PayPal Payflow Link payment method
PayPal PayFlow Link is available for merchants in the United States and Canada only. Customers are not required to have a personal PayPal account. Instead, customers enter their credit card information in a form that is hosted by PayPal.
The Payflow gateway uses a secure token to send non-credit card transaction data to the Payflow server for storage in a way that cannot be intercepted and manipulated maliciously. This token secures the data for a one-time transaction and is valid for 30 minutes. When the PWA client runs the placeOrder mutation, Magento requests a secure token. The Payflow server returns the token as a string of up to 32 alphanumeric characters.
Payflow Link workflow
The following diagram shows the workflow for placing an order when Payflow Link is the selected payment method.
-
The PWA client uses the
setPaymentMethodOnCartmutation to set the payment method. -
The mutation returns a
Cartobject. -
The client runs the
placeOrdermutation, which creates an order in Magento and begins the authorization process. -
Magento requests a secure token from the Paypal gateway.
-
The gateway response includes a secure token, a secure token ID, and the URL to use for requesting the form in step 9. This token secures the data for a one-time transaction and is valid for 30 minutes.
-
The
placeOrdermutation returns an order ID. Magento does not return secure token information. The order has the statuspayment pending. -
The client runs the
getPayflowLinkTokenmutation to retrieve the secure token information. -
Magento returns the token information.
-
The client displays a payment form in an iframe rendered from the URL specified by the
paypal_urlfrom thegetPayflowLinkTokenmutation response. When the customer completes the form, the client sends the payment information directly to the PayPal gateway, bypassing the Magento server. -
After PayPal processes the payment, the gateway runs a silent post request against the Magento server. As a result, Magento sets the order status to processing, and the order is ready to be invoiced.
-
The PayPal gateway returns control of the customer’s browser to the client.
Additional Payment information
When you set the payment method to Payflow Link in the setPaymentMethodOnCart mutation, the payment_method object must contain a payflow_link object, which defines the following objects:
| Attribute | Data Type | Description |
|---|---|---|
cancel_url |
String! | The relative URL of the page that PayPal will redirect to when the buyer cancels the transaction in order to choose a different payment method. If the full URL to this page is https://www.example.com/paypal/action/cancel.html, the relative URL is paypal/action/cancel.html |
error_url |
String! | The relative URL of the transaction error page that PayPal will redirect to upon payment error. If the full URL to this page is https://www.example.com/paypal/action/error.html, the relative URL is paypal/action/error.html |
return_url |
String! | The relative URL of the final confirmation page that PayPal will redirect to upon payment success. If the full URL to this page is https://www.example.com/paypal/action/return.html, the relative URL is paypal/action/return.html |
Example usage
The following example shows the setPaymentMethodOnCart mutation constructed for the Payflow Link payment method.
Request:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
mutation {
setPaymentMethodOnCart(input: {
payment_method: {
code: "payflow_link"
payflow_link: {
return_url: "paypal/action/return.html"
error_url: "paypal/action/error.html"
cancel_url: "paypal/action/cancel.html"
}
}
cart_id: "IeTUiU0oCXjm0uRqGCOuhQ2AuQatogjG"
}) {
cart {
selected_payment_method {
code
title
}
}
}
}
Response:
1
2
3
4
5
6
7
8
9
10
11
12
{
"data": {
"setPaymentMethodOnCart": {
"cart": {
"selected_payment_method": {
"code": "payflow_link",
"title": "PayPal Payflow Link"
}
}
}
}
}