For 3D Secure 2, you include additional parameters in your payment requests that provide additional information to authenticate your shoppers. You include these parameters when you make a request to one of the following endpoints:
This page describes payload structures and objects for Checkout API v41 or later. If you are using a classic integration, see 3D Secure 2 classic integration.
Parameter types
There are various parameters you can include in your requests for 3D Secure 2 authentication. The tables on this page specify the parameters that are required, conditionally required, recommended, and optional to include in your requests.
Icon | Type | Description |
---|---|---|
Required | Parameters that are required to complete 3D Secure 2 authentication. | |
Conditionally required | Parameters that are required for particular setups, or issuers and card schemes. | |
Recommended | Parameters that are not required to send in your requests, but including them may increase the authentication performance. | |
Optional | Parameters that map to a field in the EMVCo Authentication Response (Areq ), but are optional to include in your requests. |
3D Secure 2 objects
In addition to the regular fields you provide in your payment requests, we recommend that you provide all available information to increase the likelihood of achieving a frictionless flow and a higher authorisation rate.
Some of these objects are mandatory for some issuers and card schemes, and not providing them in your payment request can result in a failed authentication. Some fields have sub-fields where you can, or need to, provide more information.
Object | Required | Description |
---|---|---|
accountInfo | Shopper account information for 3D Secure 2. See the reference to learn its sub-fields. | |
authenticationData | Use case: required for certain 3D Secure 2 setups. The data for the 3D secure 2 authentication. See the reference to learn its sub-fields. |
|
billingAddress | The address where to send the invoice. We recommend to include it in your requests when available to improve authentication performance See the reference to learn its required sub-fields. | |
browserInfo | The shopper's browser information. See the reference to learn its sub-fields and the requirements depending on your integration type. |
|
channel | The platform where a payment transaction takes place. Possible values:
|
|
deliveryAddress | The address where the purchased goods must be delivered. Include this in your request whenever available. See the reference to learn about its required sub-fields. | |
installments | If you want to split the payment into installments, include this object to specify the installment settings. See the reference to learn about its required sub-fields. | |
merchantRiskIndicator | Additional risk fields for 3D Secure 2. Include this in your request whenever available. See the reference to learn about its sub-fields. | |
mpiData | Use case: required if you are making a request to authorize a payment using third-party authentication data from another 3D Secure 2 provider. This is the authentication data produced by a merchant plug-in (MPI). See the reference to learn its required sub-fields. |
|
origin | Use case: required for browser-based (channel : Web) transactions. The origin URL of the page where you are rendering the Drop-in/Component. When this field is not set, or set incorrectly, the 3D Secure 2 action can not be handled correctly. Format:
https://your-company.example.com/checkout/payment , set to https://your-company.example.com . |
|
paymentMethod | The type and required details for a card payment method. See the reference to learn about its required sub-fields. | |
telephoneNumber | Use case: required for Visa and JCB transactions if you did not include the shopperEmail field. The shopper's phone number. To be more specific, you can use the mobilePhone , homePhone , and workPhone fields in the threeDS2RequestData object. Format: The phone number must include a plus sign (+) and a country code (1-3 digits), followed by the number (4-15 digits). Example: +4912345678901 If the value you provide does not follow the guidelines, we drop the value and do not submit it for authentication. |
|
returnUrl | The URL where the shopper is redirected back to after completing authentication to support cases where the payment is routed to the 3D Secure 2 redirect flow. See our integration guides to learn how to set this URL depending on your platform. | |
scaExemption | Use case: required if you want to request exemptions through the API request, or when making a Cartes Bancaires transaction. We do not recommend to use this field, because it overrides our exemption logic. The exemption type that you want to request for the particular transaction. Possible values:
|
|
shopperEmail | Use case: required for Visa and JCB transactions; if you don't include this, you have to send the phone number in telephoneNumber. We strongly recommend to include the email address for all transactions. The cardholder's email address. |
|
shopperIP | Use case: required for Visa and JCB transactions for all web and mobile integrations. You must include shopperIP for native mobile integrations to support cases where the transaction is routed to the redirect flow. We recommend to include this field for all transactions, because it is used in a number of risk checks. The IP address of the shopper. |
|
socialSecurityNumber | The shopper's CPF or CNPJ number. We strongly recommend that you include this for shoppers in Brazil. Supported from v50 and later of our API. | |
threeDS2RequestData | Use case: required for certain 3D Secure 2 setups. See the reference to learn about its required sub-fields depending on integration type. |
accountInfo
The accountInfo object is not required, but we recommend to include it in your requests to increase the chances of achieving the frictionless flow.
Field | Type | Required | Description |
---|---|---|---|
accountAgeIndicator |
String | Indicator for the length of time since this shopper account was created. Possible values:
|
|
accountChangeDate |
String | Date when the shopper's account was last changed. Format: ISO 8601 YYYY-MM-DDThh:mm:ssTZD Example: 2017-07-17T13:42:40+01:00 |
|
accountChangeIndicator |
String | Indicator for when the shopper's account was last changed. Possible values:
|
|
accountCreationDate |
String | Date when the shopper's account was created. Format: ISO 8601 YYYY-MM-DDThh:mm:ssTZD Example: 2017-07-17T13:42:40+01:00 |
|
accountType |
String | The type of the shopper's account. For example, for a multi-account card product. Possible values:
|
|
addCardAttemptsDay |
Integer | Number of attempts the shopper made to add a card to their account in the last day. Maximum value: 999 |
|
passwordChangeDate |
String | Date when the shopper last changed their password. Format: ISO 8601 YYYY-MM-DDThh:mm:ssTZD Example: 2017-07-17T13:42:40+01:00 |
|
passwordChangeIndicator |
String | Indicator for when the shopper's account password was last changed. Possible values:
|
|
purchasesLast6Months |
Integer | Number of purchases in the last 6 months. Maximum value: 9999 |
|
pastTransactionsDay |
Integer | Number of transactions from this shopper in the past 24 hours. Maximum value: 999 |
|
pastTransactionsYear |
Integer | Number of transactions from this shopper in the past year. Maximum value: 999 |
|
paymentAccountAge |
String | Date this payment method was added to the shopper's account. Format: ISO 8601 YYYY-MM-DDThh:mm:ssTZD Example: 2017-07-17T13:42:40+01:00 |
|
paymentAccountIndicator |
String | Indicator for the length of time since this payment method was added to the shopper's account. Possible values:
|
|
deliveryAddressUsageDate |
String | Date when the selected delivery address was first used with the 3DS Requestor. Format: ISO 8601 YYYY-MM-DDThh:mm:ssTZD Example: 2017-07-17T13:42:40+01:00 |
|
deliveryAddressUsageIndicator |
String | Indicator for when this delivery address was first used with the 3DS Requestor. Possible values:
|
|
suspiciousActivity |
Boolean | Whether suspicious activity was recorded on this account. | |
homePhone |
String | Use
threeDSRequestData.homePhone
instead. Shopper's home phone number, including the country code. |
|
mobilePhone |
String | Use
threeDSRequestData.mobilePhone
instead. Shopper's mobile phone number, including the country code. |
|
workPhone |
String | Use
threeDSRequestData.workPhone
instead. Shopper's work phone number, including the country code. |
Mapping Adyen parameters to EMVCo fields
The Adyen accountInfo
parameters map to the EMVCo specifications as follows.
Adyen parameter | EMVCo parameter |
---|---|
accountAgeIndicator |
chAccAgeInd |
accountChangeDate |
chAccDate |
accountChangeIndicator |
chAccChangeInd |
accountCreationDate |
chAccDate |
passwordChangeDate |
chAccPwChange |
passwordChangeIndicator |
chAccPwChangeInd |
purchasesLast6Months |
nbPurchaseAccount |
addCardAttemptsDay |
provisionAttemptsDay |
pastTransactionsDay |
txnActivityDay |
pastTransactionsYear |
txnActivityYear |
paymentAccAge |
paymentAccountAge |
paymentAccountIndicator |
paymentAccInd |
deliveryAddressUsageDate |
shipAddressUsage |
deliveryAddressUsageIndicator |
shipAddressUsageInd |
authenticationData
The authenticationData object contains sub-fields that are required to include for certain 3D Secure 2 authentication scenarios.
Field | Type | Required | Description |
---|---|---|---|
authenticationOnly |
Boolean | Use case: required to trigger the authentication-only flow. When set to true, you only perform the 3D Secure 2 authentication, and will not proceed to the payment authorization. The default value is false. |
|
attemptAuthentication |
String | Indicates whether to attempt 3D Secure 2 authentication for a transaction. We do not recommend to use this field. This overrides your Dynamic 3D Secure settings. Possible values:
|
|
threeDSRequestData.challengeWindowSize |
String | The size of the challenge window displayed to the shopper in the challenge flow. Possible values:
|
|
threeDSRequestData.dataOnly |
String | Use case: required to trigger the data-only flow. When set to true, forces the 3D Secure 2 data-only flow for all transactions where it is possible. If you are using Checkout API v68 or earlier, use the additionalData.threeDSDataOnly field instead. |
|
threeDSRequestData.nativeThreeDS |
String | Use case: required to trigger the native flow when using the /payments endpoint, or to trigger the redirect flow when using the /sessions endpoint. Indicates if native 3D Secure 2 should be used when available. Adyen can still select to fallback to the redirect flow to optimize authorization rates and improve the shopper's experience. Possible values:
|
|
threeDSRequestData.threeDSVersion |
String | The version of 3D Secure 2 to use. Possible values:
|
billingAddress
The billingAddress object is not required, but we recommend to include it in your requests when available to improve authentication performance. This object includes some required sub-fields.
When using our Drop-in/Components, the billing address is returned in an event. For example, on web integrations, this is the state.data.billingAddress
object from the onSubmit
event.
Field | Type | Required | Description |
---|---|---|---|
city |
String | The name of the city. | |
country |
String | The country code. Format: the two-letter ISO-3166-1 alpha-2 country code. Exception: QZ (Kosovo). |
|
houseNumberOrName |
String | The number or name of the house. | |
postalCode |
String | The postal code consisting of a maximum of five digits for an address in the US, or a maximum of ten characters for an address in all other countries/regions. | |
stateOrProvince |
String | Use case: required for addresses in the US and Canada. The state or province code of the billing address as defined in ISO 3166-2. Example: CA in US, or ON in Canada. |
|
street |
String | The name of the street. |
browserInfo
The sub-fields that you must include in browserInfo depend on your integration type:
- For mobile integrations ( channel: iOS/Android): the
acceptHeader
, anduserAgent
sub-fields are required to support cases where the payment is routed to 3D Secure 2 redirect. - For web integrations ( channel: Web): the full object, except
javaScriptEnabled
, is required.
Field | Type | Required | Description |
---|---|---|---|
acceptHeader |
String | The accept header value of the shopper's browser. | |
colorDepth |
Int | Use case: web integrations. The color depth of the shopper's browser in bits per pixel. Use the browser's screen.colorDepth property to obtain the value. Accepted values: 1, 4, 8, 15, 16, 24, 32, or 48 bit. |
|
javaEnabled |
Boolean | Use case: web integrations. Boolean value indicating if the shopper's browser is able to execute Java. |
|
javaScriptEnabled |
Boolean | Boolean value indicating if the shopper's browser is able to execute JavaScript. If not present, the default value is true. | |
language |
String | Use case: web integrations. The name of the browser language used by the shopper. This is the navigator.language value of the shopper's browser as defined in IETF BCP 47. Examples: nl-NL , fr-FR , en-US . |
|
screenHeight |
Int | Use case: web integrations. The pixel height of the shopper's screen. |
|
screenWidth |
Int | Use case: web integrations. The pixel width of the shopper's screen. |
|
timeZoneOffset |
String | Use case: web integrations. Time difference between UTC time and the shopper's browser local time, in minutes. Example: -120 |
|
userAgent |
String | The user agent value of the shopper's browser. |
deliveryAddress
Include the deliveryAddress object in your request if you want to submit the shopper's delivery address. If you include this object in your request, provide the required fields.
Field | Type | Required | Description |
---|---|---|---|
city |
String | The name of the city. | |
country |
String | The country code. Format: the two-letter ISO-3166-1 alpha-2 country code. Exception: QZ (Kosovo). |
|
houseNumberOrName |
String | The number or name of the house. | |
postalCode |
String | The postal code consisting of a maximum of five digits for an address in the US, or a maximum of ten characters for an address in all other countries/regions. | |
stateOrProvince |
String | Use case: required for addresses in the US and Canada. The state or province code of the billing address as defined in ISO 3166-2. Example: CA in US, or ON in Canada. |
|
street |
String | The name of the street. |
installments
Include the installments object in your request when you want to split the payment into installments. If you include this object in your request, some sub-fields are required.
Field | Type | Required | Description |
---|---|---|---|
value |
Integer | The number of installments. For Mexico, the value can be 0, for other countries, the value must be greater than zero. See installment options in supported countries/regions for possible values. Usually, the acquirer sets the maximum allowed number of installments. For example, it may not be possible to split a payment in more than 24 installments. | |
extra |
Integer | The bonus percentage, refund percentage, or if the transaction is completed with a Buy Now Pay Later payment method for transactions processed in Mexico. | |
plan |
String | Use case: required for installments in Japan, and Mexico. The installment plan. Possible values:
|
merchantRiskIndicator
The merchantRiskIndicator object is not required, but we recommend to include it in your requests to increase the chances of achieving the frictionless flow.
Field | Type | Required | Description |
---|---|---|---|
addressMatch |
Boolean | Whether the chosen delivery address is identical to the billing address. | |
deliveryEmail |
String | Use deliveryEmailAddress instead. The delivery email address (for digital goods). |
|
deliveryEmailAddress |
String | The delivery email address (for digital goods). | |
deliveryTimeframe |
String | The estimated delivery time for the shopper to receive the goods. Possible values:
|
|
giftCardAmount |
Integer | For prepaid or gift card purchase, the purchase amount total of prepaid or gift card(s). | |
giftCardCurr |
Integer | For prepaid or gift card purchase, ISO 4217 three-digit currency code of the gift card, other than those listed in Table A.5 of the EMVCo 3D Secure Protocol and Core Functions Specification. | |
giftCardCount |
String | For prepaid or gift card purchase, total count of individual prepaid or gift cards/codes purchased. | |
preOrderDate |
String | For pre-order purchases, the expected date this product will be available to the shopper.
|
|
preOrderPurchase |
Boolean | Whether this transaction is for pre-ordering a product. | |
preOrderPurchaseInd |
String | Indicates if this transaction is for placing an order for merchandise with a future availability or release date. | |
reorderItems |
Boolean | Whether the shopper has already purchased the same items in the past. | |
reorderItemsInd |
Boolean | Indicates if the he cardholder is reordering previously purchased merchandise. | |
deliveryAddressIndicator |
String | Indicator regarding the delivery address. Possible values:
|
|
shipIndicator |
String | Indicates the shipping method for the purchase. |
Mapping Adyen parameters to EMVCo fields
The Adyen merchantRiskIndicator
parameters map to the EMVCo specifications as follows.
Adyen parameter | EMVCo parameter |
---|---|
deliveryEmail |
deliveryEmailAddress |
deliveryTimeframe |
deliveryTimeframe |
giftCardAmount |
giftCardAmount |
giftCardCount |
giftCardCount |
preOrderDate |
preOrderDate |
preOrderPurchase |
preOrderPurchaseInd |
reorderItems |
reorderItemsInd |
mpiData
The mpiData object is required in your authorization requests with Adyen if you use authentication data from a third-party to authorize payments. Get the values from the authentication data produced by a 3D Secure 2 provider. When you make the request to Adyen, include all the fields you receive from the third-party authentication provider.
Field | Type | Required | Description |
---|---|---|---|
authenticationResponse |
String | The transStatus from the last CRes (Challenge Response) message or in the RReq (Results Request) sent after the shopper completes the challenge. If the transaction was frictionless there is no RReq , so omit this parameter. |
|
cavv |
String | The cardholder authentication value (base64 encoded, 20 bytes in a decoded form). This is the authenticationValue returned in the Authentication Response (ARes ) for the frictionless flow, or the RReq for the challenge flow. |
|
challengeCancel |
String | Indicator informing the Access Control Server (ACS) and the Directory Server (DS) that the authentication has been cancelled. See possible values. | |
directoryResponse |
String | The result of the initial authentication response. This is the transStatus from the ARes . |
|
dsTransID |
String | The unique transaction identifier assigned by the Directory Server to identify a single transaction. | |
eci |
String | The electronic commerce indicator (ECI). This is a scheme specific indicator of the authentication result. | |
riskScore |
String | Use case: required for Cartes Bancaires transactions. Risk score calculated by Directory Server (DS). |
|
threeDSVersion |
String | The version of 3D Secure 2 used. Possible values:
|
|
transStatusReason |
String | Provides information on why the transStatus field has the specified value. See possible values. |
|
tokenAuthenticationVerificationValue |
String | The network token authentication verification value (TAVV). This is the network token cryptogram. |
Possible challengeCancel
values
Value | Description | |
---|---|---|
00 |
Data element is absent or value has been sent back with the key challengeCancel . |
|
01 |
Cardholder selected Cancel. | |
02 |
3DS Requestor cancelled Authentication. | |
03 |
Transaction abandoned. | |
04 |
Transaction timed out at ACS — other timeouts. | |
05 |
Transaction timed out at ACS — first CReq not received by ACS. | |
06 |
Transaction error. | |
07 |
Unknown. | |
08 |
Transaction timed out at SDK. | ~~ |
MPI data combinations
When you are using authentication data from a third party to authorize payments with Adyen, you send multiple values you receive to Adyen. You must make sure that the combination of the values you send are aligned with what Adyen expects.
The possible combinations differ for each authentication flow. Cartes Bancaires does not use the ECI value, but it may be returned in some cases.
Authentication flow | directoryResponse |
authenticationResponse |
eci |
---|---|---|---|
Challenge flow | C | Y | Visa, Amex, JCB, CUB: 05 Mastercard, BCMC: 02 Cartes Bancaires: optional |
Frictionless flow | Y | Visa, Amex, JCB, CUB: 05 Mastercard, BCMC: 02 Cartes Bancaires: optional |
|
Attempt | A | Visa, Amex, JCB, CUB: 06 Mastercard, BCMC: 02 Cartes Bancaires: optional |
|
3D Secure 2 exemption | I (all schemes) or Y (Cartes Bancaires with threeDSVersion : 2.1.0) |
Visa, Amex, JCB, CUB: 07 Mastercard, BCMC: 02 Cartes Bancaires: optional |
Mapping Adyen parameters to EMVCo fields
The Adyen mpiData
parameters map to the EMVCo specifications as follows.
Adyen parameter | EMVCo parameter |
---|---|
authenticationValue |
authenticationValue |
dsTransID |
dsTransID |
eci |
eci |
threeDSVersion |
messageVersion |
threeDSServerTransID |
threeDSServerTransID |
authenticationResponse |
transStatus in RReq |
directoryResponse |
transStatus in ARes |
challengeCancel |
challengeCancel |
paymentMethod
The paymentMethod object, and its sub-fields below, are required for 3D Secure 2 transactions. If you are fully PCI compliant you can pass the parameters for raw card data instead.
Field | Type | Required | Description |
---|---|---|---|
type |
String | Set to scheme. | |
encryptedCardNumber |
String | The encrypted card number. | |
encryptedExpiryMonth |
String | The encrypted card expiry month. | |
encryptedExpiryYear |
String | The encrypted card expiry year. | |
encryptedSecurityCode |
String | The encrypted card verification code. | |
brand |
String | Use case: required for Cartes Bancaires transactions. The secondary brand of the card. |
|
holderName |
String | Use case: required for Visa and JCB transactions. The name of the cardholder. We recommend to include this field whenever available for higher authentication rates. |
|
threeDS2SdkVersion |
String | Use case: required for native mobile integrations. The 3D Secure 2 mobile SDK version. See our integration guides to learn how you can get the SDK version. |
threeDS2RequestData
The threeDS2RequestData object contains additional request fields that are required for certain types of 3D Secure 2 integrations.
Field | Type | Required | Description |
---|---|---|---|
acquirerBIN |
String | Use case: required if you enrolled for 3D Secure 2 through a different acquirer or PSP and are performing the authentication-only flow. The acquiring BIN enrolled for 3D Secure 2. This string should match the value that you will use in the authorization. |
|
acquirerMerchantID |
String | Use case: required if you enrolled for 3D Secure 2 through a different acquirer or PSP and are performing the authentication-only flow. The authorisation merchant ID enrolled for 3D Secure 2. This string should match the value that you will use in the authorization. |
|
addrMatch |
String | Indicates if the shipping address and billing address of the shopper match. Possible values:
|
|
challengeIndicator |
String | Use case: required to manually request exemptions to the challenge through the API request, or for Cartes Bancaires transactions. The preference for receiving a challenge from the issuer. Possible values:
On Checkout API v68 or later, use threeDSRequestorChallengeInd instead. |
|
deviceRenderOptions.sdkInterface |
String | Only for app-based integrations. The supported SDK interface types. Defaults to native. Possible values:
|
|
deviceRenderOptions.sdkUiType |
Array | Only for app-based integrations. The string array of UI types supported for displaying specific challenges. Defaults to all values. Possible values:
|
|
mcc |
String | Use case: required if you enrolled for 3D Secure 2 through a different acquirer or PSP and are performing the authentication-only flow. The four-digit code with which the acquirerMerchantID is registered at the scheme. |
|
merchantName |
String | Use case: required if you enrolled for 3D Secure 2 through a different acquirer or PSP and are performing the authentication-only flow, or if you are enrolled with Adyen, and want to override the merchant name configured on your account. The merchant name that the issuer presents to the shopper if they get a challenge. We recommend to use the same value that you will use in the authorization. Format:
|
|
messageVersion |
String | The 3D Secure 2 protocol version. | |
notificationURL |
String | Use case: required for deviceChannel browser or if you built your own implementation with channel Web. The URL where the Challenge Response value will be sent. |
|
sdkAppID |
String | Use case: required for deviceChannel app. The sdkAppID value as received from the 3D Secure 2 SDK. |
|
sdkEncData |
String | Use case: required for deviceChannel app. The sdkEncData value as received from the 3D Secure 2 SDK. |
|
sdkEphemPubKey |
Object | Use case: required for deviceChannel app. The sdkEphemPubKey value as received from the 3D Secure 2 SDK. This object includes the crv , kty , x , and y . |
|
sdkMaxTimeout |
Integer | Only for app-based integrations. The maximum amount of time in minutes for the 3D Secure 2 authentication process. Defaults to 60 minutes. | |
sdkReferenceNumber |
String | Use case: required for app-based integrations. The sdkReferenceNumber value as received from the 3D Secure 2 SDK. |
|
sdkTransID |
String | Use case: required for app-based integrations. The sdkTransID value as received from the 3D Secure 2 SDK. |
|
threeDSCompInd |
String | The completion indicator for the threeDSMethodUrl fingerprinting. |
|
threeDSRequestorChallengeInd |
String | Use case: required if you want to manually request exemptions to the challenge through the API request, or for Cartes Bancaires transactions. Indicates whether a challenge is requested for this transaction. Possible values:
|
|
threeDSRequestorID |
String | Use case: required for Visa payments if you enrolled for 3D Secure 2 through a different acquirer or PSP and are performing the authentication-only flow. The unique requestor ID assigned by the Directory Server when you enrol for 3D Secure 2. |
|
threeDSRequestorName |
String | Use case: required for Visa payments if you enrolled for 3D Secure 2 through a different acquirer or PSP and are performing the authentication-only flow. The unique requestor name assigned by the Directory Server when you enrol for 3D Secure 2. |
|
threeDSRequestorURL |
String | The URL of the (customer service) website that will be shown to the shopper in case of technical errors during the 3D Secure 2 process. | |
transactionType |
String | The type of transaction being authenticated. Highly recommended for Brazil. Possible values:
|
|
homePhone ,workPhone ormobilePhone |
String | Use case: required for Visa and JCB payments if you did not include the shopperEmail parameter, and did not provide the phone number in telephoneNumber. A phone number for the shopper. Format: The phone number must include a country code (1-3 digits), followed by the number (4-15 digits). Example: +4912345678901 If the value you provide does not follow the guidelines, we drop the value and do not submit it for authentication. |
Challenge flow objects
When the 3D Secure 2 authentication has to go through the fingerprint or challenge flows, you initialize the flows using the following objects. The Component returns the fingerprint
or the challengeResult
that you need to pass when you submit the authentication result.
Field | Type | Description |
---|---|---|
threeds2.fingerprintToken |
Base64url encoded string | Required to initialize the device fingerprinting process. This contains the following parameters:
|
threeds2.challengeToken |
Base64url encoded string | Required to initialize the challenge flow. This contains the following parameters:
|
threeds2.fingerprint | Base64 encoded string | Returned by the Component after the challenge flow. This contains the following parameters:
|
threeds2.challengeResult | Base64 encoded string | Returned by the Component after the challenge flow. This contains the following parameters:
|