Issuer Token 3DS
The 3DS issuer token object
Use this route to get the 3DS issuer token after creating a charge using a transaction token with the payment type card or when creating a recurring transaction token.
Conditions for triggering 3DS
3DS can only be triggered only if your merchant account has the required configuration. If you are unsure whether your account has 3DS configured, please contact the support team.
Transaction Tokens
1. Transaction token type is recurring
2. data.three_ds.enabled is true and data.three_ds.status is pending in the transaction token create response
3. Poll the transaction token object every 1s exponentially until data.three_ds.status is awaiting.
4. Fetch the 3DS issuer token object
Charges
1. Transaction token payment_type is card
2. three_ds_mode in charge create response is either normal or force
3. Poll the charge object every 1s exponentially until status is awaiting.
4. Fetch the 3DS issuer token object
After retrieving the data, please either redirect the client or open an iframe with the URL specified in issuer_token with the HTTP method specified in call_method, including in the body the contents of payload formatted with the defined content_type.
When redirecting the client, ensure that the relevant redirect endpoint is registered in the transaction token (data.three_ds.redirect_endpoint) or charge create request (redirect_three_ds.endpoint). Confirm upon receiving the response that the data.three_ds.redirect_id/redirect_three_ds.redirect_id is populated to ensure your redirect has been registered. Please ensure that when the client is redirected back, that a mechanism exists for identifying the correct transaction being processed on your application. The id of the transaction token or charge will be included, along with the metadata to the redirect endpoint.
When opening an iframe, continue to poll the transaction token/charge object in the background every 3s until the status reaches a terminal state: successful, failed, error. The iframe may be closed once the condition is met and subsequent payment flow may be executed.
| Fields | |
| payment_type | string See payment methods. Currently only supports card. |
| issuer_token | string The 3DS authentication URL for execution by the client. |
| payload | object Contains a UTF-8 encoded JSON object that includes the necessary data to be sent in the body of POST requests. Please convert the JSON object into the correct content type and charset expected by the issuer endpoint. |
| content_type | string The content type of the payload expected by the issuer endpoint. E.g. Given a payload {"foo": "bar", "space": "cats"}For: application/x-www-form-urlencodedfoo=bar&space=cats |
| call_method | string The execution method by the client. Currently only supports http_post |
Request (Transaction Token)
GET https://api.univapay.com/stores/{storeId}/tokens/{tokenId}/three_ds/issuer_tokenRequest (Charge)
GET https://api.univapay.com/stores/{storeId}/charges/{chargeId}/three_ds/issuer_tokenHeaders:
Content-Type: application/jsonAuthorization: Bearer {jwt}
Response
Code: 200
Headers:
Content-Type: application/json
Body (online):
{
"issuer_token": "http://test.com/action",
"call_method": "http_post",
"payload": {
"test_parameter": "test_value"
}
"payment_type": "card",
"content_type": "application/x-www-form-urlencoded; charset=UTF-8"
}Response data for the given example could be used to create an HTML form like:
<FORM METHOD="POST" ACTION="http://test.com/action">
<INPUT TYPE="HIDDEN" NAME="test_parameter" VALUE="test_value">
</FORM>