Connect-E - Getting Started

Connect-E simplifies taking payments on your site by removing the need to handle card details. It simplifies PCI compliance by only handling card details on our secure servers.

Access Tokens

To use either Connect-E Standard or Connect-E Checkout you must acquire an access token. These can be generated from the Connect-E REST API. Each token can only be used once and has a lifetime of 30 minutes. Once a token has expired or is used, another one must be generated. See the documentation of our REST API for more information.

Connect-E Standard

Connect-E Standard allows you to apply custom styles to the payment form while maintaining the security of having card details managed within our secure environment. This gives the best user experience as the payment form sits seamlessly within your site.

Features

Connect-E Checkout

Connect-E Checkout removes the hassle of creating and styling a payment form. Simply reference our JavaScript and pass in some configuration and when the payment is complete the outcome is posted to your server.

Features

Environments

We have two environments, test and production. This allows you test your integration is working correctly in our isolated testing enviromment before pushing to live. You will be issued separate API keys for each environment, these are linked to the user names associated with you test and live gateway accounts.

Test

In our test environment the JavaScript can be loaded from https://web.e.test.connect.paymentsense.cloud/assets/js/client.js and requests to the REST API are on the domain e.test.connect.paymentsense.cloud

Production

In our production environment the JavaScript can be loaded from https://web.e.connect.paymentsense.cloud/assets/js/client.js and requests to the REST API are on the domain e.connect.paymentsense.cloud

Content Security Policy Headers

We recommend setting Content Security Policy headers on sites that implement either Connect-E Standard or Checkout.
This adds another layer of security to your site, by limiting where content can be loaded from as well as stopping your site being embedded into another page.

Please read the related documentation as the requirements will differ from site to site depending on where the application loads content from. If you're loading content from any other domains such as a content delivery network they'll need to be added to the Content Security Policy header returned by your site. Below is a good starting point, all content is loaded from the domain the site is hosted on or from a subdomain of paymentsense.cloud and the page cannot be used in a frame. We allow frame contents to be loaded from anywhere so the 3DS authorization page can be loaded into an iframe.

Content-Security-Policy: default-src 'self' *.paymentsense.cloud; frame-ancestors 'none'; frame-src *;