Skip to main content

Get 3DS Session Details

GET 
/3DS-sessions/:id

Returns the details of a 3DS session and indicates the outcome of the 3DS authentication.

info

This endpoint uses the SmartPay BaseURL and Authorization.

Request

Path Parameters

Header Parameters

    Content-Type stringrequired

    Must be application/json

    Accept-Language stringrequired

    Must be be en-US

    Origin stringrequired

    The origin of the request

    User-Agent stringrequired

    The client making the request

    Authorization stringrequired

    Basic M2lwN2Yx...OGU3Mg==

Responses

3DS authentication status successfully returned

important

From the received response, please extract the mandatory 6 parameters below and be prepared to provide those parameters for the endpoints Create 3DS Payment or Card on File(/docs/smartpay/api-only/api-only-card-on-file/index.md).

  • acsEci
  • authenticationToken
  • transactionStatus
  • protocolVersion
  • dsTransactionId
  • acsTransactionId

Schema

    3ds

    object

    Contains the 3D Secure authentication result details.

    version string

    Possible values: [3DS2]

    Specifies the 3DS protocol version used during the authentication.

    3ds2

    object

    Contains 3DS2-specific fields and nested authentication data.

    3dsMethod

    object

    Contains metadata related to the 3DS Method which allows for frictionless authentication.

    redirectHtml html

    HTML content used to embed an iframe that automatically performs the 3DS method call.

    3dsMethodPostData string

    Encoded data to be posted to the Access Control Server (ACS) for the 3DS method.

    3dsMethodUrl uri

    Endpoint of the Access Control Server to which the 3dsMethodPostData is submitted.

    challengeData

    object

    Contains data related to the challenge flow if the issuer requires step-up authentication.

    acsUrl uri

    The URL of the Access Control Server (ACS) for executing the challenge flow.

    cReq string

    The encoded CReq (Challenge Request) payload sent to the ACS for initiating the challenge.

    redirectHtml html

    HTML used to render and submit the CReq form inside an iframe for challenge completion.

    acsEci string

    Possible values: <= 2 characters

    Electronic Commerce Indicator (ECI) value returned by the ACS. Indicates the outcome of authentication.

    authenticationToken string

    Possible values: <= 64 characters

    Authentication token to be submitted for subsequent MIT payments or storing card data.

    transactionId uuid

    Unique transaction identifier generated by the 3DS provider for tracking this session.

    3dsServerTransactionId uuid

    Identifier generated by the 3DS Server for this authentication session.

    acsTransactionId uuid

    Unique transaction ID assigned by the ACS to this session.

    directoryServerId string

    Possible values: <= 20 characters

    Identifier for the directory server used in the 3DS process (e.g., Visa, Mastercard, etc.).

    dsTransactionId uuid

    Unique transaction ID assigned by the Directory Server.

    methodCompleted boolean

    Indicates whether the 3DS method call has been completed.

    methodSupported string

    Possible values: [SUPPORTED, NOT_SUPPORTED]

    Indicates whether the 3DS method is supported by the cardholder's issuing bank.

    protocolVersion string

    Possible values: [2.1.0, 2.2.0]

    Version of the 3DS protocol used during the authentication process.

    requestorId string

    Possible values: <= 64 characters

    The identifier of the requesting party (e.g., the merchant or PSP).

    requestorName string

    Possible values: <= 255 characters

    The name of the requesting party.

    transactionStatus string

    Possible values: [Y, N, U, A, R]

    Final status of the 3DS transaction:

    • Y: Authentication/Account verification successful
    • N: Not authenticated / Account not verified / Transaction denied
    • U: Authentication could not be performed
    • A: Attempts processing performed
    • R: Authentication/Account verification rejected

    device

    object

    Metadata about the device and browser used for the authentication.

    browser string

    Possible values: <= 512 characters

    User-agent string of the customer's browser.

    browserDetails

    object

    Technical attributes and capabilities of the customer's browser.

    acceptHeaders string

    Possible values: <= 256 characters

    The Accept HTTP headers sent by the browser.

    colorDepth integer

    Color depth of the browser's screen in bits.

    javaEnabled boolean

    Indicates whether Java is enabled in the browser.

    javaScriptEnabled boolean

    Indicates whether JavaScript is enabled in the browser.

    language string

    Possible values: <= 8 characters

    Language setting of the browser (e.g., 'en', 'de').

    screenHeight integer

    Height of the user's screen in pixels.

    screenWidth integer

    Width of the user's screen in pixels.

    3DSecureChallengeWindowSize string

    Possible values: [250x400, 390x400, 500x600, 600x400, FULL_SCREEN]

    Preferred window size for the 3DS challenge iframe display.

    ipAddress ipv4

    IP address of the customer’s device.

Loading...
 Imprint
|
Data protection and privacy
© 2025 J.P. Morgan Mobility Payments Systems GmbH. All rights reserved.