Fastlane
Server-side Transaction
Step 1: Generate client token
To get started,
generate a client token. If you use Braintree's GraphQL API on your server, refer to the
GraphQL Documentation.
Using Braintree SDK
Your integration may be impacted by upcoming certificate changes. Visit our best practices guide to learn more.
- Ruby
require 'braintree'
@braintree_gateway ||= Braintree::Gateway.new(
environment: :sandbox,
merchant_id: ENV['BRAINTREE_MERCHANT_ID'],
public_key: ENV['BRAINTREE_PUBLIC_KEY'],
private_key: ENV['BRAINTREE_PRIVATE_KEY']
)
client_token = braintree_gateway.client_token.generate- Graphql
mutation ($input: CreateClientTokenInput) {
createClientToken(input: $input) {
clientToken
}
}- Graphql
{
"input": {
"clientToken": {
"domains": [ "example.com" ]
}
}
}- After the client token is generated, you can pass it into the client SDK.
- Send a domain name in the client token generate call: When generating a client token, you need to send a domain name where Fastlane will be displayed to customers to protect against cross-site scripting attacks.
- Provide the root domain name: You must provide the base or root domain name, such as "Example Domain".
- If you specify subdomains, wildcards, or protocols, the system will generate an error.
- Restrictions on Domain Names:
- No Subdomains: Do not specify subdomains (for example, "sub.example.com").
- No Wildcards: Do not use wildcard characters (for example, "*.example.com").
- No Protocols: Do not include HTTP or HTTPS protocols in the domain name (for example,"Example Domain")
- Error Handling: If you specify subdomains, wildcards, or protocols, the system will generate an error.
Step 2: Create server-side API request to complete transaction
On your server, you need to create a transaction using the paymentToken generated on your client and either the Braintree GraphQL API or one of the server-side SDKs.
Required Fields
When creating the transaction request server-side, the following fields are required:
| Field name | Description | Link |
|---|---|---|
| shipping | Shipping information is required to be passed only if you are collecting it on your end. If not, no need to pass. The shipping object contains fields related to the payer’s shipping address. | Link |
| payment_method_nonce | A single-use reference to payment information provided by the payer on the client. | Link |
Along with the required fields, here is a table of fields which we strongly recommend passing in the server-side transaction API request.
Recommended fields for server-side API request:
| Field name | Description | Link to documentation |
|---|---|---|
device_data | An identifier that helps prevent fraud and ensures the highest authorization rates. | Link |
billing | The billing object contains fields related to the payer’s billing information. | Link |
customer.firstName | The payer’s first name. | Link |
customer.lastName | The payer’s last name. | Link |
customer.email | The payer’s email address. | Link |
- ruby
require 'braintree'
def get_braintree_gateway
@braintree_gateway ||= Braintree::Gateway.new(
environment: :sandbox,
merchant_id: ENV['BRAINTREE_MERCHANT_ID'],
public_key: ENV['BRAINTREE_PUBLIC_KEY'],
private_key: ENV['BRAINTREE_PRIVATE_KEY']
)
end
def do_POST(request, response)
data = JSON.parse(request.body)
email = data['email']
name = data['name']
shipping_address = data['shippingAddress']
payment_token = data['paymentToken']
device_data = data['deviceData']
result = get_braintree_gateway.transaction.sale(
amount: '10.00',
payment_method_nonce: payment_token['id'],
device_data: device_data,
options: {
submit_for_settlement: true
}
)
response.status = 201
response.content_type = 'application/json'
response.body = {
result: {
success: result.success?,
transaction: { id: result.transaction.id }
}
}.to_json
end- Graphql
mutation ($input: ChargeCreditCardInput!) {
chargeCreditCard(input: $input) {
transaction {
id
status
}
}
}- Graphql
mutation ($input: ChargeCreditCardInput!) {
chargeCreditCard(input: $input) {
transaction {
id
status
}
}
}Next step: Test your integration