Gather the required data before proceeding with the full 3DS authentication and transaction processing.
Use this request to pre-initiate an integrated 3D Secure authentication request for a transaction using card details.
{
"amount": {
"transactionValue": 29.99,
"currencyCode": "EUR"
},
"fingerprintCallbackUrl": "https://example-merchant.com/3ds-fingerprint-callback",
"providerId": "provider_123456",
"requestorAuthenticationIndicator": "01",
"site": "merchant_site_001",
"card": {
"primaryAccountNumber": "4111111111111111",
"cardHolderName": "John Doe",
"expiryMonth": 3,
"expiryYear": 2025,
"cardVerificationCode": "123"
}
}| Parameter | Description |
|---|---|
amountobject | Details about the authenticated transaction's amount. |
amount.transactionValuenumber required | The amount of the authenticated transaction. Numbers after the decimal will be zero padded if they're less than the expected currencyCode exponent. |
amount.currencyCodestring required | The three-character currency code conforming to ISO 4217 standard. |
fingerprintCallbackUrlstring required | The fingerprint callback URL. |
providerIdstring (≤ 36 characters) | The unique identifier for the provider that will process the transaction. This field is optional. |
intentstring | The intent of the authentication request. This field is conditionally required: it's required if providerId isn't sent, otherwise it's optional. It makes sense to authenticate transactions with the following intents: Purchase, Authorisation, EstimatedAuthorisation, Verification.Possible values:
|
requestorAuthenticationIndicatorstring | The indicator specifying the type of authentication request. Possible values:
|
sitestring (≤ 10 characters) required | The site identifier. |
cardobject required | Details about the card. |
card.primaryAccountNumberstring (13-19 characters) required | The payment card number. |
card.cardHolderNamestring (2-45 characters) | The full name on the card. This field is optional. |
card.expiryMonthinteger (1-12) required | The card expiry month. |
card.expiryYearinteger (2000-9999) required | The card expiry year. |
card.cardVerificationCodestring | The card's 3 or 4 digit security code (CVC/CVV). |
If your request is successful, you'll receive a 200 response.
{
"authenticationId": "550e8400-e29b-41d4-a716-446655440000",
"state": "PendingClientData",
"scaMandated": true,
"applicableExemptions": "LVP",
"threeDSecureVersion": "2.1.0",
"threeDSecureFingerprintUrl": "https://example.com/3ds-method",
"threeDSecureFingerprintData": "eyJ0aHJlZERTU2VjdXJlTWV0aG9kRGF0YSI6IlhYWiJ9",
"threeDSecureSupported": true,
"recommendedChallengeIndicator": "02"
}| Parameter | Description |
|---|---|
authenticationIdstring (GUID) | The unique reference provided by PXP for the authentication request. |
statestring | The current state of the authentication request. Possible values:
|
scaMandatedboolean | Whether Strong Customer Authentication (SCA) is mandated for this transaction. |
applicableExemptionsstring or null | The exemptions that apply to the transaction from SCA requirements. Possible values:
|
threeDSecureVersionstring | The version of the 3D Secure protocol being used (e.g., 2.1.0). |
threeDSecureFingerprintUrlstring | The URL to which the 3D Secure method data should be sent. |
threeDSecureFingerprintDatastring | The data required for the 3D Secure method. Typically, this is a base64 encoded string. |
threeDSecureSupportedboolean | Whether 3D Secure authentication is supported for this transaction. |
recommendedChallengeIndicatorstring or null | The recommended challenge indicator. Possible values:
|