Build your own UI

Develop your own UI for customers to authorise payments.


Simpler integration with TrueLayer UIs

Authorisation and related actions are handled automatically if you integrate with the hosted payment page, embedded payment page or a TrueLayer mobile UI. This includes embedded flows, which you must use a TrueLayer auth flow for unless you are regulated as a PISP.

Payment or mandate authorisation is separate to request signing and payment or mandate creation, and there is no TrueLayer library for it.

To integrate directly with the TrueLayer Payments API v3, you need to develop logic to perform the following:

  1. Include the authorization_flow parameter in your initial payment creation POST request to the /v3/payments endpoint.
    Alternatively, you can use a payment or mandate id as the path parameter in a POST request to the /v3/payments/{id}/authorization-flow or /v3/mandates/{id}/authorization-flow endpoint to start the authorisation flow.
  2. Check the response to see what the next required action is.
    The response also contains the data required to complete the action.
  3. Based on the next action type, provide appropriate data via a POST request.
    You may need to develop an interface for users to provide this data.
  4. Repeat steps 2 and 3 if the response says another action is required.
    If no action is required, the response returns the wait action and payment authorisation is complete.

Authorisation flow actions

In order to authorise a payment or mandate, your direct API integration needs to have logic to handle the different types of authorisation action. These actions relate to tasks such as selecting a provider, providing additional information for authorisation in certain regions, or redirecting a customer.

Learn more about the different types of authorisation action.

Different authorisation flow requirements

Depending on the region you are paying in, and the requirements of the provider your user is paying with, you may need to build logic to enable multiple different authorisation flows. This is particularly true if you plan to accept payments in Europe.

Your integration may need to take into account:

  • Providers which require your user to input additional information such as an IBAN or branch name
  • Providers which require embedded flows