Adyen doesn't have a standalone tokenization API: tokens (i.e. recurringDetailReference) can only be created when triggering a real payment.
The standard flow is to tokenize by triggering a $0 auth (voided right away), before triggering a real payment (auth+capture or auto-capture). This has potentially two drawbacks:
- Cost: Adyen charges per API call
- Auth rate: it has been seen in the field that the subsequent auth has a higher rate of refusal
In the case where tokenization is performed outside of Kill Bill (e.g. PCI vault), we would like the Adyen plugin to re-use that auth when triggering the first payment. The new flow would be:
- External system tokenizes by triggering an auth for $N (full payment amount)
- External system creates a payment method in Kill Bill, specifying the following plugin properties:
token: value of recurringDetailReferenceauthPspReference: value of the pspReference returned by Adyen for the auth
- When Kill Bill invokes
purchasePayment (either through direct payment APIs or via invoice payment APIs), if this authPspReference property is found in the payment method, it should:
- Call
executeInitialTransaction (TransactionType.AUTHORIZE, skipGw=true) to sync the authorization record. The shouldSkipAdyen code branch will need to be updated to make sure the pspReference is correctly stored.
- Call
capturePayment (normal capture call for $N)
- Upon success, update the payment method to remove the
authPspReference property (so that it is not re-used)
Notes:
- one side effect would be that
PaymentPluginStatus now returns PENDING instead of PROCESSED (effectively making the purchasePayment call asynchronous). Kill Bill should still be able to handle it though.
- it is assumed that the original auth amount would match the purchase amount. If not, the payment may be under- or over- captured.
Adyen doesn't have a standalone tokenization API: tokens (i.e.
recurringDetailReference) can only be created when triggering a real payment.The standard flow is to tokenize by triggering a $0 auth (voided right away), before triggering a real payment (auth+capture or auto-capture). This has potentially two drawbacks:
In the case where tokenization is performed outside of Kill Bill (e.g. PCI vault), we would like the Adyen plugin to re-use that auth when triggering the first payment. The new flow would be:
token: value ofrecurringDetailReferenceauthPspReference: value of thepspReferencereturned by Adyen for the authpurchasePayment(either through direct payment APIs or via invoice payment APIs), if thisauthPspReferenceproperty is found in the payment method, it should:executeInitialTransaction(TransactionType.AUTHORIZE,skipGw=true) to sync the authorization record. TheshouldSkipAdyencode branch will need to be updated to make sure thepspReferenceis correctly stored.capturePayment(normal capture call for $N)authPspReferenceproperty (so that it is not re-used)Notes:
PaymentPluginStatusnow returnsPENDINGinstead ofPROCESSED(effectively making thepurchasePaymentcall asynchronous). Kill Bill should still be able to handle it though.