Marqeta
Overview
Marqeta provides comprehensive card issuing and processing infrastructure for the Virtual Card Agent. The integration uses Marqeta.js, a PCI-compliant JavaScript library that securely displays sensitive card data through iframes.
Integration Setup
1. Marqeta Account Configuration
Set up your Marqeta account:
- Contact Marqeta sales team to enable Marqeta.js for your program
- Complete the application and onboarding process
- Obtain your API credentials and client access tokens
- Configure webhook endpoints for transaction monitoring
2. Marqeta.js Setup
Marqeta.js is a PCI-compliant JavaScript library that securely displays card details. The library is automatically loaded based on your environment:
- Sandbox:
https://widgets-sandbox.marqeta.com/marqetajs/2.0.0/marqeta.min.js
- Production:
https://widgets.marqeta.com/marqetajs/2.0.0/marqeta.min.js
3. Client Access Token
Generate a client access token using the Marqeta API:
API Integration
Card Details Format
When using Marqeta cards with the Virtual Card Agent, use the marqetaJs
type:
Required Parameters
- cardToken: The Marqeta card token for the virtual card
- clientAccessToken: The Marqeta client access token for Marqeta.js authentication
- sandbox: Optional boolean to determine environment (defaults to true based on organization settings)
Environment Detection
The system automatically determines whether to use sandbox or production based on your organization’s sandbox
property. This ensures the correct Marqeta.js library URL is used.
Security Features
PCI Compliance
- Marqeta.js handles all sensitive card data display
- Card details are never exposed to your application
- All card information is rendered through secure iframes
Authentication
- Client access tokens provide secure authentication
- Tokens are scoped to specific cards and users
- Automatic token validation and refresh
Data Protection
- Card details are encrypted in transit
- No sensitive data is stored in your application
- All card operations are logged for audit purposes
Implementation Example
Frontend Integration
The Marqeta embedded card page automatically handles:
- Loading the appropriate Marqeta.js library
- Initializing with your client access token
- Displaying card details in secure iframes
- Error handling and loading states
Backend Processing
The Virtual Card Agent automatically:
- Extracts card details from the Marqeta iframe
- Validates card information
- Processes payments through the payment gateway
- Handles errors and retries
Best Practices
Security
- Always use client access tokens for authentication
- Implement proper error handling for token failures
- Monitor card usage and spending patterns
- Use sandbox environment for testing
Performance
- Cache client access tokens when possible
- Implement proper loading states
- Handle network failures gracefully
- Monitor Marqeta.js library loading times
Error Handling
- Implement fallback mechanisms for token failures
- Provide clear error messages to users
- Log all Marqeta.js initialization errors
- Monitor card extraction success rates
Troubleshooting
Common Issues
- Marqeta.js not loading: Check your internet connection and Marqeta.js URL
- Client access token invalid: Verify token generation and expiration
- Card details not displaying: Check card token validity and permissions
- Environment mismatch: Ensure sandbox/production settings match your Marqeta account
Debug Information
The system provides detailed logging for:
- Marqeta.js library loading
- Client access token validation
- Card detail extraction
- Error conditions and resolutions
Support
For Marqeta-specific issues:
- Check the Marqeta.js documentation
- Contact Marqeta support for API-related questions
- Review Mercoa logs for integration-specific issues