Create 3DS authenticated payment
This API method creates a payment authorization directly, without the need of using the SmartPay widget. The payment is based on the assumption that the payment option and authentication details have already been collected by the merchant.
important
This endpoint contains PCI data and requires forwarding through /forwarding/tokenize
.
Example
Request
Path:
POST {baseUrl}/payment/authorize
Header:
Content-Type: application/json
Accept-Language: en-US
X-Pcp-Url: {baseUrl}/payment/authorize
X-Pcp-Authorization: {{pci_base64_public_private}}
Authorization: Basic M2lwN2Yx...OGU3Mg==
{
"payment": {
"description": "OEM APIs Test",
"amount": 49.99,
"currencyCode": "EUR"
},
"billingAddress": {
"addressLine1": "Max-Planck-Straße",
"number": "30",
"city": "Berlin",
"postCode": "14473",
"countryCode": "DE"
},
"consumer": {
"merchantCustomerId": "ID-",
"firstName": "John",
"lastName": "Doe",
"middleName": "Robert",
"emailAddress": "test@test.de",
"title": "Mr",
"culture": "en-EN",
"timezone": "CET",
"dateOfBirth": "1982-03-03",
"gender": "Mr",
"mobilePhone": "496912345678",
"homePhone": "496912345678",
"workPhone": "496912345678",
"taxId": "123456789"
},
"partnerReference": "9AS9EdK1ySZL5E1bbG",
"shippingAddress": {
"addressLine1": "Max-Planck-Straße",
"number": "30",
"city": "Berlin",
"postCode": "14473",
"countryCode": "DE"
},
"paymentOption": {
"card": {
"cardDetails": {
"cardHolder": "JOHN DOE",
"cardToken": "5123450000000008",
"cvvToken": "123",
"cardExpiryMonth": "09",
"cardExpiryYear": "2029",
"cardBrand": "MSTRCRD"
},
"3ds": {
"3ds2": {
"acsEci": "02",
"authenticationToken": "kHyn+7YFi1EUAREAAAAvNUe6Hv8=",
"transactionStatus": "Y",
"protocolVersion": "2.1.0",
"dsTransactionId": "68f92ff6-c417-40df-bfaf-6518c43f40fb",
"acsTransactionId": "0571d1c1-df05-4a6b-83c9-b6d1617a64f6"
}
}
}
}
}
API Parameters:
Name | Description | Type | Required |
---|---|---|---|
Payment | Please refer to Data Model - Payment. | Object | Yes |
billingAddress | Please refer to Data Model - Address. | Object | Yes |
Consumer | Please refer to Data Model - Consumer. | Object | Yes |
partnerReference | Partner service call identifier. | String | Yes |
shippingAddress | Please refer to Data Model - Address. | Object | Yes |
paymentOption | Payment option details object to be provided to SmartPay. | Object | Yes |
- card | Object | Yes | |
- - cardDetails | Object | Yes | |
- - - cardHolder | Credit card holder name. | String | Yes |
- - - cardToken | PAN token. | String | Yes |
- - - cvvToken | CVV token. | String | No |
- - - cardExpiryMonth | Credit card expiration month in format "MM". | Numeric | Yes |
- - - cardExpiryYear | Credit card expiration year in format "YYYY". | Numeric | Yes |
- - - cardBrand | Card brand code. Please refer to Data Model - Payment Options. | String | Yes |
- - 3ds2 | Object | Yes | |
- - - ascEci | Indicates the security level of the transaction. | String | Yes |
- - - authenticationToken | The 3D secure CAVV or AAV. Must be Base64 encoded. | String | Yes |
- - - transactionStatus | Indicates the result of payer authentication with the issuer. - N: Transaction did not qualify as an authenticated transaction or account verification. - Y: The transaction qualified as an authenticated transaction. - C: 3DS version 2.2.0 only. Transaction requires a challenge. - R: 3DS version 2.2.0 only. A challenge is recommended for the transaction. - U: 3DS version 2.2.0 only. The transaction is unavailable for authentication. - A: 3DS version 2.2.0 only. The transaction is authenticated with a frictionless flow. | String | Yes |
- - - protocolVersion | The version of the EMV 3-D Secure protocol used to perform 3-D Secure authentication, in the format specified by EMVCo. | String | Yes |
- - - dsTransactionId | A unique transaction identifier assigned by the scheme Directory Server to identify the 3DS transaction. | String | Yes |
- - - acsTransactionId | A unique transaction identifier assigned by the Access Control Server to identify the 3DS transaction. | String | Yes |
Response
Status Code:
201 (3DS authenticated payment successfully created)
Header:
Content-Type: application/json
Accept-Language: en-US
{
"partnerReference": "SOwS1Ir7UluDoJJF0p",
"description": "OEM APIs Test",
"paymentStatus": "CAPTURED",
"creationDate": "2024-03-28T10:02:43.272Z",
"lastStatusDate": "2024-03-28T10:02:47.507Z",
"transactionOverview": {
"transactionId": "a7dd1c65-847e-4b4f-8284-5ed7bed2c84b",
"paymentMethod": "CARDS",
"amount": 49.99,
"currencyCode": "EUR"
},
"reconciliationReferenceId": "SdsEh9hCGI434teXG3abz",
"modificationId": "a7dd1c65-847e-4b4f-8284-5ed7bed2c84b"
}
API Parameters:
Name | Description | Type |
---|---|---|
partnerReference | Transaction identifier provided by the merchant. | String |
description | Transaction description. | String |
paymentStatus | Current status of the initial transaction: - CREATED, - CAPTURED, - AUTHORIZATION_PENDING, - AUTHORIZATION_COMPLETED, - FAILED, - CAPTURE_PENDING, - CANCELLATION_PENDING, - EXPIRED, - CANCELLED. | String |
creationDate | Transaction creation date and time. | String |
lastStatusDate | Transaction status changing date and time. | String |
transactionOverview | Details of the transaction. | Object |
reconciliationReferenceId | External provider unique transaction identifier. | String |
modificationId | Merchant unique request identifier. | String |