Integration mode to choose if you want to have control over all the steps of the order.

In Full API integration, you will oversee the calls concerning the eligibility of the customer but also the payment.


Requirements :

  • A dedicated and not shared IP
  • Your IP must have a good reputation on this website : https://www.brightcloud.com/tools/url-ip-lookup.php . If not, you can request a change using the form.
  • This integration method requires PCI-DSS certification
  • Calls to FLOA services must be made on the server side, the authentication token being provided for each call to our services must not be on the client side

This integration offers the following advantages :

  • You master all the steps of the order
  • You set up your own payment page

Disadvantages of this integration :

  • Requires PCI-DSS certification
  • More developments are needed to integrate all the calls to the different services

Workflow for 3DS payment

Services to call for 3DS payment




Subject to customer information and consent (workshop to be conducted with your account manager)

For a 1XD payment, specify the number of days of deferment in reportDelayInDays


For better tracking of the orders, we recommend you put the same value in presaleFolder/shoppingCarts/reference for the PreEligibility and Eligibility
In the case of a 1XD payment, indicate the number of deferred days in reportDelayInDays
In the case of a iXC payment, birthDate, birthZipCode, maidenName are not mandatory

Call JS ThreatMetrix

ThreatMetrix is a fraud detection tool used by Floa. For efficient detection, it is necessary to implement the call to a ThreatMetrix JS function to collect some data about the customer.


The call of this JavaScript must be made as soon as the payment page is loaded (on the onLoad), to give the JS time to execute.
If you can't do it, apply a 3 second timer when clicking on the pay button.

The call must consist of the following :

IdEnvTMXIntegration: provided by Floa
Production : provided by Floa
OrderRefUnique order reference on the merchant side
Value that will be sent in order/orderRef when calling Check enrollment
ScoringTokenScoring token issued if scoring positive (customer eligible for FloaPay payment)
Value returned in eligibilities/token of the Eligibility service
PaymentAttemptNumber of the payment attempt. Starting with 1

Example :

<script type="text/javascript" src="https://paiement.cb4x.fr/fp/tags.js?org_id=9pmkcy8r&pageid=1&session_id=CB4X20210326001-ed730b5b-f885-4ce5-bd69-9d4253e7ee7a-1">

3DS enrollment

Check enrollment
For better tracking of orders, we recommend you put the same value in order/orderRef as presaleFolder/shoppingCarts/reference
In the case of a 1XD payment, indicate the number of deferred days in options/reportDelayInDays


The orderData/orderTag field, present in the service contract, must not be used.

Send in order/amount the value returned by the Eligibility service in the totalAmount field.

ACS page (3DS code entry)

User´s redirection to the URL returned by the 3D enrollment service card3dsRedirectionData.redirectionUrl (Redirection operated by the merchant)

Back from ACS

Redirect the user to the URL specified in returnUrl when calling the 3D enrollment service.

Payment validation

Validate authentication AND authorize / payment
Put the same value in order/orderRef as order/orderRef when calling the 3DS enrollment.