Overview

BridgePay's WebLINK interface is a flexible, integrated payment solution for e-Commerce transaction processing. WebLINK accepts transaction request data through an HTTPS POST from the merchant website.

WebLINK creates a payment page for you in response to an HTTPS POST from a web <form> and hosts it on the BridgePay servers. You can customize the payment page to match your website's branding and data collection needs.

Use WebLINK to ensure the merchant is outside of PCI scope and to get up and running quickly. The available template customization features provide enough flexibility for your desired user experience.

WebLINK also generates and displays a receipt for the transaction within the WebLINK interface. After processing the transaction, WebLINK returns transaction details and customer information to the merchant.

In addition, WebLINK can be configured to send receipt emails to customers and transaction confirmation emails to merchants. BridgePay provides standard templates for all pages and emails, but you may create and save your own custom templates using the BridgePay Merchant Boarding Portal.

Integration 

To use WebLINK, create an HTML form that POSTs to the WebLINK URL. Set the parameters in the form to control and customize behavior. WebLINK generates a payment form for the customer. When the customer completes the payment, WebLINK displays a receipt and sends the results to a specified URL.

See Flow Chart for an overview of WebLINK logic. The following sections describe how to use WebLINK in an integration.

Creating the Form

The first step is to create the form that submits to WebLINK. The <form> element must specify a method of post and an action pointing to the WebLINK URL:

https://www.bridgepaynetsecuretest.com/WebLink3/WebLink.aspx

The minimum fields you need to submit on the form are:

• mode - This value must be PaymentForm. 

• purchaseToken - A previously acquired GUID from the BridgeComm ActionService (see the BridgeComm v2.3.4 or later documentation for details on acquiring a purchase token).
  Purchase Tokens are used to securely represent the Login/Merchant credentials for a single transaction. Each Purchase Token is valid for 15 minutes and is then deleted.
   

Include data fields as <input> elements in the form. Specify the name of the field in the name attribute and the value in the value attribute. Specify a type attribute value of hidden to prevent  the value from being displayed on your HTML page, or use a standard HTML input type to allow customers to fill in values.

The following example configures WebLINK in the simplest format possible. WebLINK creates a hosted payment form, collects all customer and payment data, and handles the receipt.

The following shows an example of the default payment page: 

Open

 Sending Additional Data

In addition to the minimum fields, you can send additional data regarding the transaction to the form. Any additional data that you send, such as billing information, is pre- filled when WebLINK displays the payment form.

The following example pre-fills an amount of $20.00 on the payment form:
 

See Request Fields for a complete list. 

Handling Responses

When operating WebLINK, applications typically need to know when/if a transaction completed successfully in order to record that in the merchant’s system. WebLINK provides a few parameters that can be used for this purpose:
 

• ReceiptURL – If provided, WebLINK POSTs all transaction data and re-direct the user’s browser to this URL after a successful transaction. If this parameter is not provided, WebLINK simply displays the standard receipt page by default. See ReceiptURL Sample for an example of this page in ASP.

• FailURL – If provided, WebLINK POSTs all transaction data and re-directs the user’s browser to this URL after a declined transaction. If this parameter is not provided,
  WebLINK simply displays the payment form again with the error message displayed.

• CompleteURL – If provided, WebLINK POSTs all transaction data to this URL. Any output generated from this URL is NOT sent to the user’s browser, however. This is the ideal place to do any post transaction work. See CompleteURL Sample for an example of this page in ASP.
   

The following example uses WebLINK to display the payment form, collect the customer and payment information, and generate a merchant confirmation email. The receipt, however, displays on the merchant's website, as set in the ReceiptURL value.

Once this data is posted to WebLINK, the transaction is processed and an XML response is immediately returned to the caller. The response parameters are contained in the <Data> element.

Every parameter received in the POST message is echoed back to the calling application in the response XML.

The response fields from the gateway are also included in the XML. Response fields are prefixed by r_, for example: r_Result.

The format of the xml is: 

For each of transaction, address verification, and card verification results, WebLINK returns two fields: a response code (r_Result, r_AvsResult, r_CvResult) and a text description of the response (r_RespMsg or r_Message, r_AvsResultText, r_CvResultTest). Always use the response codes (r_Result, r_AvsResult, r_CvResult) to verify the results. The text description values cannot be guaranteed to be consistent.

See Response Fields for a complete list.

The merchant application should use the data in the response field to display transaction results to the user and to perform any updates to the merchant’s database that need to be performed.

Styling the Payment Form

You can customize the appearance of the default payment form displayed by WebLINK by including style fields in your request.

The following example sets the page background to dark gray, the form background to light gray, and the font to Times New Roman: 

See Payment Form Style Fields for a complete list of style options.

Adding a Cancel Button

If you submit a CancelUrl value, the payment form will include a cancel button. When customers click the cancel button, they are returned to the specified CancelUrl.

The following example adds a Cancel Button to the payment form:  

The following shows an example of a payment form with a cancel button:

Open

Using Custom Templates

In addition to customizing the default templates provided by BridgePay, you can also use your own custom payment templates. WebLINK allows you to create custom templates for the payment form, receipts, emails, and timeout errors.

The following example uses a custom payment form template created in the Merchant Boarding Portal. 
The integrator collects the customer information, leaving WebLINK to collect payment information and display the receipt.

The element <input  type="hidden"  name="PaymentFormTID"  value="1" /> tells WebLINK to use the custom payment form number one.
 

Custom templates are set in the Merchant Boarding Portal. See Templates for complete instructions on creating and editing templates.

Tokenization

WebLINK supports the ability to tokenize a card number and re-use it in place of the actual card number in subsequent transactions. These tokens do not expire and are valid as long as the credit card number is valid. For recurring transactions the token and expiration date are required along with the normal sale, auth, etc. transaction request information.

Basic use

Every transaction performed, results in a token being returned to the caller. This token can then be used in subsequent transactions in place of the actual card number. You will still need to provide expiration date and CV number as necessary.

Wallet

WebLINK supports storing card holder payment information for use in subsequent transactions. This functionality expands upon tokenization by also securely storing additional card holder data such as expiration date, card holder name and AVS data.

Requirements

In order to enable the wallet functionality, you must obtain a wallet site identifier. This is used to logically group your wallets for administration purposes. Please work with your Bridgepay integration specialist to obtain a wallet site identifier.

Basic use

Provide the wallet site id you obtained from your Bridgepay integration specialist and enable the wallet via the EnableWallet request field. The payment form will then display an option for the user to save their current payment information for later use. If they select this option and the transaction is processed successfully, a wallet key and wallet token are returned to the caller.

These two values are then used on subsequent requests to WebLINK to enable the end user to use their stored payment information.

Request Fields

WebLINK's standard request fields include customer information, payment information, formatting parameters, and fields that govern WebLINK's behavior. All fields are case-sensitive.

⚡ Request field values for form style and application behavior take precedence over the default Templates and Settings configured in the Merchant Boarding Portal.

 The following tables contains field descriptions. Unless otherwise stated, all fields are optional.

🛈 Varchar indicates variable length character string which can include alphanumeric (0-9, a-z, A-Z and hyphens) unless otherwise specified.

🛈 Integer indicates numeric with maximum length of 9 digits unless otherwise specified.

General Purpose Request Fields

The following fields set credentials and basic processing options and are case-sensitive:

Credit Transaction Detail Request Fields

The fields in this table describe the credit transaction being submitted. All fields are case-sensitive.

Behavior Request Fields

These fields influence how the WebLINK application processes. All fields are case-sensitive. All URL’s must use ‘HTTPS’.

Template Selection Request Fields

The following fields allow you to set custom templates to use for the payment form, receipts, and email. If you do not submit values, WebLINK uses the default forms. All fields are case-sensitive.

Payment Form Style Fields

The following fields can be used to customize the look and feel of the WebLINK payment collection form. All fields are case-sensitive.

Wallet Request Fields

The following fields are used when you wish to take advantage of the wallet functionality. All fields are case-sensitive.

Response Fields

All request fields are echoed back in the response messages sent by WebLINK and are case-sensitive. The transaction results from the host are also included, prefixed by r_.

These fields are available for use in email and receipt templates, and when specified, these fields post to FailURL, CompleteURL, and ReceiptURL.
⚡ Some fields are only available after initiating the transaction (e.g, AuthCode).

 The following table contains field descriptions of the host response fields:

Templates and Settings

The following sections discuss how to use the BridgePay Merchant Boarding Portal to configure templates and default settings. The Merchant Boarding Portal is available at:

https://www.mybridgepaytest.com/

Settings

The application settings available for configuration are:

• PaymentTypes

• MerchantEmail

• ReceiptURL

• FailURL

• EmailFrom

• ReceiptLogoURL 

For description of these fields, see Request Fields.

⚡Remember that you can also set the values for these fields on a case-by-case basis in the form post. Values in the form posts take precedence over values set in the
Merchant Boarding Portal.

Templates

WebLINK uses these types of templates:

• CustomerEmail – Customizes the display of the transaction receipt email sent to customer.

• MerchantEmail – Customizes the display of the transaction confirmation email sent to the merchant.

• PaymentForm – Configures the settings and display of the payment form.

• PaymentFormSplit – Configures the settings and display of the payment form for split transactions.

• TokenziationForm – Configures the settings and display of the tokenization form.

• Receipt – Configures the settings and display of the transaction receipt.

• ReceiptSplit – Configures the settings and display of the transaction receipt for split transactions.

• SessionTimeout – Configures the settings and display of the page when a session timeout occurs.

There are two categories of templates: merchant and custom. WebLINK invokes merchant templates by default if you don't pass a custom template ID in the request data. You may also create a custom template and invoke it on-demand by passing the corresponding Template ID (TID) when posting to WebLINK.

To customize a merchant template, paste your formatted code into the HTML field for the specified template and click Save. To create a custom template, select the template type from the dropdown menu and click Create. A new template entry appears with a new TID. Paste your custom template code into the HTML field and click Save.

You are responsible for pasting in the proper HTML for the new template. See Request Fields for a list of custom template ID fields and Formatting Templates below for information on formatting the template HTML properly.

Formatting Templates

All templates consist of HTML pages. HTML pages can be customized using various WebLINK-specific placeholder tags. The following sections describe how to use the placeholder tags. See the default templates in the merchant boarding portal for more examples on how to create templates.

Parameter Placeholders

WebLINK uses unique placeholders inside of templates to render the payment form, payment receipt, merchant transaction confirmation email, and customer transaction receipt email. You structure these templates just like typical HTML documents, but you also include specific placeholders that WebLINK uses to assemble the form or email.

Placeholder Format 
 

⚡Remember that you can also set the values for these fields on a case-by-case basis in the form post. Values in the form posts take precedence over values set in the
Merchant Boarding Portal.

 If the customer's browser supports JavaScript, there is client-side validation in addition to server-side validation after submitting the payment form. WebLINK automatically generates the necessary JavaScript code for you.

You can use placeholders almost anywhere in an HTML template. Simply use the placeholder inside an HTML tag, such as a <span> and WebLINK displays the placeholder’s value in the template.

Placeholder Format 
 

 You can also use a placeholder as the value attribute of an <input> element. In this case, WebLINK pre-fills the input field with the value of the placeholder when rendering the template.

⚡The element's <input> name attribute must match the name of the placeholder.

 Required Placeholders

These placeholders must be in every template in order for WebLINK to function properly:

Security Logo Placeholders

These optional placeholders display security logos:

Reserved Placeholders

All Request Fields are reserved placeholders. For example, if you put <!--[ InvoiceNum]--> in the HTML template for the payment form and submitted a value of 123456 in the text box, the payment server receives 123456 as the invoice number for the transaction.

Special Reserved Placeholders

The following table contains special reserved placeholders. See Parameter Placeholders for an example of placeholder usage.
 

Error Placeholders

Errors display on the payment form with two reserved placeholder fields, r_Message and ValidationErrors. r_Message contains a formatted response message from the payment gateway, describing the status of the processed transaction. ValidationErrors contains a comma-delimited list of errors deriving from improper data entry on the initial post to WebLINK or from the end-user submitting the payment form. If you specify a FailURL,errors post to the given URL instead of displaying on the payment form.

🛈 Validation errors resulting from the end-user's form submission are rare as the forms use client-side validation to handle these types of errors.

Conditional HTML Placeholders

Conditional HTML placeholders consist of an opening tag and closing tag. Any HTML between the tags is conditionally rendered by WebLINK based on the following rules:

Custom Placeholders

You can also create custom placeholders to use in the payment form to gather and pass to the receipt or CompleteURL. Format custom placeholders like WebLINK's reserved placeholders.

For example, if you want to give customers a space to include an optional note concerning their order:

⚡Since the placeholder was used in the value parameter, any initial value for “AdditionalNotes” POSTed to WebLINK is rendered in the form. If you do not need to pre-fill the input value, you can simply omit the value attribute.
 

Example

The following is an example of the special placeholder for CardTypeName to generate an HTML <select>, followed by the rendered HTML

Placeholder

Rendered HTML

eCommerce Integration Options

The following sections discuss several different eCommerce implementations supported by the BridgePay WebLINK application. Each implementation type has different recommendations for secure operation. Impact to merchant operations, PCI DSS compliance and scoping is also discussed and exhibits their own set of advantages and disadvantages.

Integration Types

1. URL Redirect - Hosted payment page which redirects the consumer to a page on an entirely different domain hosted by Bridgepay for payment entry.

   1. iFrame - An inline frame (or “iFrame”) that allows a payment form hosted by a BridgePay to be embedded within the merchant’s page(s). 

URL Redirect Implementation

In the Redirect model, the cardholder is redirected from the merchant’s website to BridgePay’s hosted payment page. The cardholder enters their data (Card Holder Data – CHD) into the payment page hosted by BridgePay.

Redirect Process

1. The user browses the Merchant’s website to build a shopping cart. This website is hosted by a PCI Web Hosting facility which is a third-party hosting company.

2. The Merchant's website issues a redirect to the BridgePay payment page, which is displayed within the cardholder’s web browser.

3. The cardholder enters all CHD into the payment page. CHD is submitted directly to the BridgePay Gateway.

4. The transaction result is returned to the specified URI. Does not contain CHD.

Merchant Impact

In this scenario, no CHD is submitted to the merchant, therefore the merchant has no cardholder data environment. The merchant may be eligible to validate PCI DSS compliance via self-assessment, SAQ A, which is applicable to outsourced e-commerce environments using redirection mechanisms to redirect customers to a PCI DSS compliant payment service provider.

While there is no CHD in the merchant environment, it is still important for merchants using a URL redirect to ensure their websites are secure. A compromised web server could mean the redirect was changed to a bogus payment site in order to steal cardholder data—e.g., man-in-the-middle attacks wherein the web server collects and sends data to malicious individuals.

⚡Merchants should consult their QSA for complete compliance requirements for their environment.
 

Summary

The redirect method is usually easier for merchants to secure, and typically results in fewer applicable PCI DSS requirements and lower risk of merchant systems being compromised. While this method may be the best option for merchants with limited security or technical ability, this option may not suit many merchants wishing to provide advanced features, or a more customizable customer payment experience.

Merchants should consider the benefits and costs of customization versus the increased need for security controls, and the resulting increase in security responsibility in conjunction with the applicable PCI DSS requirements.

iFrame Implementation

An iFrame (or Inline Frame) is a method of seamlessly embedding a web page within another web page—the iFrame becomes a frame for displaying another web page, in this case the payment form.

In e-commerce payments, the pages delivered during the checkout process would be supplied by the merchant's website, with an embedded iFrame supplied by BridgePay within that process. BridgePay’s iFrame receives all cardholder data entered by the cardholder.

iFrame Process

1. The cardholder browses a Merchant's website, filling a shopping basket before reaching the payment page.

2. The Merchant's shopping cart embeds an iFrame with the WebLINK payment form (received, in its entirety, from the BridgePay web server) to the cardholder’s web browser.

3. The cardholder enters all CHD into this embedded iFrame. The CHD is submitted directly to the BridgePay Gateway.

4. The transaction result is returned to a specified URL / results page. Does not contain CHD.

5. Transaction Results are displayed to the cardholder.

iFrame Security Considerations

iFrames rely on a technique known as same-origin policy for secure operations. Enforcing origin policy in the http response headers helps prevent vulnerabilities such as Click-Jacking. Merchants need to ensure their website is configured to prevent framing of the payment iFrame by malicious code. There are couple of options when configuring origin policy:

1. X-Frame-Options

“The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.” “The added security is only provided if the user accessing the document is using a browser supporting X-Frame-Options.” –  Mozilla MDN web docs

2. Content Security Policy (CSP)

“The HTTP Content-Security-Policy response header allows web site administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross- site scripting attacks (XSS).”

“The HTTP Content-Security-Policy (CSP) frame-ancestors directive specifies valid parents that may embed a page using <frame>, <iframe>, <object>, <embed>, or <applet>.” –  Mozilla MDN web docs

⚡It is recommended that both options be implemented since not all browsers support X-Frame-Options and CSP. Implementing both ensures the widest range
of browsers are protected.
 

Example Configuration – Web.Config

Example Configuration – Apache

Header set X-Frame-Options "ALLOW-FROM https://www.merchant-website.com/"" Header set Content-Secure-Policy frame-ancestors "https://www.merchant- http://website.com/ "

While no CHD is submitted to the merchant environment, merchants should consider additional security controls to reduce eCommerce risk even if not required by a PCI DSS SAQ. Server hardening, vulnerability management monitoring server / application activity are effective controls to reducerisk.

References

Mozilla – X-Frame-Options
Mozilla - Content Security Polity
Owasp – Clickjacking Defense

Merchant Impact

In this scenario, no CHD is submitted to the merchant, therefore the merchant has no cardholder data environment. The merchant may be eligible to validate PCI DSS compliance via self-assessment, SAQ A, which is applicable to outsourced e-commerce environments using iFrames to redirect customers to a PCI DSS compliant payment service provider.

⚡Remember that you can also set the values for these fields on a case-by-case basis in the form post. Values in the form posts take precedence over values set in the
Merchant Boarding Portal.

 Summary 

The iFrame e-commerce method is usually easier for merchants to secure, and typically results in fewer applicable PCI DSS requirements. This method also will lower risk of merchant systems from being compromised, although not as low as the redirect method. However, this method also offers a better customer payment experience since the customer remains on the merchant website throughout the payment process. The inline payment form can provide a better “look and feel” than the redirect 
payment method, as the payment page can be customized to match the website design using WebLINK’s custom templates.

PCI DSS Documentation Requirements by Integration Type
 

*From the Best Practices for Securing E-commerce PCI DSS Information Supplement
Merchants should consult their QSA for complete compliance requirement for their environment.

Appendix

Flow Chart

reCAPTCHA

The following section describes the different reCAPTCHA implementations supported by the BridgePay WebLINK application. Each implementation has different advantages and disadvantages based on implementation type.

What is reCAPTCHA?

reCAPTCHA protects WebLINK hosted payment forms from SPAM and bot abuse. Using reCAPTCHA on the payment forms reduces the risk of fraudulent transactions from being processed through a merchant’s eCommerce site, by performing a Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) test, which differentiates between humans and bots.

One of the most common CAPTCHA methods used today are forms that request you to enter a combination of letters and numbers that are displayed in a distorted format, and are often difficult to read.

BridgePay has adopted an alternative solution to secure its payment forms through Google’s implementation method, reCAPTCHA. During the payment process when the cardholder is ready to submit their purchase, the cardholder simply checks the box “I’m not a robot”, and the transaction is submitted. This is the default integration method.

Key Features of reCAPTCHA

1. Provide merchants with a secure payment form with visible security.

2. No disruption to the payment process.

3. Block bots, spammers and automated scripts from using the payment form on the merchant’s site.

4. Reduce fraudulent transactions.

Integration Types 

1.  reCAPTCHA Widget – Displays the reCAPTCHA widget on the payment form. Users click the “I’m not a robot” check box during the payment process to complete the transaction submission.

2. Invisible reCAPTCHA – Invisible reCAPTCHA does not require the user to click on a check box. This method automatically binds the submit button on the payment page to submit the reCAPTCHA challenge.

Payment Form Templates

1. Default Payment Form templates have the reCAPTCHA implemented by default and has the widget displayed to the user.

2. Custom templates uploaded by integrators will need to add the necessary reCAPTCHA code to their template
    

Code Examples

You just need include the code below in your template and the BridgePay code will do the rest.  The examples below include code that will present the reCAPTCHA widget.

1. Payment Form 

2. Tokenization Form

Default Payment Form

Code Samples

 
CompleteURL Sample

The following ASP code is an example of a CompleteURL page. This page receives a POST containing the result of the transaction, regardless of the transaction result. This page should display the results to the customer and perform any needed updates to the merchant’s system.
 

ReceiptURL Sample

The following ASP code is an example of a ReceiptURL page. This page receives a POST containing the result of a successful transaction in order to display a receipt.

The sample page displays the receipt.

The sample code processes the results and performs any needed updates to the merchant’s system.

iFrame Integration and Setup

The purpose of the Payment iFrame, is to allow a merchant to embed an HTML document within their checkout page that will collect user-entered payment data, and return the standard data. The token can be used for processing payments through WebLINK3. The Payment iFrame and the accompanying client library, allow the merchant to process card data in a PCI compliant manner, while also affording them greater programmatic control over the look and feel of the embedded input form.

PCI Scope

The Payment iFrame reduces PCI scope for the merchant by enabling them to outsource the capture of sensitive credit and debit card data. Bridgepay Gateway controls the data capture, sends it to our server for encryption, and returns an encrypted token to the merchant which can be used with WebLINK3 for further payment processing. With our solution, merchants never handle card data directly, putting their environment outside of PCI scope.

Payment iFrame Flow

Security and Safety Measures

The following security measures and restrictions must be taken into consideration when integrating with the WebLINK3 Payment iFrame.

Domain Whitelist

A whitelist of allowed domains is maintained in the Weblink Configuration page. The list is consulted before the iframe is loaded. The domain must first be added to the IFRAME DOMAINS section on their settings page. The input supports a comma separated list of domains, subdomains, and wildcard subdomains. Entries must exclude the protocol.

Sample entry:

bridgepay.com, www.mybridgepay.com, *.yourdomain.com If the iframe is loaded from a domain not included in this list, a security error message is presented.

iFrame Timeout

As the Payment iFrame contains sensitive card data, it is treated with high security standards. Part of that increased security includes a process whereby the HTML page will timeout after 10 minutes of inactivity. The reasoning behind this feature is to protect end users who may enter their card data on an open page, and then walk away leaving their computer unattended before submitting the page. By automatically redirecting the iFrame, we protect their card data from other users on the same computer.

iFrame Setup

Add host name

You need to add all of the domains that will integrate to WebLINK3. If the iframe is loaded from a domain not included in this list, the page will not display.

Templates

There are two categories of templates: merchant and custom. WebLINK invokes merchant templates by default if you don't pass a custom template ID with the request data. You may also create a custom template and invoke it on-demand, by passing the corresponding Template ID (TID) when posting to WebLINK.

To customize a merchant template, paste your formatted code into the HTML field for the specified template, and click ‘Save’. To create a custom template, select the template type from the dropdown menu and click ‘Create’. A new template entry appears with a new TID. Paste your custom template code into the HTML field and click Save.

⚡You are responsible for pasting in the proper HTML for the new template. 

WebLINK uses the following types of templates:

Customer Email
Customizes the display of the transaction receipt email sent to customer.

Merchant Email
Customizes the display of the transaction confirmation email sent to the merchant.

Payment Form
Configures the settings and display of the payment form.

Payment Form Split
Configures the settings and display of the payment form for split transactions.

Tokenization Form
Configures the settings and display of the tokenization form.

Receipt
Configures the settings and display of the transaction receipt.

Receipt Split
Configures the settings and display of the transaction receipt for split transactions.

SessionTimeout
Configures the settings and display of the page when a session timeout occurs.

Typical Flow

Credit Card

Sample Code

Request

Response

Response Information

Resource Description
 

Acquire a Purchase Token

In order to acquire a purchase token, you must call the Action Service on the BridgePay gateway URL. The Action Service is a Microsoft Windows Communication Foundation (WCF) Service that is accessible via a Web Services Definition Language (WSDL) endpoint and implements a standard Simple Object Access Protocol (SOAP) interface. Using Microsoft’s Visual Studio, use these steps for creating a sample project to integrate to the service.

Create a Console App

In Visual Studio, create a new C# .Net Console App.

Add a Service Reference to the Action Service

After creating your project, right-click on the project and select “Add -> Service Reference…”

In the Add Service Reference window, enter the URL for the Action Service into the Address box and click “Go.” Set the namespace you want to use in your code in the Namespace box and click OK. The URL for the UAT version of the Action Service is:

https://www.bridgepaynetsecuretest.com/PaymentService/ActionService.svc

Write Code to Acquire a Purchase Token

With the Service Reference created, you are now ready to write the code that will call the Action Service to acquire a purchase token.

Add the following code to the Program.cs file:

• The using statement instantiates the class for accessing the Action Service.

• The first statement within the try block calls the AcquirePurchaseToken method with the defined parameters to acquire a purchase token.

• After you get a Purchase Token, that Purchase Token is available for 15 minutes and can then be used in future calls to BridgeComm or WebLink 3.
   

WebLINK API Fields

Table of Contents