Skip to content
ElasticPay

Accept a Payment

Overview

Accepting a payment involves five steps:

  1. Create a payment intent on your server
  2. Pass the client_secret to the client
  3. Collect card details via the widget or hosted checkout
  4. Confirm the payment
  5. Listen for the payment_intent.succeeded webhook

Step 1: Create a payment intent

Create a payment intent server-side. This registers the payment and returns a client_secret for the client.

Terminal window
curl -X POST https://staging-api.elasticpay.co/api/v1/payment_intents \
  -H "Authorization: Bearer sk_sandbox_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 5000,
    "currency": "AUD"
  }'

Response:

{
  "id": "pi_0abc123def456ghi789jkl012mn",
  "status": "requires_payment_method",
  "client_secret": "pi_0abc123def456ghi789jkl012mn_secret_xyz987",
  "amount": 5000,
  "currency": "AUD"
}

Pass the client_secret to your front end — it lets the widget confirm the payment without exposing your secret key.

Step 2: Collect card details

Option A: Hosted checkout (simplest)

Redirect the customer to the ElasticPay hosted checkout page. No front-end widget integration required. See Embedding the Widget for the redirect approach.

Option B: Embed the widget

Mount the ElasticPay widget in your page to collect card details inline. See Embedding the Widget for setup instructions.

Step 3: Confirm the payment

After the widget tokenizes the card, it returns a payment method ID (pm_xxx). Confirm the payment by sending this to your server and then calling confirm:

Terminal window
curl -X POST https://staging-api.elasticpay.co/api/v1/payment_intents/pi_0abc123def456ghi789jkl012mn/confirm \
  -H "Authorization: Bearer sk_sandbox_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{"payment_method": "pm_0xyz789abc123def456ghi012jkl"}'

Step 4: Handle the result

Check the status field in the confirm response:

StatusMeaning
succeededPayment complete
processingPending PSP confirmation — wait for webhook
requires_action3D Secure challenge required
failedPayment declined

Step 5: Listen for webhooks

The payment_intent.succeeded webhook event is the authoritative signal that a payment is complete. Do not rely solely on the synchronous response — webhook delivery provides reliable, retried confirmation.

{
  "event_type": "payment_intent.succeeded",
  "data": {
    "id": "pi_0abc123def456ghi789jkl012mn",
    "status": "succeeded",
    "amount": 5000,
    "currency": "AUD"
  }
}

See Webhooks for signature verification and event handling.

Error handling

If a step fails, the API returns an error object:

{
  "error": {
    "type": "invalid_request_error",
    "code": "validation_failed",
    "message": "amount must be at least 200 cents"
  }
}

See Error Codes for the full list.