Token Delete

The Token Delete API allows merchants to remove a customer's saved payment token. This feature is useful when customers want to delete their saved payment method or when a card is no longer valid.

API Request Parameters

POST

Key Parameters

• id - The binding information ID returned in the Token Query response

Note

• All JSON fields must be stringified before submission
• Nested objects must be serialized to JSON string format
• JSON fields must not contain unescaped special characters
• Arrays in JSON should be properly formatted
• Example of JSON string field:

{
    "object": "{\"obj-key1\":\"v1\",\"obj-key2\":\"v2\"}",
    "complex": "{\"k1\":\"v1\",\"array\":\"[{\\\"obj-key3\\\":\\\"v3\\\",\\\"obj-key4\\\":\\\"v4\\\"}]\"}"
}

Parameter	Type	Length	Required	Signed	Description
merchantNo	String	20	Yes	Yes	Merchant number assigned by Onerway, obtained from Onerway dashboard
id	String	/	Yes	Yes	Payment token ID returned in the Token Query response
sign	String	/	Yes	No	Digital signature string for request verification. Please refer to Signature for signature generation method.

Response

Name	Type	Description
respCode	String	Response code from Onerway
respMsg	String	Response message from Onerway
data	Object	Response data. Refer to object data

data

Name	Type	Description
success	Boolean	Token deletion result.
sign	String	Signature string used for response verification. Please refer to Signature for verification method details and implementation examples.

Integration Process

The Token Delete integration process follows a simple request-response flow:

In this process:

• Merchant system sends a token delete request with the binding ID
• Onerway processes the request and removes the token binding
• Onerway returns the deletion result
• Merchant updates their records to reflect the deleted payment method

API Usage Examples

Delete Token Example

Use this method to delete a saved payment token:

Request

{
    "id": "1919777298473115649",
    "merchantNo": "800209",
    "sign": "d994f85b5862ba5979bea1e90c96ed955e74fcf841c6b26affd005a728e21794"
}

Response

{
    "respCode": "20000",
    "respMsg": "Success",
    "data": {
        "success": true,
        "sign": "899988f6f4fff6e522eedbadd8aa4bdad15c96c283d8ef86af5f5cc7bb9d0963"
    }
}

Important

• Once a token is deleted, it cannot be recovered
• Any future payment attempts using the deleted token will fail
• Ensure proper customer authentication before processing token deletion requests

Common Error Scenarios and Solutions

Implementation Best Practices

1. User Authentication: Verify the customer's identity before deleting their token

2. Confirmation Process: Include a confirmation step before processing token deletion to prevent accidental removals

3. Transaction Check: Verify there are no pending transactions using the token before deletion

4. UI Integration: Provide a user-friendly interface for customers to manage their saved payment methods

5. Error Handling: Implement proper error handling for token deletion failures

6. Logging: Maintain logs of token deletion operations for security and compliance purposes

7. Token Usage Validation: Before deletion, check if the token is being used for recurring payments or subscriptions

Merchant Integration Checklist

Before implementing the Token Delete API in your production environment, ensure you have:

• User interface for managing saved payment methods
• Customer authentication process
• Confirmation flow before deletion
• Error handling mechanisms
• Transaction verification process
• Logging and audit trail implementation
• Testing completed in sandbox environment