Menu

Authorization

Info

This transaction type is available for: Cards.

Opt for the authorised flow when you wish to charge the customer (fully or partially) only upon the delivery or provision of goods and services. This approach ensures that payments are processed in sync with the fulfilment of orders.

This flow resembles the “one-time purchase” flow, omitting the additional step of capturing the customer’s payment for the goods or services provided.

Before you start

Create the order with the required data and ensure the following information:

  • Include the payment type, amount, currency, and allowed payment methods.
  • If only card payment is required, include only “CARD” in the transaction.paymentMethod list.
  • Verify that the transaction.paymentType has the value “AUTH”.
Run in Postman

Generate the transaction

Note that the following request needs an Authorisation Header with the transactionSignature returned from checkout operation.

In this request, the Bearer Token is replaced by the checkout response transactionSignature.

Path id

string

Mandatory

An element to query transaction status by Transaction Id.

Show more
Header parameters
Content-type

string

Mandatory

application/json

Show more
Authorization

string

Mandatory

Bearer Token. Based on OAuth2 authentication performed in a pre-step.

Show more
x-ibm-client-id

string

Mandatory

Token that identifies a client organization. It is provided during onboarding process and must be used in every call.

Show more
Request parameters
cardInfo

object

Mandatory

Object that defines the payment operation request fields.

Show more
PAN

string <= 40 characters

Optional

The Primary Account Number (credit card number).

Show more
secureCode

string <= 40 characters

Optional

The security code (CVV/CVC) associated with the credit card.

Show more
validationDate

ISODateTime

Mandatory

The expiration date of the credit card.

Show more
cardholderName

string

Mandatory

The name of the cardholder as it appears on the credit card.

Show more
createToken

boolean

Mandatory

A flag indicating whether to create a token for future use or not (true/false).

Show more
Here’s an example:
Run in Postman
{
    "cardInfo": {
        "PAN": "5236410030000927",
        "secureCode": "776",
        "validationDate": "2026-05-26T00:00:00.000Z",
        "cardholderName": "Jane Smith",
        "createToken": false
    }
}
Expected Response:

A successful technical response comprises of an HTTP-200 status and a returnStatus.statusCode=”000″.

The paymentStatus in the response informs on whether the transaction itself was accepted, declined, still pending a final result, or requiring additional action to be taken.

  • Success: The authorisation has been processed successfully and the customer funds have been validated.
  • Declined: The authorisation has been declined.
  • Pending: The final result of the authorisation is not yet known. You will need to inquiry on the status of this transaction until it reaches a final state, or you decide to cancel it.
  • Partial: The authorisation is partially accepted, but requires additional actions to the completed (e.g. 3D-Secure authentication). The actionResponse element is provided for instructions on how to proceed.

On this page: