Save card

Learn how to enable Save Card functionality for later use.

You can provide your mobile app users with the ability to save their card information securely for future use. This allows users to set their preferred payment method, reducing the need to enter card information repeatedly. This is a nice-to-have feature in your app, however, this is optional.

The following gif is a demonstration of this feature within a mobile app.

Enabling Save Card

To enable the Save Card functionality within your app, do the following:

info

• Dojo understands that each app is built differently. The steps listed serve as a good reference to build this feature into your app.
• user and customer might be used interchangeably in this guide except for customer API endpoints.

Step 1: Ensure you have a customer id

• If you don’t have a Dojo user to link to your backend user, create a new one using POST/customers.
• If you already have a customerId, retrieve it.

info

• Don't create a new customer for each transaction. This avoids customers from accessing their saved cards.

Step 2: Authorize your app to retrieve customer’s saved cards

For mobile SDK to retrieve information about saved cards for a specific user, you must create and pass a customer secret using POST /customers/{customerId}/create-secret.

info

• To create a customer secret, ensure you have the customerId from step 1 and your API Key.
• You must always create a customer secret in your backend and then pass it to your app.
• Never store sensitive data such as API Keys inside your app.
• Customer secret is short-lived, hence Dojo recommends creating a new one each time your app might need to access stored payment methods.

The following code samples demonstrate how to create a customer secret.

cURL

create-customer-secret.sh

# The sandbox API key passed in 'authorization' is public.
# Don't submit any personally identifiable information in any requests made with this key.
# Sign in to developer.dojo.tech to create your own private sandbox key and use that instead
# for secure testing.

curl -v --request POST \
  --url https://api.dojo.tech/customers/cust_sandbox_6g-HvPv6VkG_Q_PXCpJqmw/create-secret \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Basic sk_sandbox_c8oLGaI__msxsXbpBDpdtwJEz_eIhfQoKHmedqgZPCdBx59zpKZLSk8OPLT0cZolbeuYJSBvzDVVsYvtpo5RkQ' \
  --header 'Version: 2024-02-05'

PowerShell

create-customer-secret.ps1

# This is a public sandbox API key.
# Don’t submit any personally identifiable information in any requests made with this key.
# Sign in to developer.dojo.tech to create your own private sandbox key and use that instead
# for secure testing.

$publicSandboxKey = "sk_sandbox_c8oLGaI__msxsXbpBDpdtwJEz_eIhfQoKHmedqgZPCdBx59zpKZLSk8OPLT0cZolbeuYJSBvzDVVsYvtpo5RkQ"

Invoke-WebRequest `
    -Uri 'https://api.dojo.tech/customers/cust_sandbox_6g-HvPv6VkG_Q_PXCpJqmw/create-secret' `
    -Method POST `
    -Headers @{
        "Version" = "2024-02-05"
        "Authorization" = "Basic $publicSandboxKey"
    } `
    -ContentType 'application/json'

Python

create-customer-secret.py

# The sandbox API key passed in 'authorization' is public.
# Don't submit any personally identifiable information in any requests made with this key.
# Sign in to developer.dojo.tech to create your own private sandbox key and use that instead
# for secure testing.

import http.client
import json

conn = http.client.HTTPSConnection("api.dojo.tech")
payload = ''
headers = {
  'Version': '2024-02-05',
  'Content-Type': 'application/json',
  'Authorization': 'Basic sk_sandbox_c8oLGaI__msxsXbpBDpdtwJEz_eIhfQoKHmedqgZPCdBx59zpKZLSk8OPLT0cZolbeuYJSBvzDVVsYvtpo5RkQ'
}
conn.request("POST", "/customers/cust_sandbox_6g-HvPv6VkG_Q_PXCpJqmw/create-secret", payload, headers) #"/customers/{customer-secret id you created}/create-secret
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
conn.close()

C#

create-customer-secret.cs

// The sandbox API key passed in 'ApiKeyClientAuthorization' is public.
// Don't submit any personally identifiable information in any requests made with this key.
// Sign in to developer.dojo.tech to create your own private sandbox key and use that instead
// for secure testing.

using Dojo.Net;
using System.Text.Json;

var customersClient = new CustomersClient(new HttpClient(), new ApiKeyClientAuthorization("sk_sandbox_c8oLGaI__msxsXbpBDpdtwJEz_eIhfQoKHmedqgZPCdBx59zpKZLSk8OPLT0cZolbeuYJSBvzDVVsYvtpo5RkQ"));
var result = await customersClient.CreateCustomerSecretAsync("<CUSTOMER_ID>");

PHP

create-customer-secret.php

<?php
// The sandbox API key used in this example is public.
// Don't submit any personally identifiable information in any requests made with this key.
// Sign in to developer.dojo.tech to create your own private sandbox key and use that instead
// for secure testing.

namespace Test;
require_once "vendor/autoload.php";

use Dojo_PHP\ApiFactory;

$apiKey = "sk_sandbox_c8oLGaI__msxsXbpBDpdtwJEz_eIhfQoKHmedqgZPCdBx59zpKZLSk8OPLT0cZolbeuYJSBvzDVVsYvtpo5RkQ";

$apiCustomers = ApiFactory::createCustomersApi($apiKey);
$secret = $apiCustomers->customersCreateCustomerSecret("cust_sandbox_6g-HvPv6VkG_Q_PXCpJqmw", \Dojo_PHP\API_VERSION);

Step 3: Create a payment intent linked to the customerId

When creating a payment intent, pass the customerId to the payment intent request body.

"customer": {
  "customerId": "cust_sandbox_9WibJ2zeMU2C9gkRnDgs1g"
}

Step 4: Initiate payment flow in the app

Pass the paymentIntentId and customer secret to your app and then pass them to the mobile SDK to start the checkout process.

Swift

create-customer-secret.swift

dojoUI.startPaymentFlow(
  paymentIntentId: "<paymentIntentId>",
  controller: self,
  customerSecret: "<secret>" // Customer secret key
) { result in
  print(result)
}

Objective-C

create-customer-secret.m

[self.dojoUI startPaymentFlowWithPaymentIntentId:@"<paymentIntentId>"
                                      controller:self
                                  customerSecret:@"<secret>" // Customer secret key
                                  applePayConfig:nil
                                   themeSettings:nil
                                      completion:^(NSInteger result) {
                                        NSLog(@"%ld", (long)result);
}];

Step 5: Receive payment status

Once payment is completed, the SDK gets a notification with a numerical code representing the result. Check out the status codes reference for more information about what each code means. Additionally, your backend will receive a notification via Webhook.