availability

The Grant API is currently in a limited release. To determine whether it's right for your needs and to request access to the API, contact our Business Development team.

The Grant API allows you to provide another Braintree merchant controlled access to one of your customer's payment methods. You can revoke access to this payment method at any time. Currently, credit cards, debit cards, and PayPal Channel Initiated Billing Agreements may be shared via the Grant API.

Who's involved

There are two parties involved in any grant:

  • Grantor: The Braintree merchant that owns the embedded experience and is sharing access to a payment method in their Vault. Typically, a grantor is an aggregator or a platform. The grantor is responsible for integrating with the Grant API.
  • Recipient: The Braintree merchant that is receiving a shared payment method from the grantor. In an embedded experience, the recipient is the merchant providing a product or service to the customer. Although the recipient is not the party that integrates with the Grant API, they are responsible for providing the grantor with consent to share payment methods with them via OAuth.
note

This guide is written from the perspective of the grantor.

How it works

The recipient must first consent to receive payment information from the grantor. Typically, this only needs to be done once per relationship. Our configuration page describes how to set this up.

Once the recipient has given their consent, the grantor can create payment method nonces on their behalf using PaymentMethod.grant(). For example:

Ruby
Copy
Copied
gateway = Braintree::Gateway.new(
  :access_token => access_token_for_recipient
)

grant_result = gateway.payment_method.grant(
  "the_payment_method_token",
  :allow_vaulting => true,
  :include_billing_postal_code => true
)
nonce_to_send_to_recipient = grant_result.payment_method_nonce.nonce
# ...

PaymentMethod.grant() returns a payment method nonce that the grantor is responsible for sending to the recipient. The recipient will use this nonce to create a transaction or store the payment method in their own Vault.

note

We recommend verifying cards before you grant them to ensure you're sharing valid payment information.

If you wish to create transactions on another merchant's behalf using payment methods stored in your Vault, the Shared Vault feature allows that capability.

Next Page: Configuration →

Still have questions?

If you can’t find an answer, contact our Support team