# OneClick and recurring card payments

One-click payments involve debiting a customer/payer profile already registered in the imoje system. The first payment requires verification and provision of full payment instrument details. Each subsequent payment is made by debiting the payment instrument based on the identifier assigned to it.

Recurring payments involve cyclical debiting of the customer's payment instrument without verification. The registration of the payment instrument is similar to that for one-click payments. In accordance with the regulations of payment organisations, the payment must be repeatable in terms of amount and time period.

When making a payment, please remember that each payment instrument must have its own unique customer/payer identifier - `cid`.

## Creating a new profile

A new card profile is created by making the first **registration transaction**. A registration transaction can be created in two ways:

* by passing an additional `card` and `additionalData` object in the request creating the [transaction](https://bump.sh/pgw/doc/imoje-api-en/operation/operation-post-parameter-transaction).

> info
> **IMPORTANT** - this method is only available if you have a valid PCI DSS certificate.

* using the card widget `https://paywall.imoje.pl/js/widget.min.js`.
Instructions on how to correctly call the widget can be found in the [FRONT API](https://data.imoje.pl/documentation/pl/paywall) documentation.

<br>

**In accordance with PCI DSS requirements (established by payment organisations), it is prohibited to process, transfer or store numbers and other data relating to payment or credit cards without the appropriate certificate.**

> If you have the appropriate PCI DSS certificate and want to make the card payment form available on your shop's website, please send it to technical support at kontakt.tech@imoje.pl.

## Downloading, debiting, and deactivating a profile

You do not need a PCI DSS certificate for other actions on card profiles. You can therefore use the other [profile](https://bump.sh/pgw/doc/imoje-api-en/group/endpoint-profile) endpoint requests without any restrictions.

# OneClick and recurring payments without a profile

This variant of OneClick and recurring payments differs in that no card profile is created during the registration payment, and the card is charged on a different basis.
<br>

In order to create a OneClick or recurring registration transaction, send an HTTP request creating a [transaction](https://bump.sh/pgw/doc/imoje-api-en/operation/operation-post-parameter-transaction) by passing an additional `card` object, an `additionalData` object, and a `profileType` parameter with the value `FIRST`.

> info
> **IMPORTANT!** You can only use this option if you have a valid **PCI DSS** certificate.

## Debiting a card without a profile

In order to charge the card, send another HTTP request creating a [transaction](https://bump.sh/pgw/doc/imoje-api-en/operation/operation-post-parameter-transaction), this time passing an additional `profileType` parameter with the value `STANDARD` and the `firstTransactionId` parameter in the `card` object instead of the `cvv` parameter with the value that was returned in the [GET request for transaction data](https://bump.sh/pgw/doc/imoje-api-en/operation/operation-get-parameter-transaction-parameter)