Skip to main content

Payment Gateway Authentication

Zuora

Payment Gateway Authentication

You can use the Gateway Authentication setting to create and manage the OAuth tokens for the following types of gateways that support OAuth 2.0 authentication:

  • GoCardless 
  • Stripe v1
  • Stripe v2

All active tokens displayed on the Gateway Authentication page are available for configuration on the gateway configuration page for new and existing gateway instances that support OAuth 2.0 authentication.

With the OAuth token specified, the gateway instances in Zuora will include the token in each request sent to the gateway to perform the OAuth 2.0 authentication.

To update a gateway instance that is in use with an OAuth token, you must ensure that the token generated and associated with this instance authenticates with the same merchant account as before.

For PayPal Commerce Platform gateway integrations, you can leverage the Gateway Authentication setting to create and manage merchant IDs that can be used as the credentials to access the gateway. See Create and manage merchant IDs for PayPal Commerce Platform for more information.

Create an OAuth access token

Take the following steps to create a new OAuth token:

  1. Navigate to the Payments Settings page and click Gateway Authentication.
  2. Select the gateway type from the list and click create authentication. The New Authentication page opens.

  3. Enter a name for the token that can help you identify the token.

  4. Verify that the correct type of gateway is selected.

  5. If you want to use the gateway test environment, select Use Gateway Test Environment.

  6. Click save. You are then directed to the gateway app login page.

  7. Take the following steps to complete the token creation on the gateway app login page. If you encounter any problems in your login and connection process, please contact the GoCardless or Stripe support.

    • GoCardless:

      1. Ensure the user account that the token is created for has the read-write access level.

      2. Enter your email address and password that are used to log into your GoCardless merchant account.

      3. Ensure that the I agree to the Connected Merchant Agreement checkbox is selected, and click Connect account. You are then redirected back to your Zuora tenant.

      If you are inviting a team member, ensure the read-write access level is selected.

    • Stripe

      1. Enter your email address and password to log into your Stripe merchant account. If you want to connect to an existing Stripe account, ensure that your email address has been included in the Team Member list in Stripe for this account. Contact your Stripe account administrator to add your email to the list.

      2. After you log into your Stripe account, select the account to be connected.

      3. Click Connect. You are then redirected back to your Zuora tenant.

        On the Stripe login page, if you are in the test mode, a Skip this form button is available at the top. If you click Skip this form, a test access token is created for accessing and testing functions, but it is not linked to your account. With this test access token, you are not able to view any payment transaction logs because your Stripe account is not connected to your Zuora account yet. You cannot make the refund with this test token for the payment that was created before you create this access token. For more information, please contact Stripe.

You can find that the created token with the specified name and active status is displayed in the token list.

Re-authenticate an OAuth access token

For either of the following cases, re-authenticate your token:

  • Your token is in the Pending Authorize status. This indicates that a credential was created in Zuora, but a user has not yet completed the sign-in flow with the gateway.
  • Your token is in the Authentication Required status. This occurs when there are changes to your token configuration at the gateway side after the token for payment gateway access is created in Zuora.

Complete the following steps to re-authenticate a token:

  1. Navigate to the Payments Settings page and click Gateway Authentication.
  2. Find your OAuth token to be authenticated and click Authorize for the token. 
  3. You are then directed to the gateway app login page. For more information on how to proceed with the app login page, see Create an OAuth access token.

Delete an OAuth access token

You can delete the OAuth access token that is not associated with any gateway instances. To delete an OAuth access token, navigate to the Payments Settings page, click Gateway Authentication, and then click Delete next to the token that you want to delete.

Create and manage merchant IDs for PayPal Commerce Platform

For PayPal Commerce Platform gateway integrations, you can leverage the Gateway Authentication setting to create and manage merchant IDs that can be used as the credentials to access the PayPal Commerce Platform gateway.

  1. Enter your primary email address and password that are used to log into your PayPal merchant account, and then click Log In. If your email address has not been verified and included in your PayPal merchant account, contact your PayPal account administrator. Note that only the primary email address on your merchant account can be used.
  2. If you agree to authorize the permissions listed on the page, click Agree and Connect. You are then redirected back to your Zuora tenant.