`Flex API` {#da-flex-api-intro}
===============================

The `Flex API` enables merchants to securely accept customer payment information captured within a server-side application using a set of APIs. These APIs protect your customer's primary account number (PAN), card verification number (CVN), and other payment information by embedding it within a transient token. This allows payment data to be stored and transported and complies with the Payment Card Industry Data Security Standard (PCI DSS) policies and procedures. These transient tokens can be validated by the receiver to ensure the data integrity and protect against data injection attacks.

> WARNING
> ` Flex API ` is intended for server-side applications only. Do not use the ` Flex API ` in client-side applications. To add secure payments directly into client-side code, use ` Unified Checkout `.  
> IMPORTANT
> Each request that you send to ` Visa Acceptance Solutions ` requires header information. For information about constructing the headers for your request, see the [*Getting Started with REST Developer Guide*](https://developer.visaacceptance.com/docs/vas/en-us/platform/developer/all/rest/rest-getting-started/restgs-about-guide.md "").

How It Works
------------

Follow these steps to capture payments using the `Flex API`:

1. Establish a payment session with a predefined customer context.
2. Validate the JSON Web Token.
3. Populate the JSON Web Token with customer information.

Customer Context
----------------

An important benefit of the `Flex API` is managing Personal Identifiable Information (PII). You can set up your customer context to include all PII associated with transactions, protecting this information from third parties.