Authorize a transaction
Start testing transactions.
At this point, the following steps should be complete:
- Generate your API keys
- Generate a swipe processor key
- Create an issuer
- Create a card program
- Create a line of credit program
- Create a customer
- Create a line of credit account
- Create a card
Next up, start testing your progress by authorizing transactions.
1. Authorize a transaction
The following request is used to authorize a transaction. Before diving into the details of the request, there are a few things to note.
This request uses a special set of headers:
x-user-id
: This is the user ID associated with your Secure Payments account.x-signature
: This header uses the swipe processor token from your account and a pre-request script to create anHMAC-SHA-512
hash signature.x-request-id
: This is a randomly generated GUID that represents the request to create a swipe.
The payload of this request requires a random, unique transaction ID. This ID is used as a value within the "swipe_id"
field and is used to identify the transaction.
We've written a pre-request script to help you get this request working in your own workspace:
// Generate and set variables used in the headers and payload of the request:
let uuid = require('uuid');
pm.collectionVariables.set('swipe-id', uuid.v4());
const message = pm.request.body.raw.replace('{{swipe-id}}', pm.collectionVariables.get('swipe-id'))
.replace('{{card-uuid}}', pm.collectionVariables.get('card-uuid'));
var hashHmacSHA512 = CryptoJS.HmacSHA512(message, pm.collectionVariables.get('swipe-processor-token')).toString();
pm.collectionVariables.set('signature', hashHmacSHA512);
Copy the script above and paste it into the Pre-request script section of your request. The script will automatically generate some of the headers you'll need for this request; however, it will require a little bit of work on your end. You'll need to set some collection-level variables that represent card-uuid
, swipe-id
, and swipe-processor-token
to get this script to work.
With the pre-request script configured, the following request is sent to authorize a transaction. Note that the following variables from previous steps are used within the payload of this request:
{card-uuid}
: the UUID of the card used to authorize the transaction
curl --request POST \
--url https://swipes.loanpro.io/byoi/create \
--header 'x-request-id: {x-request-id}' \
--header 'x-signature: {x-signature}' \
--header 'x-user-id: {x-user-id}' \
--data '
{
"swipe-id": "{swipe-id}",
"card-uuid": "{card-uuid}",
"amount": 24.97,
"merchant-descriptor": "Target",
"issuer-decline?": false,
"authorization-advice?": false,
"preauthorization?": false,
"force-clearing?": false,
"cash-advance?": false,
"credit-authorization?": false,
"sma?": false
}
'
You’ll notice the above example has seven payload parameters that use false
as a value. These fields are swipe flags, and they’re used to determine how a swipe is handled by LoanPro and Secure Payments. When attempting a test DMS authorization, these fields are all set to false
.
A successful authorization will result in the following response structure:
{
"approved?": true,
"status": "pending",
"reason": null,
"swipe": {
"status": "pending",
"swipe": {
"card-present": "true",
"cardholder-verified": "Yes",
"amount": 24.97,
"swipe-id": "710c9cd2-33e9-4652-8d47-aca02b482234",
"sma": false,
"authorization-tolerance": 0,
"cvv3": "None",
"authorized-amount": 24.97,
"acquisition-method": "EMV Terminal",
"updated": "2023-09-08T16:44:49Z",
"ecommerce": "false",
"network-merchant-id": "12sdf12fd",
"offline-pin": "None",
"card-uuid": "54e7a88f-5c8b-464b-abc5-fe9f20d7a436",
"network-tx-id": "456df456fd",
"arqc": "Validated",
"created": "2023-09-08T16:44:49Z",
"3ds": "None",
"pin": "None",
"issuer-decline": false,
"status": "pending",
"emv-terminal": "True",
"credit-authorization": false,
"issuer": {
"transaction-id": "4455",
"decline-reason": "None"
},
"force-clearing": false,
"preauthorization": false,
"network-risk-score": 0,
"network": "Visa",
"transaction-fee-amount": 0,
"merchant": {
"address": "2236 S 1300 E Ste D",
"descriptor": "Target #9960",
"name": "Target",
"city": "Salt Lake City",
"mcc": 5411,
"longitude": -111.8560587,
"state": "UT",
"postal-code": "84106",
"currency": {
"requested-amount": 24.97,
"currency": "USD",
"conversion-rate": 1
},
"id": "01H9TTX4VMBWVTPGENQ1R90KYD",
"latitude": 40.722187,
"country": "USA"
},
"cardholder-verification-method": "CVV2",
"metadata": "Some metadata",
"avs-result": "Passed",
"cvv2": "Validated",
"requested-amount": 24.97,
"authorization-advice": false,
"cash-advance": false,
"cvv1": "None"
}
}
}
This response includes the transaction information and its approval status. There are four fields within the response payload to pay close attention to:
"approved?"
: boolean value that provides the approval status of the transaction"status"
: string value that provides the status of the transaction"reason"
: string value that provides a description of why the transaction was approved or denied“swipe-id”
: the ID of the swipe- Store this ID, as it will be used in follow-up requests to update a transaction.
These fields provide information regarding the result of the transaction, as decided by Secure Payments.
- If a transaction is approved, the
"approved?"
field is returned astrue
and a transaction status is provided. - If a transaction is denied,
"approved?"
is returned asfalse
, a transaction status is provided, and a reason for the denial is also listed.
This transaction was approved and moved to a pending status as it awaits a clearing or void event. However, transactions can be denied for several reasons:
Reason | Message | Description |
---|---|---|
Issuer Decline | “Issuer Decline - [decline reason]” | This occurs when the card issuer automatically declines the transaction before it reaches Adaptive Wallet. |
Restricted Card Status | “Swipe authorization restricted by Card Status - Card Status: [blocking card status reason]” | This occurs when the card has any status other than an active status. |
Insufficient Available Balance | “Insufficient Available Balance” | This occurs when the line of credit account associated with the card has an insufficient available balance. |
Insufficient Available Advance Balance | “Insufficient Available Advance Balance” | This occurs when the line of credit account associated with the card has an insufficient available advance balance. |
Swipe Restricted | “Swipe restricted due to [attribute of swipe that did not pass restriction logic]”, Swipe Restriction ID: [ID of card’s swipe restriction]” | This occurs when a transaction’s attribute does not pass the Swipe Restriction rules set via the Card Program. |
Spend Limit Exceeded | “Swipe exceeds card’s Spend Limit” | This occurs when the transaction amount exceeds the card’s determined spend limit. |
Updated 3 days ago