Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Welcome to CardinalCommerce documentation for implementing Cardinal Cruise. Cardinal Cruise JavaScript (JS) is a simple and easy solution that will allow you to easily enable Cardinal's Consumer Authentication (CCA) and other Alternative Payment brands.

Our online documentation for Cardinal Cruise consists of a Getting Started section to build a baseline integration as well as supplemental sections that include specific requirements for integrating CCA or Alternative Payment brands.

A Cardinal Cruise integration consists of a JavaScript file, called Songbird.js, JWT's for client authentication, JSON objects to pass from your merchant front-end environment to Cardinal, and event handlers to know when events have completed.

After completing the Getting Started section (at the bottom of the page) you may select the Consumer Authentication section to learn about two implementation approaches (Cardinal Cruise Standard or Cardinal Cruise Hybrid) or by selecting a supported Alternative Payment brand.

Prerequisites

To implement Cardinal Cruise, a merchant must have already completed the following steps:


Info
titleTLS Global Mandate

It is important to note that the Cardinal Cruise integration of Javascript, specifically Songbird.js, uses TLS 1.2 cipher suites and protocols and above. If you are currently using a deprecated TLS cipher suite and protocol (Ie: TLS 1.0 or 1.1) you will be required to upgrade to the latest and approved TLS 1.2 cipher suites and protocols. You can find the approved cipher suite list here.


Table of Contents



How it Works

Cardinal Cruise uses Songbird.js to perform most of the heavy lifting on behalf of our customers.  It will handle all device data collection and communication with our Cardinal Centinel platform, as well as the user experience to the consumer for both CCA and Alternative Payment brands.



Because Songbird is a client side JavaScript library it can only interact with payment brands client side. Any interactions that require server side implementations - such as our Cardinal Cruise Hybrid integration - are out of scope for Songbird.js, and the merchant may need to integrate to the Cardinal Centinel platform directly.

The diagram below shows the high-level event execution order of a transaction from the merchant's perspective. The enumerated events do not map to the integration steps found within this document. The enumerated events are simply to help illustrate the order events occur in during a transaction.

Info
titleNote

Not all payment brand flows are the same. The document below illustrates the most common flow and event chain. Refer to the specific payment brand sections for specifics on a particular payment brand.

Step 1: JWT Creation

Our Cardinal Cruise integration uses JWT's (JSON Web Token) as the method of authentication between the merchant and Cardinal servers. A valid JWT is required to properly initialize Songbird.js and any JWT library that supports JWS (JSON Web Signature) can be used. If you don't currently have a JWT library, we recommend reviewing some of the options available at jwt.io.

Note
titleSecurity Warning
For security reasons, all JWT creation must be done on the server side. When creating the JWT, use your company API Key as the JWT secret. 


Info
titleLooking for more information?
For more in-depth information on JWT creation, including code samples in a few languages, check out the JWT Creation page.


Insert excerpt
JWT Creation
JWT Creation
nopaneltrue

Adding Songbird to Your Front End

Now that we're able to authenticate with Cardinal servers using JWTs, we can start adding the Songbird library to your site. 

Step 2: Include the Script

Songbird.js is added to your site just like any other client side script - through a script tag. For performance reasons, it's generally a good practice to put script includes after all of your content, but before the closing HTML body tag. This will help prevent the page from blocking other resources like image downloading while downloading scripts. Just be sure that the Songbird script include comes before the script tag containing the rest of the Songbird steps.

Info
titleSongbird CDN

Songbird URL's will change with each environment. Refer to the Songbird CDN links for a list of available endpoints.


Code Block
languagexml
titleScript Include
linenumberstrue
<script src="https://songbirdstag.cardinalcommerce.com/cardinalcruise/v1/songbird.js"></script>

Step 3: Configure It

There are a number of configuration options for Cardinal Cruise. Using the Cardinal.configure() function allows you to pass a configuration object into Songbird. You should only call this function once per page load. During your development, you will most likely want control over the logging volume from the library. You can do this through the use of Cardinal.configure, as seen below:

Info
titleLooking for more configuration options?

Refer to the configurations section for all available configuration options


Code Block
languagejs
titleCardinal.configure
linenumberstrue
Cardinal.configure({
	logging: {
		level: "on"
	}
});

Anchor
ListenForEvents
ListenForEvents
Step 4: Listen for Events

Note
titlePassive Step

A passive step means that completing this step will not result in any visible action without completing the remaining steps of the integration. This particular step focuses on setting up callback functions, but not triggering the event that will execute the callbacks.

This function sets up an event subscription with Songbird to trigger a callback function when the event is triggered by Songbird. A valid subscription requires a namespace and a callback function to be run when the event is triggered. Calling this function with the same namespace multiple times will result in a callback being triggered multiple times. To read more on events and how the subscription and publisher model works in Songbird, refer to the Songbird API Reference section on Cardinal.on().

Info
titleLooking for more events?

Check out all available Songbird events on the Songbird API Reference page.


You subscribe to an event using the Cardinal.on() function structured like:

Code Block
Cardinal.on(EVENT_NAME_SPACE, CALLBACK_FUNCTION);

Using actual values it looks something like this:

Code Block
languagejs
titleCardinal.on
linenumberstrue
Cardinal.on('payments.setupComplete', function(){
	// Do something
});

payments.setupComplete

This optional event triggers when Songbird has successfully initialized, after calling the Cardinal.setup() function. This event will not trigger if an error occurred during your Cardinal.setup() call (this includes a failed JWT authentication) and this event will only trigger once per page load. If your callback gets executed, you know that Songbird is available to run transactions. This function will receive 2 arguments that describe the loaded state of Songbird and the current session identifier.

Info
titleLooking for more details?

For more information on this event, check out the payments.setupComplete event documentationSongbird Objects page.


Code Block
languagejs
titlepayments.setupComplete Event
linenumberstrue
Cardinal.on('payments.setupComplete', function(setupCompleteData){
    // Do something
});

payments.validated

This event is triggered when the transaction has been finished. This is how Songbird hands back control to the merchant's webpage. This event will include data on how the transaction attempt ended and should be where you place logic for reviewing the results of the transaction and making decisions regarding next steps. The ActionCode field should be used to determine the overall state of the transaction. Additional information can be found in the fields ErrorNumber and ErrorDescription if the ActionCode indicates an issue was encountered. On first pass, we recommend that on an ActionCode of 'SUCCESS' you send the response JWT to your backend to be verified. There is more on verifying JWT's in the next section. When you add CCA or an Alternative Payment brand, additional details will be provided on how to handle the specific response values for each. Each additional payment brand you add may return some values that are specific to that payment brand, and may require special handling logic.

Info
titleLooking for more details?

For more information on this event including details about the response, check out the payments.validated event documentation.


Code Block
languagejs
titlepayments.validated Event
linenumberstrue
Cardinal.on("payments.validated", function (data, jwt) {
	switch(data.ActionCode){
	  case "SUCCESS":
	  // Handle successful transaction, send JWT to backend to verify
	  break;
    
	  case "NOACTION":
	  // Handle no actionable outcome
	  break;
    
	  case "FAILURE":
	  // Handle failed transaction attempt
	  break;
    
	  case "ERROR":
	  // Handle service level error
	  break;
  }
});


Step 5: Initialize It

Next we need to authenticate your system and set up CCA or all the Alternative Payment brands your account is configured for. Calling Cardinal.setup() will initiate the communication process with Cardinal to ensure your consumers' experience is seamless. By the time the consumer is ready to checkout, all necessary pre-processing will be completed. You can listen for the payments.setupComplete event to be notified when Songbird has finished initializing. Check out the Listen for Events section for more. You should only call this function once per page load.

Info

The following function must be placed after the script include shown in Step 2.


Info

A common way to pass your JWT into this JavaScript function is to place the JWT value into a hidden input on page load. Within Cardinal.setup(), you can then look for that element and select its value.

Hidden Input Example:

Code Block
languagexml
titleJWT Hidden Field
<input type="hidden" id="JWTContainer" value="[Insert your JWT here]" />



Code Block
languagejs
titleCardinal.setup
linenumberstrue
Cardinal.setup("init", {
	jwt: document.getElementById("JWTContainer").value
});

Cardinal.setup does not catch errors.  Use the payments.validated event mentioned in Step 4 instead.

Next: Add Consumer Authentication or an Alternative Payment Brand

You have now completed a base implementation of Songbird and you're ready to add Cardinal Consumer Authentication or an Alternative Payment brand and start running some transactions. Select CCA or the Alternative Payment brand you'd like to add from the menu on the left or below. 

Info
titleNot sure which to start with?

Ready to add Cardinal Consumer Authentication!