Account pairing is an initiative aimed at a more seamless integration to Zip NZ, designed to deliver a better user experience to customers.
By establishing a trusted authentication context between the merchant and Zip NZ, we can deliver the following features:
- ‘One-click’ purchasing from merchant website / mobile app
- Real-time display / access to a customers Zip NZ balance and spend limits
- ‘Single sign-on’ to Zip NZ from merchant
In order to enable account pairing, a merchant must be able to securely store a customer pairing token. The merchant will then use this pairing token as the basis for accessing resources on Zip NZ in a customer-level security context.
For a first-time pairing flow, a request is made to the create order endpoint, with the
pairing.isRequested value set to
true. When this property is set, a pairing code unique to a customer is made available at the corresponding get customer pair endpoint (i.e. the
When any subsequent orders are made, this
pairingToken can be supplied in the
pairing.token value in the create order endpoint. When a valid pairing token is supplied, the customer will be automatically authenticated when arriving at Zip NZ checkout.
As part of our terms, we require the merchant to provide functionality to a user to ‘un-pair’ their Zip NZ account. The only requirment to implement is to simply destroy the pairing token that is held against a given users’ account.
Zip NZ users are able to revoke pairing tokens from the Zip NZ customer portal. This needs to be considered when creating an order with a pairing token, or when exchanging the pairing token for an access token.