Airwallex logo
Airwallex logo

Online payment acceptance

Partners such as payment orchestrators can facilitate online payment acceptance for their connected accounts through Airwallex. To build such an integration, you will need the following OAuth scopes:

  • w:awx_action:pa_edit
  • r:awx_action:pa_view

Key considerations

For more information, see Enhance fraud protection with comprehensive risk data. Details on how to integrate with Native API and Embedded Elements are provided below.

Native API integration

Ensure the following prerequisites are met before integrating with Airwallex Native API.

  • PCI-DSS certification: A Native API integration is permitted only for partners with PCI-DSS certification; a Report on Compliance (ROC) must be provided to enable this. You can email [email protected] with your Report on Compliance to get enabled for Native API access.

  • Partner identification: It's essential that Airwallex is able to identify which partner is making native API calls on behalf of any merchant. Otherwise, the API calls may be blocked. To identify yourself to Airwallex, you will need to populate referrer_data.type field within your API request with an Airwallex-provided value. Additionally, you will need to do the following:

    • If you are using static IP addresses, get Airwallex to whitelist these IP addresses for native API access. Please note that these IP addresses must be specific to your company, and not shared across multiple companies, i.e., certain IP addresses provided by public cloud services.
    • Alternatively, if you are using a unpredictable IP addresses, you will need to include an additional Airwallex-provided secure token in your API request.
    • To perform IP whitelisting, obtain the secure token, or obtain the referrer_data.type value, email [email protected].

  • 3DS integration: You will also need to integrate with 3DS. Airwallex recommends integrating with Airwallex 3DS in order to provide the best possible experience. However, for partners who must use external 3DS, external 3DS integrations are also supported.

  • Device fingerprinting: In addition to 3DS, we require that you implement device fingerprinting for fraud prevention. In cases where you are unable to implement device fingerprinting directly, you must instead instruct the merchant to implement device fingerprinting and pass along the session ID and device ID in their API calls, per step 3 in the device fingerprinting guide. Please note that the absence of device fingerprinting may cause payments to be rejected.

To complete your Native API payment acceptance integration, please refer to these docs and sequence diagram.

Make sure that you add the header x-api-version in your API calls and set it to the latest version. For details, see Versioning API.

Native API

Embedded Elements integration

For partners not integrating with Native API, Airwallex provides pre-built "Elements” that can be embedded into your experience with less effort. The Drop-in Element provides a full-featured checkout module, which lets you accept multiple payment methods easily. For a more customized experience, you could choose instead to use more granular Embedded Elements, such as the Card Element, Split Card Element, Apple Pay Button Element, and Google Pay Button Element, rather than an all-in-one solution. For further details on how to integrate, please refer to these docs and sequence diagrams:

Drop-in Element integration

Drop In Element

Card and Split Card Element integration

Embedded Elements

Was this page helpful?