Is it possible to use the REST API services to get the customer credit card token or Information for a custom application that integrates with Epicor?
I believe the logic that calls CRE is inside internal libraries that are not exposed in REST.
Maybe CRE provides its own integration capabilities, but I have no idea.
What are you trying to do @amoustafaLeb? (The business case, not the technical one)
We are trying to build a custom application that integrates with Epicor and we need to do the payment from there, so we want to benefit from the saved credit cards information in order to prevent repeated data entering. Also, in case we need to enter the data each time or for a new card, we want to know how to integrate the Credit Card Entry page.
This is the technical problem. The business problem might be more like:
“We want users to configure and buy our products online.”
Knowing how you came to the “build a custom solution” decision would help in addressing your technical problem. Do you own Epicor’s most recent credit card package (CRE?)
I was about to say CRE saves credit cards, doesn’t it?
Yes, we migrated to 10.2.600 version that have the CRE
Yes it does.
It saves a token that can be used again. (It’s not good to save CC numbers themselves…)
If he wants to reuse that capability, he might be able to create the order with an Epicor function that performs all of the same steps as entering it in regular order entry.
If the re-using the credit card is less important to a customer (I generally don’t want merchants to keep it on file…) then you can get a Payeezy account ($10/month) and perform various card transactions from your own application.
Again, it depends on what the business case is and what the customers are asking for.
Payeezy still uses your Epicor Merchant account.
Ahmad, I’m curious if you looked at EBizCharge? It’s a 3rd party CC processing product/solution/integration that a lot of Epicor customers are using. Not saying you should abandon what you’re trying and use that, but just curious if you looked at it and then decided against it for some reason?
It can store credit cards for reuse in Epicor or your website, etc., but the CC data is stored on the vendor’s side. Some people balk at that, but the vendor (Century Business Solutions) is PCIS, etc. compliant and knows what they’re doing in terms of security. It also removes a lot of overhead from your systems… No need to deal with storing tokens and such yourself.
Stored credit cards essentially get linked to Customer IDs. So a custom app / website talks directly to CBS through their APIs to make a payment. CBS sends back transaction IDs, so your app just needs to take those and feed it to Epicor when creating an order.
Payeezy, the developer front-end to the system that CRE uses, can use PAN codes.
One way of approach is to use our Payeezy.JS integration method to tokenize your customers’ credit cards and then save the tokens on your end for use in future purchases. Remember that payeezy will not store your customer details but rather only the lookup of PAN using tokens. So, creating a customer login and customer profile is something you will need to do on your end. What Payeezy.JS affords for you is it reduces the risk of storing actual PAN numbers on your end and thereby reduces the PCI scope.
The question with Epicor’s CRE is: are the tokens in the ERP database or in the CRE server?
I hope it’s actually tied to the Customer Number, as the Cust ID can change.
Is it possible to call the https://sce.toogo.io/ entry form using a web service and get the response?
Or, is it possible to do the payment on Paypal and set the invoice as paid on Epicor?
If you already own CRE, then you have this capability. If you move outside of CRE then you’re going to have to rewrite and manage that functionality on your own - including all of the PCI related compliance.
Can you give me a code example of such implementation?
A rewrite of CRE? Or drive the sales order from your app?
If you’re going to drive the Sales Order from a Function, it’s as easy (and as difficult) to do the trace of several credit card sales orders and mimic the same calling sequence from an Epicor Function. Once you have a function working, you can expose it to your application via REST.
i have done the part of tracing and implementing the REST part for the full process. But, i need to rewrite the part of the call for the CRE.
I suggest that you look at EBizCharge which is an integrated payments processing application that is fully integrated with Epicor. It includes the integration, payment Gateway and Level II and III processing which will save you money, keep you PCI compliant. www.centurybizsolutions.com is where you will find more info.