Initiate a token transaction

POST

/v1/transactions

Request examples

Use the following request to initiate a scheme token transaction with a token cryptogram. For a full list of possible parameters, see the API reference.

{
  "merchant": "MERCHANT-1",
  "site": "SITE-1",
  "merchantTransactionId": "ECOM_001",
  "merchantTransactionDate": "2025-01-27 08:51:02.826445+00:00",
  "transactionMethod": {
    "intent": "Authorisation",
    "entryType": "Ecom",
    "fundingType": "Card"
  },
  "amounts": {
    "transaction": 20,
    "currencyCode": "GBP"
  },
  "fundingData": {
    "card": {
      "schemeTokenNumber": "4837261112345678",
      "expiryMonth": "03",
      "expiryYear": "2025",
      "schemeTokenCryptogram": "AAEBAwQjSQAAXXXXXXXJYe0BbQA=",
      "cardScheme": "Visa"
    }
  },
  "threeDSecureData": {
    "cardHolderAuthenticationVerificationValue": "MjAwNjI0MDkwMTEwMjA4NjU0MTY=",
    "directoryServerTransactionId": "f25084f0-5b16-4c0a-ae5d-b24808a95e4b",
    "electronicCommerceIndicator": "07",
    "threeDSecureVersion": "2.1.0",
    "threeDSecureTransactionStatus": "Y"
  }
}

Parameter	Description
`merchant` string (≤ 20 characters) required	Your unique merchant identifier, as assigned by PXP.
`site` string (≤ 20 characters) required	Your unique site identifier, as assigned by PXP.
`merchantTransactionId` string (≤ 50 characters) required	A unique identifier for this transaction.
`merchantTransactionDate` date-time required	The date and time when the transaction happened, in ISO 8601 format.
`transactionMethod` object required	Details about the transaction method.
`transactionMethod.entryType` string required	The entry type. For e-commerce transactions, this is always `Ecom`.
`transactionMethod.fundingType` string required	The funding type. For card transactions, this is always `Card`.
`transactionMethod.intent` string required	The payment intent. Learn more about intents. Possible values: `Authorisation` `EstimatedAuthorisation` `Purchase` `Payout` `Refund`
`amounts` object required	Details about the transaction amount.
`amounts.transaction` number	The transaction amount. The numbers after the decimal will be zero padded if they are less than the expected `currencyCode` exponent. For example, GBP 1.1 = GBP 1.10, EUR 1 = EUR 1.00, or BHD 1.3 = 1.300. The transaction will be rejected if numbers after the decimal are greater than the expected `currencyCode` exponent (e.g., GBP 1.234), or if a decimal is supplied when the `currencyCode` of the exponent does not require it (e.g., JPY 1.0).
`amounts.currencyCode` string (1-3 characters) required	The currency code associated with the transaction, in ISO 4217 format.
`fundingData` object required	Details about the payment method used for the transaction.
`fundingData.card` object	Details about the card.
`fundingData.card.schemeTokenNumber` string required	A scheme token issued by Visa or Mastercard, used for subsequent transaction processing. This token enhances security and facilitates recurring transactions, providing a secure and efficient alternative to sharing sensitive card details.
`fundingData.card.expiryMonth` string (2 characters) required	The expiry month (`MM`) of the card.
`fundingData.card.expiryYear` string (4 characters) required	The expiry year (`YYYY`) of the card.
`fundingData.card.cardScheme` string required	The payment card's scheme, which indicates the network through which the card transactions are processed.
`fundingData.card.schemeTokenCryptogram` string required	A unique cryptogram generated during the tokenisation process, used to enhance the security of transaction processing. This cryptogram acts as a secure and unique identifier, akin to the token authentication verification value (TAVV), ensuring that each transaction is authenticated and verified without directly using sensitive card details. It plays a crucial role in the secure electronic payment ecosystem, especially in tokenised transactions, by providing an additional layer of security and authentication.
`threeDSecureData` object	Details about the 3DS data.
`threeDSecureData.cardHolderAuthenticationVerificationValue` string	The Cardholder Authentication Verification Value (CAVV) is generated by the card issuer as part of the 3D Secure authentication process for Visa transactions. It indicates that the cardholder has been authenticated, and it should be appended to the authorisation request.
`threeDSecureData.directoryServerTransactionId` string	The 3DS 2.0 transaction identifier returned by the card issuer, unique to each authentication attempt.
`threeDSecureData.electronicCommerceIndicator` string	The Electronic Commerce Indicator (ECI) specifies the security level of an online transaction and the authentication outcome, crucial for determining liability in the event of a dispute. Possible values: `01`: Transaction processed with SSL or equivalent but without cardholder authentication (considered less secure, higher risk). `02`: Transaction processed with cardholder authentication (e.g., 3D Secure), indicating a higher level of security. `05`: Transaction processed with 3D Secure authentication, cardholder authenticated successfully (high security). `06`: Transaction attempted 3D Secure authentication but could not be completed; cardholder not authenticated (medium security). `07`: Transaction processed without 3D Secure authentication, due to issuer or cardholder not participating in 3D Secure (considered less secure, higher risk).
`threeDSecureData.threeDSecureVersion` string	The version of the 3D Secure protocol used for the transaction's authentication, as returned by the Payment Service Provider (PSP)'s 3D Secure service. This indicates the specific set of 3D Secure features and security measures applied.
`threeDSecureData.threeDSecureTransactionStatus` string	The status of the transaction after being authenticated using the 3D Secure protocol, as provided by the Payment Service Provider (PSP). This indicates the result of the 3D Secure authentication process.

Response example

If your request is successful, you'll receive a 200 response that includes the transaction's state. You'll also receive a Transaction (Card Authorised) webhook notification.

{
  "state": "Authorised",
  "stateData": {},
  "approvalCode": "373356",
  "merchantTransactionDate": "2025-04-03T09:24:03",
  "merchantTransactionId": "3f43ffba-3480-4a4a-8a02-922c22fd7615",
  "systemTransactionId": "8d615218-63de-4f41-b574-01868296335f",
  "fundingData": {
    "cardScheme": "MasterCard",
    "expiryMonth": null,
    "expiryYear": null,
    "providerResponse": {
      "provider": "pxpfinancial",
      "code": "00",
      "emvDataResponse": {},
      "paymentAccountReference": "637607302178175469",
      "electronicCommerceIndicatorAdjustment": "07",
      "merchantAdvice": {},
      "authorisedAmount": 20,
      "settlementDate": "2025-04-04T00:00:00"
    },
    "processorTransactionId": "6fcde524-3194-4676-9a32-1f329d3d7883"
  }
}