---
title: "Custom 3D Secure using an external MPI"
url: "https://docs.adyen.com/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/3d-secure-1/custom-3d-secure-implementation/custom-3d-secure-using-an-external-mpi"
source_url: "https://docs.adyen.com/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/3d-secure-1/custom-3d-secure-implementation/custom-3d-secure-using-an-external-mpi.md"
canonical: "https://docs.adyen.com/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/3d-secure-1/custom-3d-secure-implementation/custom-3d-secure-using-an-external-mpi"
last_modified: "2026-05-23T12:56:19+02:00"
language: "en"
---

# Custom 3D Secure using an external MPI

[View source](/online-payments/classic-integrations/classic-api-integration/3d-secure-authentication/3d-secure-1/custom-3d-secure-implementation/custom-3d-secure-using-an-external-mpi.md)

**Adyen is no longer developing the Classic API integration**

This page is for the Classic API (`/authorise`) integration, which we no longer accept new integrations with.

We strongly recommend migrating to the newer [authorisation-only flow on Checkout API](/online-payments/3d-secure/other-3ds-flows/authorize-mpidata) integration. To use this newer integration, you must also [migrate to the Checkout API](/online-payments/upgrade-your-integration/migrate-to-checkout-api).

## Authorise the payment

Submitting API payments with an external3D MPI is implemented as a SOAP service using the same URL, WSDL, username and password as used for normal API payments. 

1. Make an `/authorise` request. 
2. For custom 3D secure integrations specifically, pass the following fields:

* * `shopperIP`: IP address of the shopper.

  * `browserInfo.userAgent` and  `browserInfo.acceptHeader`:  The user agent and accept header value of the shopper's browser. 

  * `mpiData`: A container for the data retrieved from the external 3D MPI.

  * `acquirerCode` and `authorisationMid`: These values will be supplied to you by the support department. By default Adyen dynamically routes transactions to multiple acquirers depending on  configuration or availability. When using an external MPI the authorisation  must be processed over the same acquirer and MID (account at the acquirer) as used by the  MPI. Therefore, the `acquirerCode` and `authorisationMid` must be passed in the `additionalData`.

Request:

```xml
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <soap:Body>
      <ns1:authorise xmlns:ns1="http://payment.services.adyen.com">
         <ns1:paymentRequest>
            <amount xmlns="http://payment.services.adyen.com">
               <currency xmlns="http://common.services.adyen.com">USD</currency>
               <value xmlns="http://common.services.adyen.com">1000</value>
            </amount>
            <browserInfo xmlns="http://payment.services.adyen.com">
               <acceptHeader xmlns="http://common.services.adyen.com">text/xml,application/xml,application/xhtml+xml,text/html;q=0.
9,text/plain;q=0.8,image/png,*/*;q=0.5</acceptHeader>
               <userAgent xmlns="http://common.services.adyen.com">Mozilla/5.0 (Macintosh; U; Intel Mac OS
X; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6</userAgent>
            </browserInfo>
            <card xmlns="http://payment.services.adyen.com">
               <expiryMonth>06</expiryMonth>
               <expiryYear>2016</expiryYear>
               <holderName>Adyen Test</holderName>
               <number>4111111111111111</number>
               <cvc>737</cvc>
            </card>
            <mpiData xmlns="http://payment.services.adyen.com">
               <directoryResponse>Y</directoryResponse>
               <authenticationResponse>Y</authenticationResponse>
               <cavv xsi:type="xsd:base64Binary">MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=</cavv>
               <xid xsi:type="xsd:base64Binary">MDk4NzY1NDMyMTA5ODc2NTQzMjE==</xid>
               <eci>05</eci>
               <cavvAlgorithm>5</cavvAlgorithm>
            </mpiData>
            <additionalData xmlns="http://payment.services.adyen.com">
               <entry>
                  <key xsi:type="xsd:string">acquirerCode</key>
                  <value xsi:type="xsd:string">TheAcquirerName</value>
               </entry>
               <entry>
                  <key xsi:type="xsd:string">authorisationMid</key>
                  <value xsi:type="xsd:string">94100010652000161</value>
               </entry>
            </additionalData>
            <merchantAccount xmlns="http://payment.services.adyen.com">ExampleMerchant</merchantAccount>
            <reference xmlns="http://payment.services.adyen.com">testReference1234</reference>
            <shopperIP xmlns="http://payment.services.adyen.com">127.0.0.1</shopperIP>
         </ns1:paymentRequest>
      </ns1:authorise>
   </soap:Body>
</soap:Envelope>
```

Response:

```xml
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns1="http://payment.services.adyen.com">
  <soap:Body>
    <ns1:authoriseResponse>
      <ns1:paymentResult>
        <ns1:additionalData>
          <ns1:entry>
            <ns1:key xsi:type="xsd:string">cvcResult</ns1:key>
            <ns1:value xsi:type="xsd:string">1 Matches</ns1:value>
          </ns1:entry>
          <ns1:entry>
            <ns1:key xsi:type="xsd:string">authCode</ns1:key>
            <ns1:value xsi:type="xsd:string">35286</ns1:value>
          </ns1:entry>
          <ns1:entry>
            <ns1:key xsi:type="xsd:string">avsResult</ns1:key>
            <ns1:value xsi:type="xsd:string">4 AVS not supported for this card type</ns1:value>
          </ns1:entry>
          <ns1:entry>
            <ns1:key xsi:type="xsd:string">avsResultRaw</ns1:key>
            <ns1:value xsi:type="xsd:string">4</ns1:value>
          </ns1:entry>
          <ns1:entry>
            <ns1:key xsi:type="xsd:string">cvcResultRaw</ns1:key>
            <ns1:value xsi:type="xsd:string">M</ns1:value>
          </ns1:entry>
          <ns1:entry>
            <ns1:key xsi:type="xsd:string">refusalReasonRaw</ns1:key>
            <ns1:value xsi:type="xsd:string">AUTHORISED</ns1:value>
          </ns1:entry>
          <ns1:entry>
            <ns1:key xsi:type="xsd:string">acquirerCode</ns1:key>
            <ns1:value xsi:type="xsd:string">TestPmmAcquirer</ns1:value>
          </ns1:entry>
          <ns1:entry>
            <ns1:key xsi:type="xsd:string">acquirerReference</ns1:key>
            <ns1:value xsi:type="xsd:string">8PQ02GQ2ATP</ns1:value>
          </ns1:entry>
        </ns1:additionalData>
        <ns1:pspReference>9935398566023719</ns1:pspReference>
        <ns1:resultCode>Authorised</ns1:resultCode>
        <ns1:authCode>35286</ns1:authCode>
      </ns1:paymentResult>
    </ns1:authoriseResponse>
  </soap:Body>
</soap:Envelope>
```