PaymentRequest: merchantvalidation event
Limited availability
This feature is not Baseline because it does not work in some of the most widely-used browsers.
Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
Deprecated: This feature is no longer recommended. Though some browsers might still support it, it may have already been removed from the relevant web standards, may be in the process of being dropped, or may only be kept for compatibility purposes. Avoid using it, and update existing code if possible; see the compatibility table at the bottom of this page to guide your decision. Be aware that this feature may cease to work at any time.
merchantvalidation
events are delivered by the Payment Request API to a PaymentRequest
object when a payment handler requires that the merchant requesting the purchase validate itself as permitted to use the payment handler.
Learn how the merchant validation process works.
This event is not cancelable and does not bubble.
Syntax
Use the event name in methods like addEventListener()
, or set an event handler property.
addEventListener("merchantvalidation", (event) => {});
onmerchantvalidation = (event) => {};
Event type
A MerchantValidationEvent
. Inherits from Event
.
Event properties
MerchantValidationEvent.methodName
-
A string providing a unique payment method identifier for the payment handler that's requiring validation. This may be either one of the standard payment method identifier strings or a URL that both identifies and handles requests for the payment handler, such as
https://apple.com/apple-pay
. MerchantValidationEvent.validationURL
-
A string specifying a URL from which the site or app can fetch payment handler specific validation information. Once this data is retrieved, the data (or a promise resolving to the validation data) should be passed into
complete()
to validate that the payment request is coming from an authorized merchant.
Examples
In this example, an event handler is established for the merchantvalidation
event. It uses the fetch()
to send a request to its own server with an argument of the payment method's validation URL, obtained from the event's validationURL
property. The merchant server should access the validation URL in accordance with the payment method documentation. Typically, a client should not access the validation URL.
request.addEventListener("merchantvalidation", (event) => {
event.complete(async () => {
const merchantServerUrl = `${
window.location.origin
}/validate?url=${encodeURIComponent(event.validationURL)}`;
// get validation data, and complete validation;
return await fetch(merchantServerUrl).then((response) => response.text());
}, false);
});
const response = await request.show();
How merchant server handles the validation depends on the server implementation and payment method documentation. The content delivered by the validation server is forwarded to the merchant server and is then returned from the fetch()
call's fulfillment handler to the complete()
method on the event. This response lets the payment handler know if the merchant is validated.
You can also use the onmerchantvalidation
event handler property to set up the handler for this event:
request.onmerchantvalidation = (event) => {
event.complete(async () => {
const merchantServerUrl = `${
window.location.origin
}/validate?url=${encodeURIComponent(event.validationURL)}`;
// get validation data, and complete validation;
return await fetch(merchantServerUrl).then((response) => response.text());
});
};
const response = await request.show();
For more information, see Merchant validation.
Browser compatibility
BCD tables only load in the browser
See also
- Payment Request API
- Using the Payment Request API
onmerchantvalidation
event handler property- Merchant validation
paymentmethodchange
eventshippingaddresschange
eventshippingoptionchange
event