Payflow Pro Gateway Guide

close

Services and Compatibility

Payment Gateway Company Name:
Payflow Pro
Services that work with Spreedly:
  • Payflow Pro
Supported operations:
Purchase, Authorize, Capture, Refund, Void, Verify
Supported payment types:
Credit Card, Bank Account
Spreedly 3DS2 Global Supported
No
Gateway Specific 3DS1 Supported
No
Gateway Specific 3D2 Supported
No
Regions:
Asia Pacific, North America
API endpoint URL:
https://payflowpro.paypal.com

Authentication and Security

Specific names for credentials:
Login, Partner, User, Password

Onboarding Merchants in:

Additional Notes

Spreedly integrates to Payflow Pro via Paypal’s XMLPay 2.0 API.

Adding a Payflow Pro gateway

To add a Payflow Pro gateway you just need to supply a login, partner, and password. The login in this case is your Payflow Pro vendor attribute. The partner value is usually Paypal.


curl https://core.spreedly.com/v1/gateways.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<gateway>
        <gateway_type>payflow_pro</gateway_type>
        <login>Your vendor value</login>
        <partner>Paypal</partner>
        <password>password</password>
      </gateway>'

<gateway>
  <token>501HOqbZPFelYPjgPUcHNfewjdx</token>
  <gateway_type>payflow_pro</gateway_type>
  <name>Payflow Pro</name>
  <description nil="true"/>
  <login>Your vendor value</login>
  <partner>Paypal</partner>
  <user nil="true"/>
  <characteristics>
    <supports_purchase type="boolean">true</supports_purchase>
    <supports_authorize type="boolean">true</supports_authorize>
    <supports_capture type="boolean">true</supports_capture>
    <supports_credit type="boolean">true</supports_credit>
    <supports_general_credit type="boolean">false</supports_general_credit>
    <supports_void type="boolean">true</supports_void>
    <supports_verify type="boolean">true</supports_verify>
    <supports_reference_purchase type="boolean">true</supports_reference_purchase>
    <supports_purchase_via_preauthorization type="boolean">false</supports_purchase_via_preauthorization>
    <supports_offsite_purchase type="boolean">false</supports_offsite_purchase>
    <supports_offsite_authorize type="boolean">false</supports_offsite_authorize>
    <supports_3dsecure_purchase type="boolean">false</supports_3dsecure_purchase>
    <supports_3dsecure_authorize type="boolean">false</supports_3dsecure_authorize>
    <supports_store type="boolean">false</supports_store>
    <supports_remove type="boolean">false</supports_remove>
    <supports_fraud_review type="boolean">true</supports_fraud_review>
    <supports_disburse type="boolean">false</supports_disburse>
    <supports_reference_authorization type="boolean">true</supports_reference_authorization>
  </characteristics>
  <credentials>
    <credential>
      <name>login</name>
      <value>Your vendor value</value>
    </credential>
    <credential>
      <name>partner</name>
      <value>Paypal</value>
    </credential>
    <credential>
      <name>user</name>
      <value nil="true"/>
    </credential>
  </credentials>
  <gateway_specific_fields>
    <gateway_specific_field>comment1</gateway_specific_field>
    <gateway_specific_field>comment2</gateway_specific_field>
    <gateway_specific_field>order_desc</gateway_specific_field>
  </gateway_specific_fields>
  <payment_methods>
    <payment_method>credit_card</payment_method>
    <payment_method>bank_account</payment_method>
  </payment_methods>
  <state>retained</state>
  <redacted type="boolean">false</redacted>
  <created_at type="dateTime">2018-06-19T17:07:56Z</created_at>
  <updated_at type="dateTime">2018-06-19T17:07:56Z</updated_at>
</gateway>

You can also specify a user field. Some customers may need to specify this value:


curl https://core.spreedly.com/v1/gateways.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<gateway>
        <gateway_type>payflow_pro</gateway_type>
        <login>Your vendor value</login>
        <partner>Paypal</partner>
        <user>user</user>
        <password>password</password>
      </gateway>'

<gateway>
  <token>E0AbyQImSoqN2f1skSUWZTpMmp2</token>
  <gateway_type>payflow_pro</gateway_type>
  <name>Payflow Pro</name>
  <description nil="true"/>
  <login>Your vendor value</login>
  <partner>Paypal</partner>
  <user>user</user>
  <characteristics>
    <supports_purchase type="boolean">true</supports_purchase>
    <supports_authorize type="boolean">true</supports_authorize>
    <supports_capture type="boolean">true</supports_capture>
    <supports_credit type="boolean">true</supports_credit>
    <supports_general_credit type="boolean">false</supports_general_credit>
    <supports_void type="boolean">true</supports_void>
    <supports_verify type="boolean">true</supports_verify>
    <supports_reference_purchase type="boolean">true</supports_reference_purchase>
    <supports_purchase_via_preauthorization type="boolean">false</supports_purchase_via_preauthorization>
    <supports_offsite_purchase type="boolean">false</supports_offsite_purchase>
    <supports_offsite_authorize type="boolean">false</supports_offsite_authorize>
    <supports_3dsecure_purchase type="boolean">false</supports_3dsecure_purchase>
    <supports_3dsecure_authorize type="boolean">false</supports_3dsecure_authorize>
    <supports_store type="boolean">false</supports_store>
    <supports_remove type="boolean">false</supports_remove>
    <supports_fraud_review type="boolean">true</supports_fraud_review>
    <supports_disburse type="boolean">false</supports_disburse>
    <supports_reference_authorization type="boolean">true</supports_reference_authorization>
  </characteristics>
  <credentials>
    <credential>
      <name>login</name>
      <value>Your vendor value</value>
    </credential>
    <credential>
      <name>partner</name>
      <value>Paypal</value>
    </credential>
    <credential>
      <name>user</name>
      <value>user</value>
    </credential>
  </credentials>
  <gateway_specific_fields>
    <gateway_specific_field>comment1</gateway_specific_field>
    <gateway_specific_field>comment2</gateway_specific_field>
  </gateway_specific_fields>
  <payment_methods>
    <payment_method>credit_card</payment_method>
  </payment_methods>
  <state>retained</state>
  <redacted type="boolean">false</redacted>
  <created_at type="dateTime">2017-07-27T17:49:57Z</created_at>
  <updated_at type="dateTime">2017-07-27T17:49:57Z</updated_at>
</gateway>

Third Party Tokens

Payflow Pro supports payment using Third Party Tokens via a reference transaction. While it is recommended that you retain any payment method you expect to use again in the Spreedly vault, third party tokens might be useful if you have legacy payments with Payflow Pro that need to be referenced for additional transactions, but which do not represent payment methods stored in your Spreedly vault. In this case, you will need to use the PNREF field returned in the original transaction that you would like to reference. This field holds a Payflow Pro token that represents the credit card information from the original transaction. According to Payflow Pro documentation it may be possible to use this token for transacting up to 15 months after the original transaction.

To use the PNREF this way, you must first create a Third Party Token with Spreedly, passing the PNREF value as reference. The object returned by Spreedly contains both a token and a third_party_token field. You’ll see that the third_party_token value is the PNREF. The token value is a Spreedly token that represents the PNREF and may be passed as the payment method token in transactions with your Payflow Pro gateway. Please consult the Payflow Pro documentation on Reference Transactions for details and appropriate use cases of the PNREF token.

Payflow Pro does not support the direct vaulting of payment methods through an operation like store.

Gateway specific fields

When interacting with a Payflow Pro gateway to run transactions, here are the configured gateway specific fields you can specify.

comment1, comment2, order_desc, and merch_descr can be used to help tie reports to your orders/customers or to report on other information about the transaction.

capture_complete indicates whether a delayed capture transaction is the last capture you intend to make. Valid values are Y (default) or N. If Y is passed, any remaining amount of the original reauthorized transaction is automatically released.


curl https://core.spreedly.com/v1/gateways/LlkjmEk0xNkcWrNixXa1fvNoTP4/purchase.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<transaction>
        <payment_method_token>56wyNnSmuA6CWYP7w0MiYCVIbW6</payment_method_token>
        <amount>100</amount>
        <currency_code>USD</currency_code>
        <gateway_specific_fields>
          <payflow_pro>
            <comment1>Airport Shuttle</comment1>
            <comment2>Another Comment</comment2>
            <order_desc>Order Description</order_desc>
            <capture_complete>Y</capture_complete>
            <merch_descr>Merchant Description</merch_descr>
          </payflow_pro>
        </gateway_specific_fields>
      </transaction>'


<transaction>
  <on_test_gateway type="boolean">true</on_test_gateway>
  <created_at type="dateTime">2021-07-07T19:39:07Z</created_at>
  <updated_at type="dateTime">2021-07-07T19:39:07Z</updated_at>
  <succeeded type="boolean">true</succeeded>
  <state>succeeded</state>
  <token>YT9fngxJXKdo4lCFOkeJgPceGgA</token>
  <transaction_type>Purchase</transaction_type>
  <order_id nil="true"/>
  <ip nil="true"/>
  <description nil="true"/>
  <email nil="true"/>
  <merchant_name_descriptor nil="true"/>
  <merchant_location_descriptor nil="true"/>
  <merchant_profile_key nil="true"/>
  <gateway_specific_fields>
    <payflow_pro>
      <comment1>Airport Shuttle</comment1>
      <comment2>Another Comment</comment2>
      <order_desc>Order Description</order_desc>
      <capture_complete>Y</capture_complete>
      <merch_descr>Merchant Description</merch_descr>
    </payflow_pro>
  </gateway_specific_fields>
  <gateway_specific_response_fields>
  </gateway_specific_response_fields>
  <gateway_transaction_id>53</gateway_transaction_id>
  <gateway_latency_ms type="integer">0</gateway_latency_ms>
  <stored_credential_initiator nil="true"/>
  <stored_credential_reason_type nil="true"/>
  <warning nil="true"/>
  <application_id nil="true"/>
  <amount type="integer">100</amount>
  <currency_code>USD</currency_code>
  <retain_on_success type="boolean">false</retain_on_success>
  <payment_method_added type="boolean">false</payment_method_added>
  <smart_routed type="boolean">false</smart_routed>
  <message key="messages.transaction_succeeded">Succeeded!</message>
  <gateway_token>T11bJAANtTWnxl36GYjKWvbNK0g</gateway_token>
  <gateway_type>test</gateway_type>
  <shipping_address>
    <name>Newfirst Newlast</name>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
  </shipping_address>
  <response>
    <success type="boolean">true</success>
    <message>Successful purchase</message>
    <avs_code nil="true"/>
    <avs_message nil="true"/>
    <cvv_code nil="true"/>
    <cvv_message nil="true"/>
    <pending type="boolean">false</pending>
    <result_unknown type="boolean">false</result_unknown>
    <error_code nil="true"/>
    <error_detail nil="true"/>
    <cancelled type="boolean">false</cancelled>
    <fraud_review nil="true"/>
    <created_at type="dateTime">2021-07-07T19:39:07Z</created_at>
    <updated_at type="dateTime">2021-07-07T19:39:07Z</updated_at>
  </response>
  <api_urls>
  </api_urls>
  <payment_method>
    <token>1rpKvP8zOUhj4Y9EDrIoIYQzzD5</token>
    <created_at type="dateTime">2017-06-26T17:04:38Z</created_at>
    <updated_at type="dateTime">2021-07-07T17:59:48Z</updated_at>
    <email>joey@example.com</email>
    <data>
      <my_payment_method_identifier>448</my_payment_method_identifier>
      <extra_stuff>
        <some_other_things>Can be anything really</some_other_things>
      </extra_stuff>
    </data>
    <storage_state>retained</storage_state>
    <test type="boolean">true</test>
    <metadata>
      <key>string value</key>
    </metadata>
    <callback_url nil="true"/>
    <last_four_digits>1111</last_four_digits>
    <first_six_digits>411111</first_six_digits>
    <card_type>visa</card_type>
    <first_name>Newfirst</first_name>
    <last_name>Newlast</last_name>
    <month type="integer">3</month>
    <year type="integer">2032</year>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
    <company nil="true"/>
    <full_name>Newfirst Newlast</full_name>
    <eligible_for_card_updater type="boolean">true</eligible_for_card_updater>
    <shipping_address1 nil="true"/>
    <shipping_address2 nil="true"/>
    <shipping_city nil="true"/>
    <shipping_state nil="true"/>
    <shipping_zip nil="true"/>
    <shipping_country nil="true"/>
    <shipping_phone_number nil="true"/>
    <payment_method_type>credit_card</payment_method_type>
    <errors>
    </errors>
    <verification_value></verification_value>
    <number>XXXX-XXXX-XXXX-1111</number>
    <fingerprint>e3cef43464fc832f6e04f187df25af497994</fingerprint>
  </payment_method>
  <attempt_3dsecure type="boolean">false</attempt_3dsecure>
</transaction>