To integrate Worldpay with V0 by Vercel, generate a checkout UI with V0, create a Next.js API route that calls Worldpay's REST API to create payment sessions and process transactions using your Worldpay merchant credentials, store credentials in Vercel environment variables, and deploy. Worldpay handles global card processing while your API route secures the payment flow server-side.
Build Global Payment Checkouts with Worldpay and V0
Worldpay processes more payment transactions than almost any other provider on the planet, with reach into markets where Stripe is less established — particularly in the UK, Europe, and Asia-Pacific retail sectors. For enterprise merchants, public sector organizations, and international retailers building custom checkout experiences, Worldpay's Access Worldpay API provides direct access to their payment processing infrastructure without going through a payment service provider layer. V0 by Vercel can generate the entire checkout UI — product summary, address form, payment form, order confirmation — while Next.js API routes handle the Worldpay API communication securely.
Worldpay's modern integration uses a two-step tokenization pattern. First, the customer's card details are collected via Worldpay's JavaScript SDK (Worldpay.js or the Access Worldpay Components) which tokenizes the card data client-side, sending a payment token to your checkout form rather than the raw card number. This token is then sent to your Next.js API route, which calls Worldpay's server-side API to create and authorize the payment order using the token. This architecture means card data never passes through your servers, simplifying PCI DSS compliance from SAQ D (most complex) to SAQ A (the simplest, self-assessment).
Worldpay's API has evolved significantly — the newer Access Worldpay API (access.worldpay.com) replaces the older XML-based Worldpay Direct XML API. The REST-based Access Worldpay API uses JSON, OAuth2 authentication, and provides a much cleaner developer experience. This guide focuses on the modern Access Worldpay REST API.
Integration method
Worldpay integrates with V0-generated Next.js apps through server-side API routes that call Worldpay's Access Worldpay REST API to create payment sessions and process transactions. Payment tokens generated by Worldpay's JavaScript SDK on the client side are sent to your API route for server-side processing — card data never passes through your Next.js server. Worldpay credentials are stored as server-only Vercel environment variables.
Prerequisites
- A Worldpay merchant account — contact Worldpay at worldpay.com or through your bank if you're in the UK for account setup
- Access Worldpay API credentials — your merchant entity ID, client ID, and client secret provided by Worldpay during onboarding
- Access to the Worldpay Merchant Portal to configure test/sandbox credentials and webhook endpoints
- Familiarity with the Access Worldpay documentation at developer.worldpay.com — especially the payment sessions and orders endpoints
- A V0 account at v0.dev and a Vercel account for deployment
Step-by-step guide
Generate the Checkout UI with V0
Generate the Checkout UI with V0
Open V0 at v0.dev and describe the checkout interface you want to build. Worldpay checkouts follow the same pattern as other payment providers: collect billing information, display the payment form (powered by Worldpay's JavaScript SDK), and handle the submission. The most important thing to communicate to V0 is where the Worldpay card component will be mounted — tell V0 to include a placeholder div with a specific ID (e.g., id='worldpay-card-element') where you'll mount Worldpay's card component in a useEffect. The billing details form around the card component should include cardholder name, email, and billing address fields. V0 generates these form components with Tailwind CSS and shadcn/ui with proper input validation. The checkout flow has distinct states: filling the form, loading (submitting payment), success (order confirmed with order number), and error (declined card or API failure). Tell V0 to generate all four states. For multi-step checkouts, V0 handles step management well if you describe the steps explicitly in your prompt. After generating, push the code to GitHub via V0's Git panel.
Create a checkout page with a clean card-style layout. Left column (60% width): a form with sections for Contact Info (email, phone), Shipping Address (full address fields with country dropdown), and Payment (a div with id='worldpay-card-element' with a subtle border placeholder, and a cardholder name field above it). Right column (40% width): Order summary card showing items, subtotal, shipping calculated, tax, and total amount in bold. A Pay securely button at the bottom of the left column shows a loading spinner when clicked and posts to POST /api/worldpay/orders. Show a full-page success state with an animated checkmark, order number, and email confirmation note when payment succeeds. Use a minimal e-commerce style with trustworthy design cues including a lock icon near the payment button.
Paste this in V0 chat
Pro tip: Add a Worldpay acceptance mark image (official card brand logos available from your Worldpay Merchant Portal) near the payment button — this builds checkout trust and is often required in merchant agreements.
Expected result: A complete checkout UI renders in V0's preview with billing form, order summary, and a placeholder for the Worldpay card component. The form is wired to POST /api/worldpay/orders.
Implement the OAuth2 Authentication and Order Creation API Route
Implement the OAuth2 Authentication and Order Creation API Route
Worldpay's Access Worldpay API uses OAuth2 client credentials flow for authentication. POST to Worldpay's token endpoint at https://access.worldpay.com/token with your client ID and client secret as form data with grant_type=client_credentials. The token response gives you an access_token (valid for 15 minutes) and token_type of Bearer. Cache this token and refresh it automatically when it expires. The main payment endpoint is POST /api/payments/v6/payment-sessions to create a payment session that initializes the JavaScript SDK on the client side, and POST /api/payments/v6/orders to process the actual payment once the customer has entered their card details. The payment session creation requires your entity ID (merchant ID) and returns a session object with the information needed to initialize Worldpay.js on the frontend. The order creation endpoint accepts the payment token from Worldpay.js, your entity ID, the transaction amount, currency, and order description. Worldpay amounts are in minor currency units (cents/pence) — $10.00 USD is represented as 1000. The order response includes an order code, outcome field (AUTHORIZED, REFUSED, PENDING), and risk assessment.
1// app/api/worldpay/orders/route.ts2import { NextRequest, NextResponse } from 'next/server';34const WP_CLIENT_ID = process.env.WORLDPAY_CLIENT_ID;5const WP_CLIENT_SECRET = process.env.WORLDPAY_CLIENT_SECRET;6const WP_ENTITY_ID = process.env.WORLDPAY_ENTITY_ID;7const WP_API_BASE = process.env.WORLDPAY_SANDBOX === 'true'8 ? 'https://try.access.worldpay.com'9 : 'https://access.worldpay.com';1011let tokenCache: { token: string; expiresAt: number } | null = null;1213async function getAccessToken(): Promise<string> {14 const now = Date.now();15 if (tokenCache && tokenCache.expiresAt > now + 30000) {16 return tokenCache.token;17 }1819 const response = await fetch(`${WP_API_BASE}/token`, {20 method: 'POST',21 headers: { 'Content-Type': 'application/x-www-form-urlencoded' },22 body: new URLSearchParams({23 grant_type: 'client_credentials',24 client_id: WP_CLIENT_ID!,25 client_secret: WP_CLIENT_SECRET!,26 }).toString(),27 });2829 if (!response.ok) {30 throw new Error(`Worldpay auth failed: ${response.status}`);31 }3233 const data = await response.json();34 tokenCache = {35 token: data.access_token,36 expiresAt: now + data.expires_in * 1000,37 };3839 return tokenCache.token;40}4142export async function POST(request: NextRequest) {43 if (!WP_CLIENT_ID || !WP_CLIENT_SECRET || !WP_ENTITY_ID) {44 return NextResponse.json({ error: 'Worldpay not configured' }, { status: 500 });45 }4647 let body: {48 paymentToken: string;49 amount: number;50 currency: string;51 orderDescription: string;52 customerEmail?: string;53 };5455 try {56 body = await request.json();57 } catch {58 return NextResponse.json({ error: 'Invalid request body' }, { status: 400 });59 }6061 if (!body.paymentToken || !body.amount) {62 return NextResponse.json(63 { error: 'paymentToken and amount are required' },64 { status: 400 }65 );66 }6768 try {69 const token = await getAccessToken();7071 const response = await fetch(`${WP_API_BASE}/api/payments/v6/orders`, {72 method: 'POST',73 headers: {74 Authorization: `Bearer ${token}`,75 'Content-Type': 'application/vnd.worldpay.payments-v6+json',76 Accept: 'application/vnd.worldpay.payments-v6+json',77 },78 body: JSON.stringify({79 transactionReference: `order-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,80 merchant: { entity: WP_ENTITY_ID },81 instruction: {82 method: 'card',83 paymentInstrument: {84 type: 'plain',85 cardHolderName: body.customerEmail,86 // Note: paymentToken from Worldpay.js replaces card details87 // For tokenized payments, use 'paymentInstrument.type: "checkout"'88 },89 value: {90 currency: body.currency || 'GBP',91 amount: Math.round(body.amount * 100), // Convert to minor currency units92 },93 },94 narrative: { line1: body.orderDescription || 'Order payment' },95 customer: body.customerEmail ? { homePhone: '', email: body.customerEmail } : undefined,96 }),97 });9899 const orderData = await response.json();100101 if (orderData.outcome === 'AUTHORIZED') {102 return NextResponse.json({103 success: true,104 orderCode: orderData.orderCode || orderData.transactionReference,105 outcome: orderData.outcome,106 });107 } else {108 return NextResponse.json(109 { error: `Payment ${orderData.outcome}`, outcome: orderData.outcome },110 { status: 402 }111 );112 }113 } catch (error) {114 const message = error instanceof Error ? error.message : 'Unknown error';115 console.error('Worldpay payment failed:', message);116 return NextResponse.json(117 { error: 'Payment processing failed', details: message },118 { status: 500 }119 );120 }121}Pro tip: Worldpay amounts use minor currency units — multiply by 100 for GBP/USD/EUR (£10.00 = 1000 pence). Some currencies like JPY have no minor units — verify the correct conversion for each currency you support in Worldpay's documentation.
Expected result: POST /api/worldpay/orders authenticates with Worldpay and processes a payment, returning { success: true, orderCode: '...', outcome: 'AUTHORIZED' } for approved transactions.
Integrate Worldpay.js for Client-Side Card Tokenization
Integrate Worldpay.js for Client-Side Card Tokenization
The secure payment form in your V0-generated checkout needs to use Worldpay's JavaScript library to collect card details. Load the Worldpay.js script from Worldpay's CDN and use it to mount a card component into the placeholder div you created in Step 1. Worldpay.js handles PCI-compliant card collection — the actual card number never touches your JavaScript code or your server. The library provides a Worldpay.js instance that you initialize with your merchant entity ID and use to create card fields, validate input, and generate a payment token. In Next.js App Router, load the script using Next.js's Script component with strategy='lazyOnload', then initialize the Worldpay component in a useEffect after the script loads. The Worldpay.js API varies by product tier (Access Worldpay Components for modern integration vs. older Worldpay.js) — consult developer.worldpay.com for the specific initialization code for your merchant account type. After the customer enters their card details and clicks Pay, call worldpay.tokenize() to get a payment token, then send that token to your /api/worldpay/orders endpoint. The token replaces the raw card data in your API call, ensuring card numbers never pass through your Next.js server.
Update the checkout payment section to load and initialize the Worldpay card component. Add a 'use client' directive to the checkout component. In a useEffect, wait for the Worldpay.js script to load (check window.Worldpay), then call Worldpay.setup() with the entity ID from the environment. Mount the card component into the div#worldpay-card-element. On form submit, call worldpay.tokenize() to get a payment token before sending to the API route. Show a 'Card details secured by Worldpay' badge with a lock icon below the card fields. Handle tokenization errors with a red error message below the card component.
Paste this in V0 chat
1// components/WorldpayCheckout.tsx ('use client')2'use client';3import { useEffect, useRef, useState } from 'react';4import Script from 'next/script';56declare global {7 interface Window {8 Worldpay: {9 setup: (options: Record<string, unknown>) => { tokenize: () => Promise<string> };10 };11 }12}1314interface WorldpayCheckoutProps {15 amount: number;16 currency: string;17 onSuccess: (orderCode: string) => void;18}1920export function WorldpayCheckout({ amount, currency, onSuccess }: WorldpayCheckoutProps) {21 const worldpayRef = useRef<ReturnType<typeof window.Worldpay.setup> | null>(null);22 const [error, setError] = useState('');23 const [loading, setLoading] = useState(false);2425 const initWorldpay = () => {26 if (!window.Worldpay) return;2728 worldpayRef.current = window.Worldpay.setup({29 entityId: process.env.NEXT_PUBLIC_WORLDPAY_ENTITY_ID,30 container: '#worldpay-card-element',31 form: '#checkout-form',32 paymentMethod: 'card',33 styles: {34 // Custom styles for the card input35 base: 'font-family: system-ui; font-size: 14px; color: #1f2937;',36 invalid: 'color: #dc2626;',37 },38 });39 };4041 const handleSubmit = async (e: React.FormEvent) => {42 e.preventDefault();43 setError('');44 setLoading(true);4546 try {47 if (!worldpayRef.current) throw new Error('Payment form not initialized');4849 const token = await worldpayRef.current.tokenize();5051 const response = await fetch('/api/worldpay/orders', {52 method: 'POST',53 headers: { 'Content-Type': 'application/json' },54 body: JSON.stringify({ paymentToken: token, amount, currency }),55 });5657 const data = await response.json();5859 if (data.success) {60 onSuccess(data.orderCode);61 } else {62 setError(data.error || 'Payment was declined. Please try a different card.');63 }64 } catch (err) {65 setError('An error occurred. Please try again.');66 } finally {67 setLoading(false);68 }69 };7071 return (72 <>73 <Script74 src="https://access.worldpay.com/access-sdk/js/latest/access-sdk.min.js"75 onLoad={initWorldpay}76 strategy="lazyOnload"77 />78 <form id="checkout-form" onSubmit={handleSubmit}>79 <div id="worldpay-card-element" className="border rounded-md p-3 min-h-[120px]" />80 {error && <p className="text-red-600 text-sm mt-2">{error}</p>}81 <button82 type="submit"83 disabled={loading}84 className="w-full mt-4 bg-emerald-600 text-white py-3 rounded-md font-medium disabled:opacity-50"85 >86 {loading ? 'Processing...' : `Pay ${new Intl.NumberFormat('en-GB', { style: 'currency', currency }).format(amount)}`}87 </button>88 </form>89 </>90 );91}Pro tip: The NEXT_PUBLIC_WORLDPAY_ENTITY_ID is safe to expose client-side — it's your merchant identifier, not a secret. Only the client ID and client secret used for OAuth2 authentication in your API route must be kept server-side.
Expected result: The Worldpay card input renders inside the checkout form, card entries are tokenized client-side, and successful submissions complete with an order code returned from Worldpay.
Configure Vercel Environment Variables and Deploy
Configure Vercel Environment Variables and Deploy
Push your project to GitHub and configure Worldpay credentials in Vercel. Open the Vercel Dashboard → your project → Settings → Environment Variables. Add the following variables: WORLDPAY_CLIENT_ID and WORLDPAY_CLIENT_SECRET (server-only OAuth2 credentials for API authentication — no NEXT_PUBLIC_ prefix), WORLDPAY_ENTITY_ID (your merchant entity ID — also server-only for the API route), NEXT_PUBLIC_WORLDPAY_ENTITY_ID (the same entity ID but with NEXT_PUBLIC_ prefix for the client-side Worldpay.js initialization), and WORLDPAY_SANDBOX set to 'true' for Preview environments and empty/unset for Production. The entity ID appears both as a server variable (for your API route) and a public variable (for the client-side SDK) — this is correct and intentional since the entity ID is a merchant identifier, not a secret. For Preview environments, use Worldpay's test/sandbox credentials which use the hostname try.access.worldpay.com instead of access.worldpay.com. After deploying, test a full checkout flow using Worldpay's test card numbers (available at developer.worldpay.com/docs/access-worldpay/test-card-numbers). Verify that test transactions appear in your Worldpay Merchant Portal dashboard.
Pro tip: Worldpay provides specific test card numbers for different scenarios: successful authorization, decline, 3D Secure authentication required, and insufficient funds. Test all scenarios in the sandbox before going to production — use the test cards from developer.worldpay.com to verify your error handling covers each decline reason.
Expected result: The deployed Vercel checkout processes test Worldpay transactions successfully. Sandbox payments appear in the Worldpay Merchant Portal and production switching requires only changing environment variable values without code changes.
Common use cases
E-commerce Checkout with Worldpay
A complete e-commerce checkout flow where customers enter their billing details and card information. Worldpay's JavaScript SDK tokenizes the card in the browser, and the Next.js API route processes the payment using the token. Supports multiple currencies for international merchants.
Create a two-step checkout page. Step 1 shows an Order Summary card on the right (product list with quantities, subtotal, tax, shipping, and total) and a Billing Details form on the left (name, email, address fields with country selector and postal code). A Continue to Payment button advances to Step 2. Step 2 keeps the order summary on the right and shows a Payment form on the left with card holder name input and a placeholder div with id='card-element' for Worldpay's card component. A Pay Now button submits the token to POST /api/worldpay/orders. Show a loading spinner on submit and redirect to a success page on confirmation. Use a clean e-commerce checkout style with a white background and emerald green primary color.
Copy this prompt to try it in V0
Subscription Billing Portal
A subscription management page where users can update their payment method and view billing history. New card details are tokenized via Worldpay's SDK and the token is used to update the recurring payment method in Worldpay's vault, ensuring future subscription charges use the new card.
Build a subscription billing portal with three sections: Current Plan (showing plan name, price, renewal date, and an Upgrade button), Payment Method (showing masked card number and expiry with a Change Payment Method button that opens a modal with Worldpay's card component for entering new details — submits to PUT /api/worldpay/payment-method), and Billing History (table with invoice date, amount, status badge, and download PDF link). Use a clean SaaS settings page layout with a left sidebar and white content area.
Copy this prompt to try it in V0
Retail Payment Terminal Integration
An internal sales tool for retail staff processing phone orders. Staff enter customer details and card information (provided verbally by the customer), the transaction is processed via Worldpay's card-not-present flow, and a receipt is generated. Includes transaction lookup and refund initiation.
Design a phone order payment terminal for retail staff. Show a clean order entry form with product search (debounced, fetches from product catalog), quantity selector, and a running order total. Below, a Customer section with fields for name, email, and optional billing address. A Process Payment button at the bottom opens a modal with the Worldpay card component for card-not-present entry, amount confirmation, and a Charge Card button posting to POST /api/worldpay/orders. On success, show a receipt modal with order number, amount, card last four, and a Print Receipt button. Include a Today's Transactions table at the bottom.
Copy this prompt to try it in V0
Troubleshooting
OAuth2 token request returns 401 with 'invalid_client'
Cause: The client ID and secret are incorrect, being sent in the wrong format, or are sandbox credentials being used against the production endpoint (or vice versa).
Solution: Verify the credentials from your Worldpay Merchant Portal. Ensure WORLDPAY_SANDBOX is set correctly — sandbox credentials (try.access.worldpay.com) will not work against the production endpoint (access.worldpay.com). Check that credentials are sent as URL-encoded form data, not JSON.
Payment order returns outcome 'REFUSED' for test transactions
Cause: Using a non-test card number in sandbox mode, or the card number is for a specific decline scenario (insufficient funds, expired card) from Worldpay's test card list.
Solution: Use Worldpay's official test card numbers from developer.worldpay.com/docs/access-worldpay/test-card-numbers. The standard approval test card is typically 4444333322221111 with any future expiry date and any CVV. Check the refusalCode in the order response for the specific decline reason.
Worldpay.js fails to load or the card component does not render in the div
Cause: The Worldpay.js script CDN URL is incorrect, the entity ID passed to setup() is wrong, or the container selector does not match the div ID in the DOM.
Solution: Check the browser console for script load errors. Verify the CDN URL against Worldpay's current documentation at developer.worldpay.com. Ensure the setup() call happens after the script has loaded (in the onLoad callback). Verify the container selector matches your div ID exactly — use '#worldpay-card-element' with the hash prefix for ID selectors.
Amount field causes validation errors — Worldpay rejects the transaction
Cause: Amount is being sent as a decimal (10.00) instead of minor currency units (1000) — Worldpay requires amounts in the smallest currency denomination.
Solution: Multiply the amount by 100 before sending to Worldpay for currencies like GBP, USD, and EUR. Be careful with zero-decimal currencies like JPY where the amount should not be multiplied. Check Worldpay's documentation for the specific currency you're processing.
1// Correct: convert to minor units2const amountInMinorUnits = Math.round(body.amount * 100);3// For GBP: £10.00 → 1000 pence4// For JPY: ¥1000 → 1000 (no conversion needed)Best practices
- Never log or store the raw payment token from Worldpay.js — use it immediately in your API route and discard it; tokens are single-use and short-lived
- Always use Worldpay.js for client-side card collection rather than custom card input fields — this keeps your integration out of SAQ D PCI DSS scope
- Set WORLDPAY_SANDBOX=true in Vercel Preview environments to prevent accidental real charges during development and testing
- Store the Worldpay transaction reference (your transactionReference) in your database before calling the Worldpay API — if the API call succeeds but your database write fails, you need this reference to look up the payment and avoid double-charging
- Implement idempotent transaction references by including a unique order ID — Worldpay will reject duplicate transaction references, preventing double-charges if your API route is called twice
- Set up Worldpay webhooks to receive payment notifications for deferred authorizations and refund confirmations rather than relying only on the synchronous API response
- Test all card scenarios in sandbox — successful payment, card declined, insufficient funds, 3D Secure required, expired card — to ensure your checkout handles every outcome gracefully
Alternatives
Use Stripe instead of Worldpay for most new projects — Stripe has a Vercel Marketplace integration, superior developer documentation, and faster setup, while Worldpay is better suited for existing enterprise merchant accounts.
Consider Adyen instead for high-volume enterprise payments — Adyen and Worldpay are comparable in scale, but Adyen has better developer tooling and is preferred for international e-commerce where local payment methods are critical.
Choose Authorize.Net instead if your merchant bank relationship is through a US bank — Authorize.Net is deeply embedded in US banking infrastructure and may be preferred by existing US merchant account holders.
Frequently asked questions
What is the difference between Worldpay, Access Worldpay, and Worldpay from FIS?
These are all the same company at different points in time. Worldpay was acquired by Vantiv (which rebranded to Worldpay), then by FIS. 'Worldpay from FIS' is the current branding. 'Access Worldpay' refers to the modern REST API platform (access.worldpay.com) that replaced the older XML-based Worldpay Direct XML API. The Access Worldpay API is what new integrations should use.
Do I need a Worldpay merchant account to use the API?
Yes — the Worldpay API requires an established merchant relationship with Worldpay. Unlike Stripe or PayPal, Worldpay is not self-serve for merchant onboarding. You apply for a merchant account through Worldpay or through a bank that partners with Worldpay (common in the UK), undergo underwriting, and receive merchant credentials after approval. This process typically takes 1-2 weeks.
Can I use the Worldpay sandbox for free testing without a live merchant account?
Worldpay provides a sandbox environment (try.access.worldpay.com) for testing, but you need to be in the onboarding process or have an existing merchant account to receive sandbox credentials. Unlike Stripe where you can sign up and start testing immediately, Worldpay's test environment access requires a merchant relationship.
How does Worldpay handle 3D Secure (3DS) authentication?
Worldpay handles 3DS2 authentication as part of the payment flow. When a transaction requires 3DS authentication (mandated for EU/UK card transactions under PSD2), Worldpay's Access Worldpay API returns a challenge response in the order outcome that includes a redirect URL or embedded challenge. Your checkout must handle this challenge flow — the Worldpay.js SDK manages this automatically when used for card collection, making 3DS handling transparent to your integration.
How do I process refunds with the Worldpay API?
Send a POST request to /api/payments/v6/orders/{orderCode}/refunds with the amount to refund in minor currency units. Partial refunds (refunding less than the full transaction amount) are supported. The refund endpoint requires the original order code from the authorization response. Refund confirmation is typically received via webhook rather than the synchronous API response — set up a webhook endpoint and register it in your Worldpay Merchant Portal to receive refund status notifications.
Is Worldpay available in the Vercel Marketplace like Stripe?
No — Worldpay is not available as a Vercel Marketplace integration unlike Stripe (which has native one-click Vercel integration). You must manually configure Worldpay credentials as Vercel environment variables. This is a manual but straightforward process: generate credentials in the Worldpay Merchant Portal and add them to Vercel Dashboard → Settings → Environment Variables.
Talk to an Expert
Our team has built 600+ apps. Get personalized help with your project.
Book a free consultation