Hey A.Ruben,

Thanks for reading! To be honest, the answer to “is there any reason why I didn’t include the request body for the Process a Payment request” is because I did a dumb 😬. Thanks for calling that out! I’ve update the article to include the request body from the collection.

Bear in mind, that request includes a credit card number (a fake one in the example, but a real one in a real world application) which requires PCI compliance to be considered for any applications that use that request. If you want to avoid incurring additional PCI burden, you may consider using a stored payment instrument rather than a credit card number.

Assuming…

• …the cart has a customer ID associated with it…
• …and that customer has previously stored their credit card with BigCommerce…

…then the response to request #7 should include objects in the stored_instruments array for each method. You can use the token from that response in a payment request body like this instead of the one I just added to the article:

{
 "payment": {
  "instrument": {
   "type": "stored_card",
   "token": "{{stored-instrument-token}}",
   "verification_value": "123"
  },
  "payment_method_id": "{{gateway}}"
 }
}

Note: verification_value is only required if the payment gateway is configured to require CVV codes for stored card payments.

Thanks again for that catch! Let me know if you find anything else that looks wonky.