Skip to main content

Initialize CSUC Payment Flow

POST 
/b/checkout/api/sdk/v1/csuc_sdk/submit/:session_id/:pg_code/

This endpoint initializes the Cybersource Unified Checkout (CSUC) payment flow by generating and returning the capture context token and associated configuration.

Flow Summary:

  1. Validate Inputs: The pg_code and session_id are validated to ensure:
    • The MID exists and supports Click to Pay payment method
    • The payment transaction exists and is valid for payment
  2. Retrieve Transaction: Fetches the PaymentTransaction using session_id
  3. Create/Reuse Payment Attempt: Either creates a new payment attempt or reuses the latest one
  4. Generate Capture Context: Calls Cybersource API to create a capture context JWT token containing:
    • Allowed card networks and payment types
    • Client version and locale settings
    • Billing, shipping, and email capture mandates
    • Transaction amount and currency
    • Decision manager configuration
  5. Parse Token: Decodes the JWT to extract SDK client configuration:
    • JavaScript SDK URL and integrity hash
    • Payment form submission URL
  6. Cache & Return: Caches the complete response (10 min TTL) and returns configuration

Capture Context Caching:

  • Capture contexts are cached using key: {mid_code}_{session_id}_ctp_context
  • Cache TTL: 600 seconds (10 minutes)
  • Subsequent requests with same session reuse cached context

Response Structure:

  • sdk_client: Contains the Cybersource JS SDK URL, SRI integrity hash, and CORS settings
  • form_config: Specifies the payment execution endpoint URL and form parameters
  • capture_context: JWT token to initialize the checkout widget

Typical Use Case:

  • Called by frontend before rendering the Cybersource payment widget
  • The frontend loads the SDK from sdk_client.src with integrity verification
  • The capture_context is passed to Cybersource's JavaScript SDK
  • After user completes payment, the widget generates a transient token
  • Frontend submits transient token to form_config.action URL

Integration Steps:

  1. Frontend calls this endpoint with pg_code and session_id
  2. Backend generates/retrieves capture context from Cybersource
  3. Frontend dynamically loads the JS SDK using sdk_client configuration
  4. Frontend initializes Cybersource widget with capture_context
  5. User completes payment in Cybersource widget
  6. Frontend receives transient token from widget
  7. Frontend POSTs transient token to form_config.action URL

Request

Responses

Last updated on