Search

Are you looking for test card numbers?

Would you like to contact support?

Online-payment icon

Pre-authorisation and authorisation adjustment

Pre-authorise a payment, adjust the authorised amount, and capture the payment.

In a basic payment flow, the payable amount from your payment request is authorised and then captured. But sometimes you may want to change the amount or extend the length of the authorisation. You can enable this using the authorisation type pre-authorisation with your payment request. In this payment flow you can increase or decrease the authorised amount at a later stage, and then capture the payment. We refer to these changes to a pre-authorised payment as authorisation adjustments.

Authorisation adjustment is currently available for Discover, Mastercard, Visa, and American Express. Support is ultimately up to the issuer. See Availability for more information.

Use cases

There are several use cases for adjusting an authorisation:

  • Hospitality. For example, in a hotel:

    1. At the checkout page of the hotel's website or app, the hotel pre-authorises payment of the room that the guest booked. At the same time, the hotel stores the shopper's payment information, to be able to apply late charges when necessary.
    2. During their stay, the guest incurs expenses at the hotel facilities. The hotel adds these expenses to the pre-authorised amount by adjusting the authorisation.
    3. When the guest checks out, the hotel captures the final amount, or cancels the payment if the guest prefers to settle their bill with a different payment method.
    4. If necessary, the hotel charges the guest after they have left, using the shopper's stored payment details for a new payment.
  • Pre-ordering items. For example, a shopper pre-orders a video game that will be released three months later. The video game seller authorises the payment, but as they can only ship the product three months later, they need to extend the authorisation validity.

Authorisation types

For some card schemes, you can set card payment requests to be handled as either a pre-authorisation or a final authorisation.

  • Pre-authorisation: This is intended for use cases as described above, when you don't yet know the amount to be captured. It allows you to increase or decrease the initially authorised amount at a later point in time using the /adjustAuthorisation endpoint.
  • Final authorisation: Use this when the final amount is agreed up front and the transaction will definitely be captured in full. It's not possible to adjust the authorised amount.

By default, Adyen handles all card payment requests as final authorisations.

To set an authorisation type, you can either:

  • Define the default authorisation type at the merchant account level for all card transactions. See Configure your account.
  • Manually specify the authorisation type (PreAuth or FinalAuth) in each payment request. See Pre-authorise a payment.

Asynchronous or synchronous adjustment

There are two ways to implement pre-authorisation:

  • With asynchronous authorisation adjustment, you refer to a payment using the PSP reference that you received in the response to your pre-authorisation request. In each authorisation adjustment request as well as in the final capture request, you only need to specify this first PSP reference.

    Asynchronous adjustment is easier to implement, but it is not immediately clear if the adjustment succeeded. You need to set up webhook notifications to receive updates and to know if the final amount was authorised before you capture the payment.

  • With synchronous authorisation adjustment, you pass an adjustAuthorisationData blob from one authorisation adjustment to the next, to enable us to keep track of the latest amount. You receive the first blob in the response to your pre-authorisation request. In your first authorisation adjustment request, you specify the blob you received for the pre-authorisation, and you receive a new blob in the response. In your next adjustment, you specify the blob that you received in the response for the previous adjustment, and so on.

    Synchronous adjustment requires an additional step to implement, because you need to keep track of the latest blob to submit it in the subsequent adjust authorisation request. The advantage is that you receive the adjustment result synchronously. In this way you immediately know if the final amount was authorised before you capture the payment.

    If at some stage you fail to pass the blob, the flow falls back to asynchronous adjustment and it is no longer possible to return to synchronous adjustment for that payment.

Before you begin

Before you configure and use pre-authorisation:

  1. Make sure that you have built an integration that can make a payment.
  2. Set up webhook notifications. You'll need to rely on notifications to know whether the capture succeeded. If you use asynchronous authorisation adjustment, you'll also need to rely on notifications for the authorisation adjustment result.

You also need to implement logic on your end, for example to decide when to use the pre-authorisation flow, and to calculate the amount when you make an authorisation adjustment.

(Optional) Configure your account

There are two aspects of your account that you may want to configure for pre-authorisation and authorisation adjustment:

  • Synchronous authorisation adjustment: To receive the initial adjustAuthorisationData blob with your pre-authorisation request and to subsequently receive the authorisation adjustment results synchronously, ask our Support Team to enable this.

  • Default authorisation type: If you only do pre-authorisation payment requests, you can ask our Support Team to set your default authorisation type to PreAuth so that you don't have to specify it in your payment requests.

    If you want to do both pre-authorisation payment requests and regular payment requests, we recommend you specify the authorisation type in all payment requests. Pre-authorised transactions incur scheme fees.

Step 1: Pre-authorise a payment

  1. Make a payment request, and additionally specify:

    • additionalData.authorisationType: PreAuth
    {
       "reference":"YOUR_ORDER_NUMBER",
       "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
       "paymentMethod": {
          "type": "scheme",
          "number":"4111111111111111",
          "cvc":"737",
          "expiryMonth":"10",
          "expiryYear":"2020",
          "holderName":"John Smith"
       },
       "amount":{
          "currency":"EUR",
          "value":1500
       },
       "additionalData":{
          "authorisationType":"PreAuth"
       }
    }
    {
      "pspReference": "8884689190961333",
      "resultCode": "Authorised"
    }
  2. Store the pspReference from the response for later use when adjusting the authorisation or capturing the payment.

Step 2: (Optional) Modify the authorisation

You can't make a zero-value authorisation when you adjust an authorisation.

Adjust the pre-authorisation amount

To modify the pre-authorised amount, make an authorisation adjustment request.

  1. Make a POST request to the /adjustAuthorisation endpoint, specifying:

    Parameter Required Description
    originalReference -white_check_mark- The pspReference of the pre-authorisation request. You received this in the response to your pre-authorisation request.
    modificationAmount -white_check_mark- The currency and value of the new amount in minor units. This is the sum of the pre-authorised amount and the additional amount.
    If this is not the first authorisation adjustment, it's the sum of the pre-authorised amount plus all additional amounts.
    additionalData.industryUsage DelayedCharge
    reference Your reference to this payment modification, for use in your reconciliation process.
    merchantAccount -white_check_mark- The name of your merchant account that is used to process the payment.

    The following example shows how you would add a charge of 64.15 EUR to a pre-authorised amount of 150.00 EUR.

    Asynchronous authorisation adjustment request
    {
        "originalReference":"8815754678001083",
        "modificationAmount": {
            "currency":"EUR",
            "value":21415
        },
        "additionalData":{
            "industryUsage":"DelayedCharge"
        },
        "reference":"YOUR_MODIFICATION_REFERENCE",
        "merchantAccount":"YOUR_MERCHANT_ACCOUNT"
    }

    The /adjustAuthorisation response contains:

    • pspReference: The PSP reference associated with this /adjustAuthorisation request. Note that this is different from the PSP reference associated with the pre-authorisation request.
    • response: [adjustAuthorisation-received]
    Asynchronous authorisation adjustment response
    {
      "pspReference": "881576235454101H",
      "response": "[adjustAuthorisation-received]"
    }
  2. Wait for the asynchronous notification. This informs you whether the new amount has been authorised.
  1. Make a POST request to the /adjustAuthorisation endpoint, specifying:

    Parameter Required Description
    originalReference -white_check_mark- The pspReference of the pre-authorisation request. You received this in the response to your pre-authorisation request.
    modificationAmount -white_check_mark- The currency and value of the new amount in minor units. This is the sum of the pre-authorised amount and the additional amount.
    If this is not the first authorisation adjustment, it's the sum of the pre-authorised amount plus all additional amounts.
    additionalData.adjustAuthorisationData The previous adjustAuthorisationData blob.
    For the first adjustment, that's the blob you received in the response to the pre-authorisation request. You may need to URL-decode that before you can use it.
    For the second adjustment, it's the blob you received in the response to the first adjustment, and so on. The blob you receive for an authorisation adjustment is not URL-encoded, so you don't need to decode it before you can use it.
    Always use the latest blob.
    reference Your reference to this payment modification, for use in your reconciliation process.
    merchantAccount -white_check_mark- The name of your merchant account that is used to process the payment.

    The following examples shows how you would add a charge of 64.15 EUR to a pre-authorised amount of 150.00 EUR.

    Synchronous authorisation adjustment request
    {
        "originalReference":"8815754678001083",
        "modificationAmount": {
            "currency":"EUR",
            "value":21415
        },
        "reference":"YOUR_MODIFICATION_REFERENCE",
        "additionalData":{
            "adjustAuthorisationData":"BQABAQA+fbc==..."
        },
        "merchantAccount":"YOUR_MERCHANT_ACCOUNT"
    }

    The /adjustAuthorisation response contains:

    • additionalData.adjustAuthorisationData: The new blob, for the new authorised amount. This blob is not URL-encoded.
    • merchantReference: Your reference to this payment modification, for use in your reconciliation process.
    • pspReference: The PSP reference associated with this /adjustAuthorisation request. Note that this is different from the PSP reference associated with the pre-authorisation request.
    • response: Authorised. Indicates the new amount is authorised.
    Synchronous authorisation adjustment response
    {
        "additionalData": {
            "adjustAuthorisationData": "BQABAQArqht7L...",
            "merchantReference": "YOUR_MODIFICATION_REFERENCE"
        },
        "pspReference": "8535762347980628",
        "response": "Authorised"
    }
  2. Store the adjustAuthorisationData blob you received in the /adjustAuthorisation response. You will need this if you later adjust the authorisation again. This blob is not URL-encoded, so you can use it as it is.

Extend the authorisation

To extend the authorisation period make an /adjustAuthorisation request with the same amount as the current balance on the authorisation:

  • If you haven't adjusted the authorisation yet, use the amount from the original pre-authorisation request.
  • If you did adjust the authorisation, use the amount from the last adjustment.

For Mastercard, the request made to adjust the pre-authorised amount automatically extends the validity period of the authorisation. So, if you have adjusted an authorisation, you don't immediately have to extend its validity.

We strongly recommend you to use the asynchronous flow to extend the authorisation. Visa only supports the asynchronous flow.

See Adjust the authorisation for instructions.

For Visa and American Express, the issuer can refuse the request to extend the authorisation period. This refusal terminates the initial pre-authorised payment. Check that you consume the notification to handle this situation by either withholding shipment or authorising the card again at a later time.

Step 3: Finalize the pre-authorised payment

When you have made your last authorisation adjustment, you need to manually capture the payment to transfer the reserved funds to your account:

  1. Decide whether you are ready to capture the payment:

    • Are there any additional charges to be made?
      If yes, adjust the authorisation first (see Adjust the authorisation).

    • Does the shopper want to settle the bill using a different payment method than the one used for the pre-authorisation?
      If yes, do not capture the payment. Instead, cancel the pre-authorisation:

      • Make a /cancel request specifying the pspReference of the original pre-authorisation. Refer to Cancel authorisation for more details.

  2. When you are ready to capture the payment, make a POST request to the /capture endpoint, specifying:

    Parameter Required Description
    originalReference -white_check_mark- The pspReference of the original pre-authorisation. You received this in the response to your pre-authorisation request.
    modificationAmount -white_check_mark- The currency and value of the final amount in minor units. This is the sum of the original, pre-authorised amount and all later adjustments.
    reference Your reference to this payment modification, for use in your reconciliation process.
    merchantAccount -white_check_mark- The name of your merchant account that is used to process the payment.
  3. When you receive the /capture response, note the following:

    • pspReference: The PSP reference associated with this /capture request. Note that this is different from the PSP reference associated with the pre-authorisation request.
    • response: [capture-received].
    • additionalData.merchantReference: Your reference to this payment modification, for use in your reconciliation process.
  4. Wait for the asynchronous notification. This informs you whether the final amount has been captured.
    If the capture is successful, this notification contains:

    • eventCode: CAPTURE
    • originalReference: The pspReference of the pre-authorisation.
    • pspReference: The PSP reference associated with this /capture` request.
    • success: true

    If success is false then your capture request failed. Review the reason you received in the notification, fix the issue, and submit the capture request again.

    When a Visa authorisation extension succeeds, the success field is set to false and the reason field to Approved. If it fails, the success field is set to false but you do not receive the reason in the notification.

If you need to charge the guest for an additional amount after they have left, and you stored your shopper's payment details (token) with your pre-authorisation request, you can apply these late charges in a recurring payment request using the token. See Recurring payments.

You can combine the steps listed before to fulfill your use case. For example, if you want to do multiple partial captures, modify the amount authorised after the first partial capture. To do so, pre-authorise a payment, partially capture the payment, and then adjust the authorisation amount.

Availability

You can use adjust authorisation for certain business models that are most common in travel, public transport, and restaurant businesses. Card schemes set specific rules around which businesses are able to adjust an authorisation. Your eligibility is determined by your Merchant Category Code (MCC), together with the card scheme.
To obtain the required MCC value:

  1. Log in to your live Customer Area.
  2. Select your merchant account.
  3. Go to Account > Payment methods.
  4. Scroll to the right of the table to see your MCC for the relevant payment methods.

Use the following table to see if your business is eligible to adjust authorisations:

Scheme Available Merchant Category Codes (MCC)
Mastercard All MCCs
Visa 3351-3500, 3501-3999, 4111, 4112, 4121, 4131, 4411, 5411, 5552, 5812, 5812, 7011, 7033, 7394, 7512, 7513, 7519, 7523, 7996, 7999
Adjust authorisation does not work for V Pay cards.
Discover 3351-3441, 3501-3999, 4111, 4112, 4121, 4131, 4411, 4457, 5812, 5813, 7011, 7033, 7996, 7394, 7512, 7513, 7519, 7999
American Express All MCCs
MCC restrictions do not apply when extending the validity for Visa.

Validity

Adyen expires an authorisation request automatically after:

  • 28 days from the day the payment is authorised, for all major global card networks, except Cartes Bancaires.
  • 12 days from the day the payment is authorised, for Cartes Bancaires.

Card schemes, too, have their own set of rules on authorisation expiry. Capturing a transaction after the scheme expiry time increases the risk of a failed capture, and may also increase the interchange and/or scheme fees charged for the transaction. Card schemes can also expire an authorisation before or after the official scheme expiry period has been reached.

To learn more about the authorisation expiry times for other payment methods, contact Support Team.

You can often capture a payment successfully after an authorisation has expired. Depending on the card scheme, there can be a fee for late capture, and an increase in interchange fee. The risk of cardholder chargebacks increase as well.
The following tables include expiry information from major card schemes:

Amex

Scheme Debit/credit Environment Authorisation type MCC Days
Amex All All All All 7 days

Carte Bancaires

Scheme Debit/credit Environment Authorisation type MCC Days
Carte Bancaires All All All All 13 days
Carte Bancaires All All All Car Rental 20 days
Carte Bancaires All All All Airline in-flight 34 days
Carte Bancaires All All Pre-auth Travel sector 30 days

Diners

Scheme Debit/credit Environment Authorisation type MCC Days
Diners All MOTO All All 7 days
Diners Debit All All All 7 days
Diners Credit All All All 30 days
Diners All All All Car Rental, Hotel/Lodging 30 days

Discover

Scheme Debit/credit Environment Authorisation type MCC Days
Discover All All All All 30 days

JCB

Scheme Debit/credit Environment Authorisation type MCC Days
JCB All All All All 1 year
JCB All All Pre-auth Hotel and Car rental Time of stay/rental

Mastercard

Scheme Debit/credit Environment Authorisation type MCC Days
Mastercard All All Final auth All 7 days
Mastercard All All Pre-auth All 30 days
Mastercard captures can be successful even after the seven or 30-day authorisation validity limits. For domestic transactions in the US and Canada, there is a late capture fee.

UnionPay

Scheme Debit/credit Environment Authorisation type MCC Days
CUP All POS Final auth
See note 1
All 30 days
CUP All Ecommerce Pre-auth All 30 days

1 UnionPay transactions with Authorisation type Final auth can only be cancelled within 1 day. The captured amount must always be equal to the authorised amount.

The authorisation type doesn't apply to UnionPay SecurePay, as it doesn't use the card acquiring flow.

Visa

Scheme Debit/credit Environment Authorisation type MCC Days
Visa electron All All All All 5 days
Visa All POS All All 1 day
Visa All Ecommerce All All 7 days
Visa All All Pre-Auth Cruise, Lodging, Vehicle Rental 31 days
Visa All Subscriptions and UnscheduledCardOnFile All All 1 day
Visa All CnP All 4121 1 day
For domestic transactions in the US, the applicable interchange can increase when delaying a capture for more than two days. After the seven-day authorisation validity period, captures can be rejected by Visa unless other rules apply.

See also