Worldpay Forward API — PCI-scope-reducing proxy/tokenizer.
The Forward API acts as a transparent proxy between your systems and third-party APIs. It tokenizes sensitive card data in-flight so that raw PANs never touch your servers.
How it works
- You POST to the Forward API with card data + target endpoint
- Worldpay tokenizes the card data
- The request is forwarded to the target with tokens in place of PANs
- The response is returned to you
Keeps merchants out of PCI scope for integrations with third-party processors, analytics platforms, or legacy systems.
Summary
Functions
Detokenize in a forwarded response — retrieve raw values from tokens in a response.
Forward a request with card data to a target endpoint.
Functions
@spec detokenize_response(map(), Worldpay.Config.t()) :: {:ok, map()} | {:error, Worldpay.Error.t()}
Detokenize in a forwarded response — retrieve raw values from tokens in a response.
@spec forward(map(), Worldpay.Config.t()) :: {:ok, map()} | {:error, Worldpay.Error.t()}
Forward a request with card data to a target endpoint.
Worldpay intercepts, tokenizes card fields, and forwards.
body fields
targetUrl— the third-party endpoint to forward tomethod— HTTP method ("POST"|"GET"|"PUT")headers— headers to pass through to targetbody— request body (card fields will be tokenized)tokenizeFields— list of field paths to tokenize before forwarding