1. Developers
AXS Developer Hub
  • Getting Started
    • Overview
    • Account Setup
    • Merchant Branding
    • Payment Link
  • Developers
    • Payment Link Integration
    • QR Code Integration
    • Transaction Query
    • Card on File
  • Point of Sale
    • PayCube
    • Function & Response Codes
  • Plugin
    • WooCommerce
  • Appendix
    • Test Cards
    • Reserved Amounts
  1. Developers

Card on File

Overview#

The AXS Card on File service allows merchants to securely store a customer's VISA & MasterCard credentials and charge them later at your schedule.
You will have full control over when and how much to charge your customer.
You're creating a payment page where the customer authorizes you to save their payment card credentials. Once saved, you can charge it anytime via API without the customer needing to re-enter their card details.

Start Integrating#

Starts integrating into your system in 3 steps:
1. Request For Payment Link
Use the link generator API to request a checkout URL to redirect the customer.
2. Customer Input Card Details
Redirect the customer to the checkout URL where they can input their card details and authorize it.
3. Charge The Saved Card
Once you have the card token, use the payment API to bill the customer any amount, anytime. No customer interaction required.

Step 1: Request for Payment Link#

Get a payment link by calling AXS API and redirect your customer to provide their card details. The card details will be returned to you as token.

Endpoint#

UAT
Production
POST https://member.uat.pay.axs.com.sg/api/hpp/v1/merchant/{merchantMid}/encrypted

Request Body#

Schema#
{
  "data": "string (JWE compact serialization)"
}
AXS uses JSON Web Encryption (JWE) to encrypt the request parameters. Do refer below for the JWE header info:
alg PBES2-HS512+A256KW
enc A256GCM
p2s Salt (UUID)
p2c Iteration (fixed value: 1000)
kid Client ID

Request Parameters#

Parameters
Required
Remarks
nameName of Service or Product used with this payment link. (1–30 characters)
amountPayment amount in cents.
1. Example: 100 = $1.00
2. Min $0.00 and max amount = $9,999,999.00
currencyCodePayment currency (e.g., SGD) based on ISO 4217
Currently only support SGD.
allowEditFixed amount or allow payer to update the amount.
Default Boolean : false
billingTypeCurrent payment type : ONE_TIME
startDateStart date and time when the payment link becomes active in UTC format (YYYY-MM-DDTHH:mm:ssZ)
Default: UTC now
endDateEnd date and time when the payment link expires in UTC format (YYYY-MM-DDTHH:mm:ssZ).
maxPaymentSuccessCountMaximum allowed number of payments to accept or allow unlimited payments via payment link.
Empty default unlimited.
remarksEnabledWhether the remarks field is enabled on the payment page.
Default Boolean : true
timezoneTimezone used for the link.
Must be a valid IANA time zone identifier (e.g: Asia/Singapore).
See: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
Default : Timezone from merchant detail
Sample Request Data
{"name": "Test Token", "amount": "0", "currencyCode": "SGD", "allowEdit": false, "billingType": "ONE_TIME", "startDate": "", "endDate": "2026-12-28T14:15:00Z", "maxPaymentSuccessCount": 100, "remarksEnabled": false, "timezone": "Asia/Singapore"}
Sample Code
Sample Final URL

Response#

https://{domain}/hpp/checkout/II4GNB19FF

Step 2: Customer Input Card Details#

Redirect the customer to the payment URL where they can input their card details and authorize it.
image.png
Before redirect customer to the payment page, merchant may customize the URL according to their needs using parameters below.

Request Parameters#

Parameters
Remarks
amountPayment amount in cents.
1. Example: 100 = $1.00
2. Min $0.00 and max amount = $9,999,999.00
merchantRefMerchant's unique merchant reference.
Max 40 characters.
terminalIdMerchant's input information.
To be displayed in Merchant Portal.
webhookUrlThis URL will overwrite preset URL in Merchant Branding.
successUrlThis URL will overwrite preset URL in Merchant Branding.
failUrlThis URL will overwrite preset URL in Merchant Branding.
After customer provided card details using the payment link generated, a webhook notification will be triggered from AXS' server to your server about the token information.
Decrypt the JWE payload using the same secret key used for encryption in Step 1.

Webhook Parameters#

The following fields are sent with the webhook request:
Parameters
Required
Remarks
amountPayment amount in dollar. Example: 101.01
currencyPayment currency (e.g., SGD) based on ISO 4217
Currently only support SGD.
transactionRefAXS' unique transaction reference. Example: 1448241333514969089
merchantRefMerchant's unique merchant reference.
statusPayment status:
SUCCESS - Card tokenized successful.
DECLINED - Card tokenization declined.
responseCodePayment response code.
Example:
00 - payment successful
85 - card is valid to proceed
Other codes - unsuccessful
paymentSchemePayment scheme.
Available value: VISA / MASTERCARD
paymentDateTimePayment date time in (ISO 8601) standard.
Example: 2025-12-10T09:14:01.201466Z
tokenObject list of token details.
token.tokenIdCard token to be stored by merchant for future payment.
token.schemeVISA / MASTERCARD
token.maskedPanMasked card number.
Example : 411111XXXXXX1111
token.expiryCard expiry
Example : 0139

Step 3: Charge the Saved Method#

After the customer has provided their card details, you can charge them anytime by calling the payment API.

Endpoint#

UAT
Production
POST https://member.uat.pay.axs.com.sg/api/hpp/v1/payment/pay

Request Body#

Schema#
{
  "data": "string (JWE compact serialization)"
}
AXS uses JSON Web Encryption (JWE) to encrypt the request parameters. Do refer below for the JWE header info:
alg PBES2-HS512+A256KW
enc A256GCM
p2s Salt (UUID)
p2c Iteration (fixed value: 1000)
kid Client ID

Request Parameters#

Parameters
Required
Remarks
tokenToken of card received from webhook.
paymentTokenParamsObject list of payment token parameters
paymentTokenParams.amountPayment amount in cents.
1. Example: 100 = $1.00
2. Min $0.01 and max amount = $9,999,999.00
paymentTokenParams.currencyPayment currency (e.g., SGD) based on ISO 4217
Currently only support SGD.
paymentTokenParams.merchantRefMerchant's unique merchant reference.
Max 40 characters.
paymentTokenParams.webhookUrlThis URL will overwrite preset URL in Merchant Branding.
paymentTokenParams.terminalIdMerchant's input information.
To be displayed in Merchant Portal.
Sample Request Data
{"token": "4C94ACBD3E88B756E063AF598E0ABA22", "paymentTokenParams": {"currency": "SGD", "amount": "202", "merchantRef": "abc123", "terminalId": "Terminal-2"}}
Sample Final URL

Response Parameters#

Parameters
Remarks
paymentTransactionIdAXS internal payment trans Id.
statusSUCCESS / DECLINED
processorInformationObject list of response from payment gateway.
processorInformation.approvalCodeGateway approval code.
processorInformation.responseCodeGateway response code.
00 - Success
processorInformation.retrievalReferenceNumberGateway RRN
processorInformation.merchantReferenceFrom merchantRef parameter
processorInformation.transactionReferenceAXS unique transaction reference that can be found in Merchant Portal.
Example: 1452945254357237761
processorInformation.cardholderMessageCard holder message. Can be empty.
processorInformation.maskedPanMasked card number.
Example : 411111XXXXXX1111
processorInformation.expiryCard expiry. Can be empty.
processorInformation.issuerCountryAlphaIssuer Country.
Example : POL
processorInformation.issuerCountryNumericIssuer Country Code.
Example: 616
processorInformation.brandVISA / MASTERCARD
processorInformation.cardTypeDEBIT / CREDIT
Sample Response Data
{"paymentTransactionId":"7658211330066981303851","status":"SUCCESS","processorInformation":{"approvalCode":"831000","responseCode":"00","retrievalReferenceNumber":"526501172592","merchantReference":"abc123","transactionReference":"1484377199339216897","cardholderMessage":"","maskedPan":"411111XXXXXX1111","expiry":"","issuerCountryAlpha":"SGP","issuerCountryNumeric":"702","brand":"VISA","cardType":"DEBIT"}}
Previous
Transaction Query
Next
PayCube
Built with