DekopayNewpay
Guides
SupportDashboard
Start typing to search…

What You'll Need

Deko Wallet is implemented using a server side Deko API through which you can obtain a unique access token for your given merchant, and a Javascript library which enables you to display the wallet and embed finance natively in your website.

Deko Wallet Integration
*subject to FCA permissions - please consult your account manager
  1. Obtain API Credentials for identifying your Merchant
  2. Load the Deko Javascript Library on your website
  3. Access Deko API to authenticate and obtain an access token

What You'll Need | Initialise Deko Wallet | Show Finance Offers | Start Checkout | Complete Checkout | Confirm Order

1. Obtain API Credentials

We'll issue a Client ID and Client Secret when we onboard each of your merchants. These are required in order to generate the merchant specific access token for all of the steps in this section, which identifies your merchant to us. Each merchant will have different client credentials for UAT and Production (Live).

Current Deko API hostnames for our UAT and Production environments are available in the An external link was removed to protect your privacy. section, but you can contact our support team at [email protected] to confirm these.

Please note: all example curl commands are to show the format of the request and response, but use a dummy API hostname, which will be replaced with relevant UAT and Production credentials that we issue to you for each of your merchants.

🚧

Using Merchant Credentials

It is important that you keep client credentials for each of your merchants secure whether they are being transmitted in your organisation and devices, or implemented on your systems and servers. You could create a secure merchant credential database and simple encapsulated function that creates Deko Wallet access tokens.

2. Load Deko Javascript Library

The Deko integration requires a client-side step. You will need to load the Deko Javascript checkout bundle. The following script tag should be placed close to the end of the head tag in your main index file:

<script src="https://assets.dekopay.com/wallet/index.js" type="application/javascript"></script>

3. Access Deko API

In order to prevent unauthorised access, you must authenticate all requests using an access token. In additional all requests must be for a specific merchant using their unique credential. To complete authentication, send an HTTP POST request to the auth endpoint, together with the applicable merchant credentials as the payload: client_id and client_secret.

You can see a an example code snippet below:

curl -X 'POST' \
  'https://dummy-api.staging.host.com/auth' \
  -H 'accept: application/hal+json' \
  -H 'Content-Type: application/hal+json' \
  -d '{
  "client_id": "MERCHANT CLIENT ID",
  "client_secret": "MERCHANT CLIENT SECRET"
}'
{
    "access_token": "eyJhbGciOiJSUzI1aDFd45gcCI6IkpXVCIsImtpZCI6Imp6SXZmaU1HNkJqVEpUWGxkRlVwZSJ9.eyJpc3MiOiJodHRwczovL2Rla29wYXktbWVyY2hhbnQtZGV2LmV1LmF1dGgwLmNvbS8iLCJzdWIiOiJwUUhyYkJLcnBOVG1MZ043UEpSVHpJM1JiT0hVZFY4ZEBjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9hcGkuZGVrby11YXQuY29tIiwiaWF0IjoxNjQyNDk4MjI5LCJleHAiOjE2NDI1ODQ2MjksImF6cCI6InBRSHJiQktycE5UbUxnTjdQSlJUekkzUmJPSFVkVjhkIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIn0.p9tisXjwPbOyZ7xodq34-oT3jopJSn7XIOgnzNbVEBsvNHQ94njSgUhv0RCDfSDEUoMEtqJXaR-TbS09dlB8HI1DO6EFRD4BaQ6HqFqoEM0Ad8elQDrN1DnUiR-ggh2Lh2BWgqK3ke2vz_1MYg4tBRlmRU0nGb1T4fMHKPHI7kxtgR_3C6thGQ_tK22QLEx4sRAPx5-KEWkiEh_OJvt6XH851KHO4uihr0ldNm_yIMayjn34c20HMRGUC869dzPsxTc3hb5X0KZ7X3M9PKqd2IFLgoYAKZBykp9xdP4RAL4TCyUjmSzKEXw1jFXDbaaJJOdHyzS2ogTR0XjFylLo-w",
    "expires_in": 84255,
    "token_type": "Bearer"
}

The POST request returns an access_token, which you should add in the _Authorisation _header of any API requests for the corresponding Merchant.

To protect our servers, this endpoint is rate limited. This auth token should be cached for the time specified in the 'expiresIn' field. This token can then be used on any further request to our API until its expiration without requesting a new auth token.

❗️

Use The Right Token

The token which your server obtains from Deko's API will be bound to the Merchant credentials you have provided and should be used for only that merchant. Your platform may be servicing other merchants at the same time and requests for them should use their own unique token.

4. Initialise Deko Wallet

5. Show Finance Offers

6. Start Checkout

7. Complete Checkout

8. Confirm Payment

Updated 18 days ago

Footer
Deko is a trading name of NewDay Technology Ltd, registered in England and Wales (company number 08812602).
NewDay Technology Ltd is an Appointed Representative of NewDay Cards Ltd for the purposes of providing credit broking services.
NewDay Cards Ltd is authorised and regulated by the Financial Conduct Authority (FRN 682417).