--- title: "Third-party authentication" description: "Use authentication data from third-party to authorize payments." url: "https://docs.adyen.com/online-payments/3d-secure/authorize-mpidata" source_url: "https://docs.adyen.com/online-payments/3d-secure/authorize-mpidata.md" canonical: "https://docs.adyen.com/online-payments/3d-secure/authorize-mpidata" last_modified: "2024-06-19T17:06:00+02:00" language: "en" --- # Third-party authentication Use authentication data from third-party to authorize payments. [View source](/online-payments/3d-secure/authorize-mpidata.md) You can use a third-party 3D Secure provider to perform authentication, and use the obtained authentication data when making a payment request to Adyen. This allows you to use a third-party 3D Secure 2 provider to perform authentication while using Adyen to authorize payments. This page describes passing authentication data in a [/payments](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments) API request. If you are using the [/authorise](https://docs.adyen.com/api-explorer/#/Payment/authorise) endpoint, refer to [3D Secure Classic integration](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/other-3ds-flows/authorize-mpidata). ## Before you begin Before you begin to integrate, make sure you have followed the [Get started with Adyen guide](/get-started-with-adyen) to: * Get an overview of the steps needed to accept live payments. * Create your test account. After you have created your test account: 1. [Get your API Key](/development-resources/api-credentials#generate-api-key) and store it securely in your system. You will need it for API calls you make to the Adyen payments platform. 2. Check that you are using v46 or later of the [/payments](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments) endpoint. ## Step 1: Get third-party authentication data ### Tab: 3D Secure 2 To authorize a 3D Secure 2 authenticated payment, you need the following data: Some card schemes do not provide all fields; the **Applies to** column shows which fields are required for which schemes. | Field | Applies to | | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | | [authenticationResponse](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-authenticationValue) | All schemes | | [directoryResponse](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-transStatus) | All schemes | | [authenticationValue](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-authenticationValue) | All schemes | | [dsTransID](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-dsTransID) | All schemes | | [eci](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-eci) | All schemes | | [threeDSVersion](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-additionalData-listOfValues-threeDSVersion) | All schemes | | [cavvAlgorithm](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-cavvAlgorithm) | Cartes Bancaires | | [challengeCancel](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-challengeCancel) | Cartes Bancaires | | [threeDSRequestorChallengeInd](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-threeDS2RequestData-threeDSRequestorChallengeInd) | Cartes Bancaires | | [exemptionIndicator](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-exemptionIndicator) | Cartes Bancaires | | [riskScore](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-riskScore) | Cartes Bancaires | ### Tab: 3D Secure 1 You can only use the 3D Secure 1 parameters [if you are in one of the territories where 3D Secure 1 is still supported](/online-payments/3d-secure-for-regulation-compliance#importantdates). To authorize a 3D Secure 1 authenticated payment, you need the following data: * [authenticationResponse](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-additionalData-ResponseAdditionalDataCommon-threeDAuthenticatedResponse) * [directoryResponse](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-transStatus) * [cavv](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-additionalData-listOfValues-cavv) * [cavvAlgorithm](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-cavvAlgorithm) * [xid](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-additionalData-listOfValues-xid) * [eci](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments/details#responses-200-threeDS2Result-eci) ## Step 2: Make a payment with third-party authentication data If you didn't authenticate with Adyen, refer to [Mapping Adyen parameters to EMVCo fields](/online-payments/3d-secure/api-reference#adyen-emvco-map-mpidata). You first need to map the third-party authentication data to Adyen parameters when making a payment request to Adyen. ### Tab: 3D Secure 2 Make a POST [/payments](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments) request that includes an `mpiData` object containing the following: Some card schemes require different fields. The **Applies to** column shows which fields are required for which schemes. | Field | Applies to | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------- | | [paymentMethod.type](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-paymentMethod-CardDetails-type) | All schemes. Learn more for [co-badged cards](#co-badged-cards). | | [mpiData.authenticationResponse](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-mpiData-authenticationResponse) | All schemes | | [mpiData.directoryResponse](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-mpiData-directoryResponse) | All schemes | | [mpiData.cavv](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-cavv) | All schemes | | [dsTransID](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-mpiData-dsTransID) | All schemes | | [mpiData.eci](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-eci) | All schemes | | [mpiData.threeDSVersion](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-threeDSVersion) | All schemes | | [threeDS2RequestData.threeDSRequestorChallengeInd](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-threeDS2RequestData-threeDSRequestorChallengeInd) | Cartes Bancaires | | [mpiData.cavvAlgorithm](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-cavvAlgorithm) | Cartes Bancaires | | [mpiData.challengeCancel](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-mpiData-challengeCancel) | Cartes Bancaires | | [mpiData.riskScore](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-riskScore) | Cartes Bancaires | | [additionalData.acquirerCode](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#responses-200-additionalData-ResponseAdditionalDataCommon-acquirerCode) | Cartes Bancaires. Set to `"AdyenCartesBancaires"`. | | [additionalData.scaExemption](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_additionalData-AdditionalData3DSecure-scaExemption) | Cartes Bancaires | | [shopperInteraction](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-shopperInteraction) | All schemes | | [recurringProcessingModel](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_recurringProcessingModel) | All schemes | ### Tab: 3D Secure 1 Make a POST [/payments](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments) request that includes an `mpiData` object containing the following: * [paymentMethod.type](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-paymentMethod-CardDetails-type): Learn more for [co-badged cards](#co-badged-cards). * [mpiData.authenticationResponse](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-mpiData-authenticationResponse) * [mpiData.directoryResponse](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-mpiData-directoryResponse) * [mpiData.cavv](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-cavv) * [mpiData.cavvAlgorithm](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-cavvAlgorithm) * [mpiData.xid](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-xid) * [mpiData.eci](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_mpiData-eci) * [shopperInteraction](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-shopperInteraction) * [recurringProcessingModel](https://docs.adyen.com/api-explorer/#/CheckoutService/latest/post/payments__reqParam_recurringProcessingModel) ### Co-badged cards If you are making a payment with a co-badged card, you need to set the [paymentMethod.type](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-paymentMethod-CardDetails-type) to `scheme` and [paymentMethod.brand](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-paymentMethod-CardDetails-brand) to the scheme that authenticated the payment. For example, if you are making a payment with a card co-badged with Visa and Cartes Bancaires, set `paymentMethod.brand` to either `visa` or `cartebancaire`, depending on which scheme performed the authentication. Otherwise, the payment can be refused. When you make a payment with a co-badged card that is authenticated by Cartes Bancaires, you must provide the same value in the [threeDSRequestorChallengeInd](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments#request-threeDS2RequestData-threeDSRequestorChallengeInd) field of both your authentication and your authorization request. Otherwise, the payment can be declined. ### Sample request ### Tab: 3D Secure 2 **/payments request** ```bash curl https://checkout-test.adyen.com/v72/payments/ \ -H 'x-api-key: ADYEN_API_KEY' \ -H 'content-type: application/json' \ -d '{ "amount": { "currency": "EUR", "value": 1000 }, "merchantAccount": "YOUR_MERCHANT_ACCOUNT", "reference": "YOUR_ORDER_NUMBER", "channel": "Web", "mpiData": { "cavv": "3q2+78r+ur7erb7vyv66vv////8=", "eci": "05", "dsTransID": "c4e59ceb-a382-4d6a-bc87-385d591fa09d", "directoryResponse": "C", "authenticationResponse": "Y", "threeDSVersion": "2.1.0", "{hint:Only applies to Cartes Bancaires.}cavvAlgorithm{/hint}": "ABC", "{hint:Only required for Cartes Bancaires.}riskScore{/hint}": "95" }, "paymentMethod": { "type": "card", "number": "4917610000000000", "expiryMonth": "03", "expiryYear": "2030", "holderName": "John Smith", "cvc": "737" }, "{hint:Only required for Cartes Bancaires.}threeDS2RequestData{/hint}": { "challengeIndicator": "requestChallenge" }, "{hint:Only required for Cartes Bancaires.}additionalData{/hint}": { "scaExemption": "lowValue", "acquirerCode": "AdyenCartesBancaires" }, "shopperInteraction": "Ecommerce", "recurringProcessingModel": "CardOnFile" }' ``` ### Tab: 3D Secure 1 **/payments request** ```bash curl https://checkout-test.adyen.com/v72/payments \ -H 'x-api-key: ADYEN_API_KEY' \ -H 'content-type: application/json' \ -d '{ "amount": { "currency": "EUR", "value": 1000 }, "merchantAccount": "YOUR_MERCHANT_ACCOUNT", "reference": "YOUR_ORDER_NUMBER", "channel": "Web", "mpiData": { "cavv": "3q2+78r+ur7erb7vyv66vv////8=", "cavvAlgorithm": "1", "eci": "05", "xid": "ODUzNTYzOTcwODU5NzY3Qw==", "directoryResponse": "Y", "authenticationResponse": "Y" }, "paymentMethod": { "type": "visa", "number": "4917610000000000", "expiryMonth": "03", "expiryYear": "2030", "holderName": "John Smith", "cvc": "737" }, "shopperInteraction": "Ecommerce", "recurringProcessingModel": "CardOnFile" }' ``` ### Sample response You will receive an  **Authorised** `resultCode` if the payment authorization was successful. See [Result codes](/online-payments/payment-result-codes) for a complete list of values and the actions that you need to take. **/payments response** ```json { ... "pspReference": "V4HZ4RBFJGXXGN82", "resultCode": "Authorised", } ``` ## Testing To complete end-to-end testing with third-party authentication, [create test cards](/development-resources/test-cards-and-credentials/create-test-cards) using the card ranges of your authentication provider. This allows you to use the same card number for both authentication and authorization. Do the following in the test environment, using the test card number that you created: 1. Authenticate using your third-party provider. 2. [Make a payment](#make-a-payment-with-third-party-authentication-data) with the third-party authentication data. ## See also * [3D Secure integration guides](/online-payments/3d-secure/native-3ds2) * [API Reference for 3D Secure](/online-payments/3d-secure/api-reference)