RyanPay Card Payments with accept.blue for Formidable

Secure Form Checkout connects your Formidable Forms payment forms to the accept.blue payment processing platform. All card data is handled inside a secure accept.blue Hosted Tokenization iFrame — it never passes through your server, keeping your site PCI-compliant.

This is the free Lite version.

What’s Included in Lite

• Credit card payments via accept.blue Hosted Tokenization iFrame — card data never touches your server
• Test / Sandbox mode — safely test payments with accept.blue sandbox credentials before going live
• Test Connection — verify your API credentials without leaving WordPress
• Debug logging — dedicated per-month log file with an in-admin log viewer, gated behind a settings toggle
• card authentication — optional EMV card authentication browser-based authentication per Form Action
• Per-form API credential override — run different forms against different accept.blue merchant accounts
• Processing overlay — animated spinner shown on form submit while payment processes
• Minified assets — production-ready JS and CSS; source files served automatically when WP_DEBUG is on

Requirements

• WordPress 6.0 or higher
• PHP 7.4 or higher
• Formidable Forms Pro (required for payment fields)
• An active accept.blue merchant account (sign up at https://accept.blue)

Source code

The unminified source files for all JavaScript and CSS are included in the plugin’s assets/ directory alongside the minified production files. No separate build step is required to review the source.

External Services

This plugin connects to the accept.blue payment processing platform. Two distinct accept.blue services are contacted:

1. accept.blue Payment API

Used to authorise and capture credit card payments. When a visitor submits a payment form, the plugin sends a server-side request to the accept.blue API to process the charge.

Data sent: a short-lived card nonce token (generated by the Hosted Tokenization iFrame — never the raw card number or CVV), the payment amount, currency code, and the site’s accept.blue API credentials.

When data is sent: only when a visitor submits a payment form and the tokenization step has completed successfully.

• API endpoint (live): https://api.accept.blue/api/v2/
• API endpoint (sandbox): https://api.sandbox.accept.blue/api/v2/
• accept.blue website: https://accept.blue
• API documentation: https://docs.accept.blue/api/v2
• Terms of Service / Privacy Policy: https://accept.blue/terms-of-use/

2. accept.blue Hosted Tokenization Service

Used to securely capture card details inside an iFrame. When a visitor views a payment form, the browser loads a secure iFrame from accept.blue’s tokenization service. The visitor enters their card number, expiry, and CVV directly into this iFrame. That card data is sent from the visitor’s browser directly to accept.blue — it never passes through your WordPress server.

Data sent: raw card details (card number, expiry, CVV) sent from the visitor’s browser directly to accept.blue’s tokenization servers. Your server receives only a short-lived nonce in return.

When data is sent: when the visitor enters card details and submits the payment form.

• Tokenization endpoint (live): https://tokenization.accept.blue/tokenization/v0.3/
• Tokenization endpoint (sandbox): https://tokenization.sandbox.accept.blue/tokenization/v0.3/
• Terms of Service / Privacy Policy: https://accept.blue/terms-of-use/