Alipay, China's leading third-party online payment solutionAlipay, China's leading third-party online payment solution

createVaultingSession

POST /v1/vaults/createVaultingSession

The createVaultingSession API is used to create a vaulting session for client-side SDK integration. Through this API response, Alipay returns encrypted session data. You use the session data to initiate the client-side SDK. The SDK helps you complete the card vaulting process before a payment is initiated.

Structure

A message consists of a header and body. The following sections are focused on the body structure. For the header structure, see:

Note: Set the data type of each field (except array) as String. This means that you must use double quotation marks (" ") to enclose the field value. Examples:

  • If the data type of a field is Integer and its value is 20, set it as "20".
  • If the data type of a field is Boolean and its value is true, set it as "true".  

Request parameters

paymentMethodType String  REQUIRED

The payment method type that is included in payment method options. See Payment methods to check the valid values for card payments.  

More information:

  • Maximum length: 64 characters

vaultingRequestId String  REQUIRED

The unique ID that is assigned by a merchant to identify a card vaulting request. 

More information:

  • Maximum length: 64 characters

vaultingNotificationUrl String  

The URL that is used to receive the vaulting result notification. 

More information:

  • Maximum length: 2048 characters

redirectUrl String  

The merchant page URL that the buyer is redirected to after the vaulting process is completed.

Specify this parameter if you want to redirect the buyer to your page directly after the vaulting is completed.

More information:

  • Maximum length: 2048 characters

Response parameters

result Result  REQUIRED

The result of the API call. 

Show child parameters

vaultingSessionData String  REQUIRED

The encrypted vaulting session data. Pass the data to your front end to initiate the client-side SDK.   

More information:

  • Maximum length: 4096 characters

vaultingSessionId String  REQUIRED

The encrypted ID that is assigned by Alipay to identify a vaulting session.   

More information:

  • Maximum length: 64 characters

vaultingSessionExpiryTime Datetime  REQUIRED

The specific date and time after which the vaulting session will expire. 

More information:

  • The value follows the ISO 8601 standard format. For example, "2019-11-27T12:01:01+08:00".
API Explorer
Sample CodesRun in Sandbox

Request

URL

Request Body

Response

Response Body

Result/Error codes

CodeValueMessageFurther action
SUCCESSSSuccess

The vaulting session is successfully created. No further action is needed.

PARAM_ILLEGALFThe required parameters are not passed, or illegal parameters exist. For example, a non-numeric input, an invalid date, or the length and type of the parameter are wrong.

Check and verify whether the required request fields (including the header fields and body fields) of the current API are correctly passed and valid.

PROCESS_FAILFA general business failure occurred.

Do not retry. Human intervention is usually needed. It is recommended that you contact Alipay Technical Support to troubleshoot the issue.

UNKNOWN_EXCEPTIONUAn API call has failed, which is caused by unknown reasons.

Call the interface again to resolve the issue. If not resolved, contact Alipay Technical Support.