.2 Unbinding PaymentTokenID
When the user wants to remove the bound PaymentTokenID, the merchant can remove the PaymentTokenID through this interface. After removing the PaymentTokenID, the merchant will no longer be able to use the PaymentTokenID to initiate payment.
PaymentTokenID unbinding API Interface request example:
{
"version": "1.2",
"keyVersion": "1",
"requestTime": "2022-01-22T10:00:00.500+08:00",
"appId": "46153e2b787241ae8b01857bb087d1bd",
"merchantNo": "010229810189301",
"data": {
"userId": "songjiuhuaTest",
"paymentTokenID": "PMTOKEN20250523093224475590582000114",
"removeReason": "user want to remove it"
}
}PaymentTokenID unbinding API Interface response example:
{
"code": "APPLY_SUCCESS",
"msg": "Success",
"data": {
"paymentTokenID": "PMTOKEN20250523093224475590582000114",
"userId": "songjiuhuaTest",
"paymentTokenStatus": "Deleted"
}
}7. Test Go Live
After the merchant has completed the above integration steps, he/she can initiate the actual payment request for preliminary testing and validation, please refer to Integration Testing - Start a test for the specific steps.
After the test is passed and before the final release, the merchant must contact PayerMax technical support to submit the order information for the test so that PayerMax can check the request logs and data to confirm that you have correctly integrated the relevant capabilities, as described in Integration Testing - Initiate Acceptance.
After passing the acceptance test, the merchant can configure integration information for production environments and prepare for the opening of the volume.
In addition, under Acquiring Product Integration, there are integration documents for the various payment methods supported by PayerMax, which contain instructions for testing each payment method.
8. Troubleshooting
For response errors during testing or acceptance, you can refer to Troubleshooting - Error Code. Meanwhile, in FAQs, we summarize and list all kinds of common problems and how to deal with them.
You can also contact PayerMax technical support team directly for any questions during integration, testing and acceptance.