Feature Requests
Share ideas, discuss and vote on requests from other users in community

Modification of Sagepay Tokens module to accept non-token payments

Andrew Willis shared this idea 5 years ago

We are currently using the Sagepay Tokens module on our WHMCS installation but have a number of clients who do not wish to store card details at all and log in every time an invoice is due to make a fresh card payment.

Because the existing module will only use a token, if the customer opts to not save their card details (which auto generates a token), they get a "card declined message" and in the billing gateway, we get:-


StatusDetail => 3051 : The CardNumber field is required.

The only way around it at the moment is for the customer to save their card details first in their client area (which generates a token from sagepay), then go and pay the invoice and then return back to the card details section in the client area and delete them. This doesn't present a very easy order journey for the customer.

I have spoken to Sagepay and they have said that if a token isn't required then you need to pass the variable "CreateToken=0" to them meaning that their system will just process a card payment as normal but no token will be returned to be stored in the WHMCS database.

Logically, this should happen if the customer selects the "do not save card details" tick box on the WHMCS checkout page.

This is clearly a long standing issue - see post 7 (exactly the same issue) on the following page:-


It seems a fairly straightforward to fix to me but Support have said it is not a bug but should be presented as a new feature request - in my opinion the feature should have existed in the first place as clearly the scenario above wasn't thought about!

If anyone else has any thoughts on how this issue can be resolved without using multiple payment modules (token and non-token) then I would be interested to hear them.

Comments (3)


To use a token module, the card details have to be passed and saved.

You would need to use the standard SagePay module, already within WHMCS, to process a one time payment.


Ok, so assume we concurrently run both Sagepay Modules with the WHMCS installation....one for customers who wish to pay and store their card details (sagepay token module) and one for customers who wish to pay and not store their card details (standard sagepay module).

How does WHMCS determine which module should be used in either situation in order to avoid payments with tokens being sent to the standard module and payments with non-tokens being sent to the token module (either of which would result in payment failures)?

If you can clarify on what we need to enable in order for this to happen then I will implement immediately :-)



This is determined by the payment gateway the client selects on the order form, or the Payment Gateway setting on the client details page in their client area.

Staff can also change the payment gateway that is assigned to the client under their Profile tab, or change it for an individual service under the client's Products/Services tab.

If the tokenised module is selected, the invoice will be generated with the tokanised gateway as the payment method and will be treated as such. Conversely, if the merchant gateway is selected, the invoice will be generated with the merchant gateway as the payment method and treated as such.