Authentication Using Hosted Page Access

Ezypay allows for authentication using hosted page access. Below is a summary on the endpoint required for getting the host page tokens. It is the same endpoint used for getting API access, except that the scope requests for an integrator hosted_payment instead.



The hosted page ID expires after 30minutes. You will need to ensure you refresh these every 30minutes.

The changes required are summarised in the table below:

EndpointAccess ForRequest Params payment tokenstokens (single call)
scope=integrator hosted_payment

Examples on Using Hosted Page Access

Below are examples for creating a hosted payment page:

  • Obtaining a valid token in a single step by passing in the hosted_payment scope \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -H 'cache-control: no-cache' \
  -d 'grant_type=password&client_id=abc&client_secret=xyz&username=myuser&password=mypass&scope=integrator%20hosted_payment'
  • An example response
  "access_token": "ez789-example-tk.",
  "token_type": "Bearer",
  "expires_in": 1800,
  "scope": "integrator hosted_payment"
  • Construct and call the embeded endpoint as you normally would with the resulting token:
<iframe src="{{AU}}&pageType=customer&paymentMethods=BANK,VISA,MASTERCARD"></iframe>
$("iframe").attr("src", ",VISA,MASTERCARD");