One time 'tokenization' to create a payment method.

Subscription-CR
Shopify Partner
1 0 1

We are building a subscription app. Client is asking if we can convert existing subscriptions over to the Shopify platform. I see an API to do to manually create a subscription:

https://shopify.dev/docs/api/admin-graphql/2023-10/mutations/subscriptionContractCreate

 

It requires a payment method id for auto charge to be performed. The existing platform is from a payment gateway Shopify does not support. Would need to detokenize from the old platform. How to tokenize with Shopify though?

I see a way to manually create a payment method:

https://shopify.dev/docs/api/admin-graphql/2023-10/mutations/customerPaymentMethodCreditCardCreate

This page mentions something about a CardSink product I can't find any documentation for:

"The Cardserver session ID. Obtained by storing card data with Shopify's Cardsink. Exchanging raw card data for a session ID must be done in a PCI complaint environment."

 

We don't need the capability going forward to interact with the payments API directly. Just the subscriptions API. All future secure payment interaction will be from the Shopify platform. Is there some way to do a one time tokenization of card data without building a payments application? Is there an existing Payments app out there that could help us out here if not?

Replies 2 (2)

JoshArnold
Shopify Staff
29 7 5

Hey there!

While the support for this may vary depending on your gateway, these are the guides we have available for importing customer data (payment methods included) and then importing subscriptions.

 

Let us know if you have any questions and feel free to reach out to your support representative for assistance with the migrations!

Josh (aka Master Chief) | Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit Shopify.dev or the Shopify Web Design and Development Blog

hsdonkin
Shopify Partner
18 1 0

It's super weird, but you can find some details in this thread:

 

https://community.shopify.com/c/customers-discounts-and-orders/how-to-update-credit-card-details-in-...

tl;dr there's an undocumented endpoint you need to send a request to
https://elb.deposit.shopifycs.com/sessions

🚨General PSA this needs to happen in a PCI compliant environment for real customer credit numbers. If you don't fully understand what this means, then do not pass GO and become PCI compliant 🚨