Let’s add our first customer, and set them up with a Direct Debit mandate.
- A customer is a person or company we want to take payments from.
- A mandate is an authorisation from a customer to take payments from their bank account - once you have a mandate set up, you can charge the customer with future API calls. (A customer can have multiple mandates, but you’ll almost always only want one.)
When setting up a mandate, your setup process (e.g. a set of payment screens on a screen or a paper form) must comply with Direct Debit scheme rules. To make this easy for you, GoCardless hosts secure and fully-compliant payment pages that have been translated into many European languages.
The Redirect Flow API lets you use these hosted payment pages. Once your customer enters their bank details, you will be set up with everything you need at once: a customer, a customer bank account, and a mandate.
Redirect Flows
Redirect flows enable you to use GoCardless’ hosted payment pages to set up mandates with your customers. These pages are fully compliant and have been translated into Dutch, French, German, Italian, Portuguese, Spanish and Swedish.
The overall flow is:
-
You create a redirect flow for your customer, and redirect them to the returned redirect url, e.g.
https://pay.gocardless.com/flow/RE123
. -
Your customer supplies their name, email, address, and bank account details, and submits the form. This securely stores their details, and redirects them back to your
success_redirect_url
withredirect_flow_id=RE123
in the querystring. -
You complete the redirect flow, which creates a customer, customer bank account, and mandate, and returns the ID of the mandate. You may wish to create a subscription or payment at this point.
Once you have completed the redirect flow via the API, you should display a confirmation page to your customer, confirming that their Direct Debit has been set up. You can build your own page, or redirect to the one we provide in the confirmation_url
attribute of the redirect flow.
Redirect flows expire 30 minutes after they are first created. You cannot complete an expired redirect flow.
For code samples, please refer to the endpoints linked above.