Step 1: Get familiar with the Virtual Cards APIs
The Reference section contains details about Virtual Cards APIs. As the first step for your implementation, we recommend getting familiar with the sequence diagrams and corresponding APIs for Virtual Cards, including, enrollment, retrieval, unenrollment and transaction management flows.
Overview and benefits of the product is on the Home page, whereas frequently asked questions can be found on the FAQ page.
Step 2: Connectivity and idempotency requirements
It is important to understand and ensure you are able to support the transport layer and application layer security requirements as well as the protocol standards, notably those related to idempotency, prior to integrating.
Step 3: Work with Google to set up your configuration
Google needs to configure host(s) and application layer encryption (PGP or JWE) to establish communication with the Virtual Cards APIs you implement.
Firstly, you need to determine the URL for the host(s) on your side responsible for serving the APIs. If your implementation is split across multiple hosts (e.g. a 3rd party core or other service provider), indicate which endpoints are served directly by you and which are handled on your behalf by a service provider.
Secondly, if you are hosting any of the APIs, you need to setup either PGP (preferred) or JWE that should be used for application layer encryption with your endpoints.
To initiate your configuration and key exchange process, provide the following to your Google technical point of contact:
- The hostname for the server(s) responsible for serving the Virtual Cards APIs
- The subpath to your API implementation
- The public portion of PGP/JWE keys generated
Once Google has set up your configuration, Google replies with your Payment Integrator Account ID (PIAID) and Google's public PGP/JWE key specific to the endpoints you are hosting.
Step 4: Establish sandbox echo connectivity
Once you have verified you can meet the integration requirements
(step 2),
have your PGP/JWE encryption configured, and have a
Payment Integrator Account ID (PIAID)
from Google
(step 3),
you are ready to implement and
test the Google hosted echo
and your hosted echo endpoints. Refer to echo definitions in the
Virtual Cards APIs under
Reference.
These scripts use the Google-hosted Sandbox environment echo method to test baseline connectivity:
- Script using V1
echo: gsp_sandbox_echo.sh - Script using V2
echo: gsp_sandbox_echo_v2.sh
Step 5: Integrate with the APIs
Once you have the echo endpoints working in sandbox, you're ready to
integrate with the rest of the Virtual Cards APIs.
Refer to Virtual Cards APIs under the Reference section.
Step 6: Testing
As development wraps up follow the testing process to prepare for launch, which includes the test cases expected to be executed to validate your Virtual Cards APIs implementation.
Step 7: Launch!
Follow the launch process to ensure as smooth a release as possible.