Creating the Server-Side Context

The first step in integrating with Microform Integration is developing the server-side code that generates the capture context. The capture context is a digitally signed JWT that provides authentication, one-time keys, and the target origin to the Microform Integration application. The target origin is the protocol, URL, and port number (if used) of the page on which you will host the microform. You must use the

https://

protocol unless you use

http://localhost

. For example, if you are serving Microform on example.com, the target origin is

https://example.com.

Sample Microform Integration projects are available for download in the Flex samples on GitHub.

Send an authenticated POST request to

https://apitest.cybersource.com/microform/v2/sessions

. Include the target origin URL in the content of the body of the request.

ADDITIONAL INFORMATION

For example:

{
    "targetOrigins": [https://www.example.com],
}

ADDITIONAL INFORMATION

Optionally, you can include multiple target origins. For example:

{
    "targetOrigins": [https://www.example.com, https://www.example.net]
}

Pass the capture context response data object to your front-end application. The capture context is valid for 15 minutes.

ADDITIONAL INFORMATION

See Example: Node.js REST Code Snippet.

AFTER COMPLETING THE TASK

Important Security Note:

Ensure that all endpoints within your ownership are secure with some kind of authentication so they cannot be called at will by bad actors.

Do not pass the

targetOrigin

in any external requests. Hard code it on the server side.