Client SDKs require a form of authorization to interact with the Braintree gateway. The type of authorization you provide to your client determines what the client can do.
We offer two forms of client authorization:
- A tokenization key is a lightweight reusable value that authorizes payment method tokenization.
- A client token is a single use value that authorizes payment method tokenization, payment method retrieval, and client-side vaulting.
|Client Token||Tokenization Key|
|Creation||Generated using server-side library||Generated in Control Panel|
|Delivery to your client||Must be sent from your server||Can be shipped with your app|
|Payment method vaulting||Yes (with customer ID)||Requires sending a payment method nonce to your server|
|List payment methods||Yes (with customer ID)||No|
|Supply configuration information||Yes||No|
|Payment method tokenization||Yes||Yes|
|Apple Pay and Android Pay||Yes||Yes|
Tokenization keys do not require any interaction with your server until after payment information is tokenized. If you want to collect payment information to hand off to your server, tokenization keys are ideal.
Tokenization keys are also useful for situations where you want to tokenize payment information as simply as possible. If you do not manage customers in the Vault, tokenization keys should do everything you need.
Client tokens allow use of the full range of Drop-in functionality. If you want customers to save their payment methods directly from your client or want to present returning customers with a list of their saved payment methods, use client tokens.
If your client apps allow both guests and registered users to make purchases, you may wish to use both tokenization keys and client tokens. If this applies, instantiate a new Braintree instance with your authentication method of choice.