Pay with Points

Topics covered on this page

How to enable
Payment flow
Implementation
Voids and refunds
Limits
Next steps

Enable your customers to make purchases using their credit card loyalty points using Pay with Points. This guide walks you through the payment flow and details on how to implement.

Citi Rewards Points is the only credit card loyalty program currently supported.

How to enable

Supported Countries: Thailand
Minimum API version: 2017-11-02

Pay with Points is currently in closed beta. If you are interested in accepting payments via this payment method, please leave your details in this form. We will provide updates as we open the service to more merchants.

Payment flow

Customers paying via Pay with Points go through a redirect payment flow using their personal account details and a one-time password (OTP) to authorize payment. After creating the charge, the customer is redirected twice: once leaving your site for charge authorization and once returning to your site upon charge completion.

The following screenshots illustrate this flow. First, the customer selects the payment method Pay with Points ❷ and confirms the payment amount ❸.

Points Select

After confirming, the customer is redirected to a form to enter their mobile number and the last four digits of their credit card ❹. An OTP will be sent to the provided mobile number. After entering the OTP ❺, the customer will be prompted to authorize the point deduction amount (along with their remaining balance) and confirm ❻. Upon completion, the customer will be redirected back to your website ❼ and Omise will send a webhook event (if enabled) stating that the charge is complete.

Payment Flow

Implementation

To create a charge using Pay with Points, make the following API requests.

Create a new payment source (type: points_citi) using Omise.js or one of the mobile SDKs (iOS and Android)
Create a new charge using the identifier of the source created in Step 1.
After receiving the charge completion webhook event, retrieve the charge to verify its status (optional, but recommended).

Use your public key to create the Pay with Points source on the client (a customer's browser or mobile phone). Use your secret key to create the Pay with Points charge on the server.

If both the creation and charge of a source must happen server-side, you can create and charge the source in a single API request using your secret key.

Creating a source

When the customer confirms that they wish to pay with this payment method, create a new source specifying the amount, currency, and type.

The following examples demonstrate the creation of a new Pay with Points source for ฿4,000. Replace the omise_public_key and $OMISE_PUBLIC_KEY variables with the test public key found on your dashboard.

Using Omise.js, the type parameter is supplied as the first argument to the createSource method.

Omise.setPublicKey(omise_public_key);

Omise.createSource('points_citi', {
  "amount": 400000,
  "currency": "THB"
}, function(statusCode, response) {
  console.log(response)
});

For testing, you can create the same request using curl.

curl https://api.omise.co/sources \
  -X POST \
  -u $OMISE_PUBLIC_KEY: \
  -d "amount=400000" \
  -d "currency=THB" \
  -d "type=points_citi"

{
  "object": "source",
  "id": "src_test_5kdpogkw4e3k3fhkois",
  "livemode": false,
  "location": "/sources/src_test_5kdpogkw4e3k3fhkois",
  "amount": 400000,
  "barcode": null,
  "created_at": "2020-06-30T03:53:39Z",
  "currency": "THB",
  "email": null,
  "flow": "redirect",
  "installment_term": null,
  "name": null,
  "mobile_number": null,
  "phone_number": null,
  "scannable_code": null,
  "references": null,
  "store_id": null,
  "store_name": null,
  "terminal_id": null,
  "type": "points_citi",
  "zero_interest_installments": null
}

The id attribute is the source identifier (begins with src).

Creating a charge

Create a charge specifying the parameters return_uri, source, amount, and currency.

return_uri specifies the location on your website to which the customer should be redirected after completing the payment authorization step.
source specifies the source identifier.
amount and currency must match amount and currency of the source.

The following example demonstrates how to create a new charge using curl. Replace $OMISE_SECRET_KEY with your test secret key found on your dashboard. Replace $SOURCE_ID with the id of the source.

curl https://api.omise.co/charges \
  -u $OMISE_SECRET_KEY: \
  -d "amount=400000" \
  -d "currency=THB" \
  -d "return_uri=http://example.com/orders/345678/complete" \
  -d "source=$SOURCE_ID"

{
  "object": "charge",
  "id": "chrg_test_5kdpogoazsz8hxuw3k1",
  "location": "/charges/chrg_test_5kdpogoazsz8hxuw3k1",
  "amount": 400000,
  "net": 384378,
  "fee": 14600,
  "fee_vat": 1022,
  "interest": 0,
  "interest_vat": 0,
  "funding_amount": 400000,
  "refunded_amount": 0,
  "authorized": false,
  "capturable": false,
  "capture": true,
  "disputable": false,
  "livemode": false,
  "refundable": false,
  "reversed": false,
  "reversible": false,
  "voided": false,
  "paid": false,
  "expired": false,
  "platform_fee": {
    "fixed": null,
    "amount": null,
    "percentage": null
  },
  "currency": "THB",
  "funding_currency": "THB",
  "ip": null,
  "refunds": {
    "object": "list",
    "data": [],
    "limit": 20,
    "offset": 0,
    "total": 0,
    "location": "/charges/chrg_test_5kdpogoazsz8hxuw3k1/refunds",
    "order": "chronological",
    "from": "1970-01-01T00:00:00Z",
    "to": "2020-06-30T03:53:40Z"
  },
  "link": null,
  "description": null,
  "metadata": {},
  "card": null,
  "source": {
    "object": "source",
    "id": "src_test_5kdpogbd69ypf6bnwq2",
    "livemode": false,
    "location": "/sources/src_test_5kdpogbd69ypf6bnwq2",
    "amount": 400000,
    "barcode": null,
    "created_at": "2020-06-30T03:53:38Z",
    "currency": "THB",
    "email": null,
    "flow": "redirect",
    "installment_term": null,
    "name": null,
    "mobile_number": null,
    "phone_number": null,
    "scannable_code": null,
    "references": null,
    "store_id": null,
    "store_name": null,
    "terminal_id": null,
    "type": "points_citi",
    "zero_interest_installments": null
  },
  "schedule": null,
  "customer": null,
  "dispute": null,
  "transaction": null,
  "failure_code": null,
  "failure_message": null,
  "status": "pending",
  "authorize_uri": "https://pay.omise.co/payments/pay2_test_5kdpogodhbsoyf9s1bs/authorize",
  "return_uri": "http://example.com/orders/345678/complete",
  "created_at": "2020-06-30T03:53:40Z",
  "paid_at": null,
  "expires_at": "2020-07-07T03:53:40Z",
  "expired_at": null,
  "reversed_at": null,
  "zero_interest_installments": false
}

Creating a source and charge

Alternatively, you can create and charge a source in a single API request.

curl https://api.omise.co/charges \
  -X POST \
  -u $OMISE_SECRET_KEY: \
  -d "amount=400000" \
  -d "currency=THB" \
  -d "return_uri=http://example.com/orders/345678/complete" \
  -d "source[type]=points_citi"

Completing the charge

At this point, you have created a new charge with its status set to pending. Other possible values for charge status are successful, failed, and expired.

The following sections detail how to authorize a charge, receive its completion webhook event, and update its status.

This sequence diagram shows the entire flow.

sequenceDiagram participant customer participant omise.js participant merchant participant api.omise.co customer->>omise.js: Send payment details for purchase omise.js->>api.omise.co: Request source using payment details api.omise.co-->>omise.js: Return source omise.js->>merchant: Merchant gets returned source merchant->>api.omise.co: Request charge using source and purchase details api.omise.co-xmerchant: Send "charge.create" webhook api.omise.co-->>merchant: Return charge merchant->>customer: Redirect to "authorize_uri" for pending charge customer->>api.omise.co: Provide charge authorization details at "authorize_uri" api.omise.co-->>customer: Redirect to "return_uri" api.omise.co-xmerchant: Send "charge.complete" webhook merchant-xcustomer: Send charge result (e.g. via email)

Authorizing the charge

Redirect the customer to location specified in authorize_uri so that they can authorize the charge.

You can simulate this authorization phase in test mode by visiting the authorize_uri to manually mark the charge as Successful or Failed. After the customer has completed the authorization phase, they will be redirected to the location you specified in return_uri.

Receiving the charge completion event

The best way for you to be notified of the completion of a charge is using webhook events. Set up a location on your server to receive webhook events, and add this location as a webhook endpoint on the dashboard.

Once a charge is completed, a POST request will be sent to this endpoint with the charge response embedded.

The key attribute for the event object contains charge.complete and the data attribute contains the charge object. See Events API for event object structure.

Checking the charge status

After receiving this event, retrieve the charge using its id and confirm that its status matches the status of the charge contained in the event.

If the value of status is successful, you got paid. If the value of status is failed, check the failure_code and failure_message in the charge object for an explanation.

Possible failure codes are listed below.

Failure Code	Description
`payment_rejected`	Payment rejected by issuer.
`failed_processing`	General payment processing failure.
`insufficient_fund`	Insufficient funds in the account or the payment method has reached its limit.

Voids and refunds

Pay with Points charges cannot be voided or refunded through Omise. Please advise customers to contact their bank directly.

Limits

Minimum: 2000 (THB20.00)
Maximum: 15000000 (THB150,000.00)