Before you can use Secure Fields in your web checkout we will need to create a checkout session.

Install a server-side SDK

Use the package manager in your preferred programming language to install our server-side SDK. Token generation can only be done server side and we do not recommend doing this client side as it will expose your API key to your customers.

Please install the latest release of your preferred SDK.

Initialize the SDK client

Next, initialize the SDK with the ID of your instance and the private key.

The Gr4vy ID is the unique identifier for your instance. Together with the environment (sandbox or production) it is used to connect to the right APIs.

The possible values for your ID are one of wpay, wpay1, wpay2, or wpay3. We will inform you in which instance your account has been set up.

This assumes the key you created in the previous step is kept in a file called private_key.pem that is kept in the same folder next to the code. You could store this key in an environment variable or a secure vault.

Generate a checkout session

The final step is to create a new checkout session for use by Secure Fields.

The id if this session can now be passed to your checkout page, where it can be used by Secure Fields.


In this step you:

  • Installed the SDK
  • Created a new checkout session.
  • Passed the id if this session your front-end application, where it will be used by Secure Fields.