By default, all granted payment method nonces are vaultable. Once the recipient vaults a granted payment method nonce, the resulting payment method behaves like any other in their Vault, with two exceptions: granting and exporting.
- Grant: If the receiving merchant is also granting their own payment methods to another Braintree merchant, they will not be able to grant payment methods they received through the Grant API.
- Export: If the receiving merchant chooses to leave Braintree in the future, we will not include any granted payment methods when we export their vaulted data to another payment gateway.
When using the Grant API, you can control whether or not the recipient is able to vault a granted payment method. If you don't allow vaulting, the recipient will only be able to create a single transaction with the granted payment method nonce.
You can do this by setting
Billing address information is not included on granted payment method nonces by default, and CVV is never included. As the grantor, you can choose to share the billing postal code with the receiving merchant when granting a payment method by
IncludeBillingPostalCode option to
When the receiving merchant makes a transaction or verification request with the granted payment method nonce, the processor will return the expected AVS and CVV response codes (e.g. M if the postal code matches, I if the information is not provided), but the responses will not trigger any AVS or CVV rules enabled in their gateway.
In some cases, recipient merchants may desire additional information (that is not shared via the Grant API) to mitigate risk before creating the transaction. It is between the grantor and recipient to determine what additional information that they would like to share with each other.
Still have questions?
If you can’t find an answer, contact our Support team.