Skip to main content

Hosted Checkout

This documentation is intended for third-party developers and partners who want to integrate their systems with our secure Hosted Checkout platform.

Our Hosted Checkout provides a fast, compliant, and seamless payment experience for your customers, ensuring transactions meet industry security and regulatory standards (e.g., PCI-DSS). It is designed to minimize integration effort while maximizing flexibility and user trust.

Key features include:

  • A secure, pre-built checkout page for quick deployment
  • Multiple payment options, including Vipps, Google Pay, Apple Pay, Visa, and Mastercard
  • Invoice and credit-check flows with BankID verification
  • Automatic notifications via callback URLs for status updates
  • Built-in compliance and security measures to protect sensitive data

We are continuously expanding our payment ecosystem. More payment methods and features will be added over time, ensuring your integration stays current with market needs.

This guide will walk you through the integration process step by step—from creating a payment link and redirecting users to the checkout page, to handling notifications and ensuring a smooth payment experience.

Compliance Note: Front Payment’s Hosted Checkout is designed to follow applicable standards, including PCI-DSS and BankID security requirements. Ensure your integration handles tokens and customer data securely and in line with local regulations.

Prerequisites

Before you start the integration, make sure you have:

1. API Access:

  • A valid API key and Bearer Token from Front Payment
  • Access to the demo and production environments

2. Merchant Setup:

  • Your merchant account configured with Front Payment
  • Enabled payment methods (Vipps, Google Pay, Apple Pay, Visa, Mastercard)

3. Technical Requirements:

  • Ability to make HTTPS API calls
  • Secure storage of tokens and keys
  • Callback endpoints to handle payment status updates

4. Test Environment:

Step 1: Create a Payment Link

To initiate a payment, your system will need to call our create endpoint to generate a payment link. This link will redirect your users to our secure hosted checkout page.

Endpoint

POST https://demo-api.frontpayment.no/api/v1/connect/hosted/orders/payment-link/create

Authentication

Include a Bearer Token in the Authorization header. You can obtain this token from Front Payment.

Example:

Authorization: Bearer YOUR_FRONTPAYMENT_BEARER_TOKEN

Request Payload

The request body should be a JSON object containing details about the order, customer, and callback URLs.

{
  "products": [
    {
      "name": "Router",
      "productId": "R_1",
      "quantity": "1",
      "rate": 5,
      "discount": 0,
      "tax": "0",
      "amount": 5
    }
  ],
  "orderSummary": {
    "subTotal": "5",
    "totalTax": "0",
    "totalDiscount": "0.00",
    "grandTotal": "5"
  },
  "orderDate": "1756278578",
  "dueDateForPaymentLink": "1756278578",
  "customerDetails": {
    "type": "private",
    "countryCode": "+47",
    "msisdn": "46567468",
    "email": "[email protected]",
    "name": "John Doe",
    "personalNumber": null,
    "organizationId": null,
    "address": {
      "street": "Klosterenget 144",
      "zip": "7030",
      "city": "Trondheim",
      "country": "NO"
    }
  },
  "checkoutLanguage": "en",
  "referencesNo": null,
  "customerNotes": null,
  "callback": {
    "callbackUrl": "https://your-callback-url.com/callback?order_identifier=rRbl1FWZG59o&order_status=failed",
    "success": "https://your-site-url.com/?order_identifier=rRbl1FWZG59o&order_status=success",
    "failure": "https://your-site-url.com/?order_identifier=rRbl1FWZG59o&order_status=failed"
  }
}

Validation Rules

Ensure your payload adheres to the following validation rules:

Field Type Description
products.*.name string Required. Name of the product.
products.*.productId string Optional. Unique identifier for the product.
products.*.quantity numeric Required. Quantity of the product.
products.*.rate numeric Required. Rate per unit of the product.
products.*.discount numeric Optional. Discount applied to the product.
products.*.tax numeric Required. Tax rate (e.g., 0, 12, 15, 25). Unless you have other configuration.
products.*.amount numeric Required. Total amount for the product line item.
orderSummary.subTotal numeric Required. Subtotal of all products before tax and discount.
orderSummary.totalTax numeric Required. Total tax for the order.
orderSummary.totalDiscount numeric Required. Total discount for the order.
orderSummary.grandTotal numeric Required. Grand total of the order.
orderDate string Required. Unix timestamp for the Date of the order, which must be current or future date.
dueDateForPaymentLink string Required. Unix timestamp for the due date of the payment link.
customerDetails.type string Required. Customer type must be either private or corporate.
customerDetails.countryCode string Required. Country code for the customer's phone number (e.g., "+47").
customerDetails.msisdn string Required. Mobile Subscriber ISDN Number (phone number).
customerDetails.email email Required. Customer's email address.
customerDetails.name string Required. Customer's full name.
customerDetails.personalNumber string Optional Customer's personal identification number, must be 11 characters.
customerDetails.organizationId numeric Required if customerDetails.type is corporate. Must be number
customerDetails.address.street string Optional. Street address of the customer.
customerDetails.address.zip string Optional. Zip code of the customer's address.
customerDetails.address.city string Optional. City of the customer's address.
customerDetails.address.country string Optional. ISO Alpha-2 country code (e.g., "NO"). Custom validation IsoAlpha2Country applies.
checkoutLanguage string Optional. Customer checkout page language. Available languages are en,no,sv,da,de. If nothing is given it will set default to no.
referencesNo string Optional. Any reference number for the order.
customerNotes string Optional. Any notes from the customer.
callback.callbackUrl url Required. The URL we will notify upon payment status changes.
callback.success url Required. The URL to redirect the user to if the payment is successful.
callback.failure url Required. The URL to redirect the user to if the payment fails.
|

Response

A successful request will return a 201 Created status with the following JSON payload:

{
  "status_code": 201,
  "status_message": "OK",
  "message": "Payment Link Created Successfully",
  "is_data": true,
  "data": {
    "orderUuid": "ODR344175661",
    "customerUuid": "CSRT197366289",
    "paymentUrl": "https://demo.frontpayment.no/order/hosted/ODR344175661/checkout"
  }
}

The paymentUrl in the response is crucial for the next step.

Step 2: Redirect to the Payment Page

After successfully creating a payment link, your system should redirect your user to the paymentUrl received in the response from Step 1. This will take your user to our secure hosted checkout page, where they can complete the payment.

Payment Options

On the hosted checkout page, users will be presented with two primary payment options:

1. Payment Methods (Vipps, Google Pay, Visa, Mastercard)

If the user selects one of the standard payment methods:

  • They will be redirected to a secure payment page where they can enter their credentials (e.g., card details, mobile payment app details).
  • Upon successful completion of the payment, the user will be redirected to the Front Payment success page.
  • This success page will feature a prominent "Back To Site" button. Clicking this button will redirect the user back to your system, using the callback.success URL you provided in the initial request. If not clicked on this button, user will be automatically redirected into this callback.success URL after 5 seconds.
2. Pay By Invoice

The invoice distribution method is determined based on the information provided in the request. The system follows this priority order:

  1. EHF or E-invoice (Preferred) – Requires a valid P-number or organization number.
  2. Email – Used if EHF/E-invoice cannot be delivered.
  3. Postal Mail – Used if no valid email address is available or email delivery fails.

If none of the above delivery methods are successful, our customer service team will notify the client to resolve the issue.

When a Private Customer chooses the "Pay By Invoice" option:

  • They will be redirected to a Bank ID verification page to verify their identity.
  • Upon successful Bank ID verification, a credit check will be performed in the background by Front Payment.
  • If the credit check yields a positive score (minimum 315), the user will proceed to a document signing flow to finalize the invoice agreement.
  • Once the document is signed, an invoice will be created, and the user will be redirected to the Front Payment success page.
  • Similar to the payment methods flow, this success page will also include a "Back To Site" button, which will redirect the user back to your system via the provided callback.success URL.

When a Corporate Customer chooses the "Pay By Invoice" option:

  • For corporate cutomer, BankID flow will be skipped and an Invoice will be automatically created after the user fills up all the information & press "Pay Now" button.

Notifications via Callback URL

For invoice order and customer type is private, after BankID verification is completed successfully our system will notify you via the callbackUrl provider by you.

For invoice order and customer type is corporate, the order will be directly invoiced after user select invoice method from the payment page and frontpayment will notify you via callbackUrl.

For an invoice, our system will also notify you for any future status changes in our system via callbackUrl. Follow the link below to learn how to handle callback data from your side.

Go To Notication Via Callback Url Page

Back to top