Guides
GuidesAPI ReferenceGo to DashboardSite >
Start typing to search…

Embedded Iframe

Seamlessly integrate a white-labeled checkout into your website. The Embedded iFrame delivers Localpayment's secure payment processing while preserving your brand identity.

The Embedded Iframe option allows you to seamlessly integrate Localpayment's secure checkout experience directly into your website or application. This solution provides a complete payment processing interface while maintaining your brand's look and feel.

Key Benefits

Flexible, Brand-Safe Integration

Maintain brand consistency with customizable iframes that embed seamlessly into your checkout. Avoid page redirects and ensure a frictionless journey without compromising UX

Fast Implementation

Deploy local and international payment methods without building or maintaining complex frontend infrastructure. Our iframe lets you go live in minutes, speeding up expansion efforts and reducing engineering dependency.

Lower Maintenance Costs

Because the iframe is hosted and maintained by Localpayment, you benefit from ongoing updates with zero impact to your deployment.

Simplified Compliance & Risk Management

Keep sensitive payment data off your servers and reduce your PCI scope. With the iframe, merchants offload both security responsibility and compliance liability to Localpayment.

Use Cases

The Embedded Iframe solution adapts to virtually any payment scenario. Here are the most common implementations:

  • E-Commerce & Retail: Process online purchases without custom payment forms.
  • Service Industries: Collect fees for professional services and consultations.
  • Events & Entertainment: Concert venues selling event tickets.
  • Non-Profit & Community: Charity organizations collecting online donations.

Integration Process

Step 1: Generate Iframe Keys

What you'll do: Create iframe keys in your Localpayment dashboard that authenticate your integration.

Important: Store your private key securely on your server - never expose it in client-side code. Your public key can be safely used in frontend applications.

Resources: Follow our detailed Iframe Keys Tutorial for step-by-step instructions.

Step 2: Create Payment Session

What happens: Generate a secure session token by making a server-side request to our API endpoint.

Endpoint: POST https://api.stage.localpayment.com/bff/webcheckout/createsession

Required parameters:

  • bodyMessage - Your payment request data (same format as Payin API)
  • signature - RSA signature of your body message
  • publicKey - Your iframe public key

Response: You'll receive a session token containing the redirectUrl for your iframe.

Step 3: Embed the Iframe

What you'll do: Set the iframe source URL using the redirectUrl from your session response.

Implementation: Simply assign the redirectUrl to your iframe's src attribute, and the checkout interface will load within your page.

Result: Users can complete their payment without leaving your website.

Payment Method Confirmations

Understanding what happens after payment submission helps you set proper user expectations:

Instant Confirmation

Credit & Debit Cards

  • Immediate payment confirmation
  • Real-time transaction processing
  • Instant success/failure notification
Payment Instructions

Bank Transfer & Cash Payments

  • Detailed payment instructions
  • Reference numbers provided
  • Payment deadlines specified

Security Implementation

RSA Signature Generation

All requests must include a valid RSA signature for security. Here's how to generate one:

public static string Sign(string content, string privateKey)
{
    var contentData = Encoding.ASCII.GetBytes(content);
    var privateKeyData = Convert.FromBase64String(privateKey);

    using var rsa = new RSACryptoServiceProvider();
    using var sha1 = SHA1.Create();

    rsa.ImportRSAPrivateKey(privateKeyData, out _);
    return Convert.ToBase64String(rsa.SignData(contentData, sha1));
}

Best Practices

  • Server-side processing: Always create sessions and signatures on your backend.
  • Key management: Store private keys securely and rotate them regularly.
  • HTTPS only: Ensure all communication happens over secure connections.
  • Input validation: Validate all payment data before sending to our API.

Implementation Example

Download our complete integration example to see how all the pieces work together:

Complete Iframe Integration Example
🎧

Need Help?

Contact our support team if you experience any issues or need assistance for integration.


Updated about 2 hours ago