Learn how to submit a payment authorisation with Adyen, using authentication data from a third-party 3D Secure provider.
This page describes passing authentication data in a /payments API request. If you are using the /authorise endpoint, refer to 3D Secure Classic integration.
Before you begin
Before you begin to integrate, make sure you have followed the Get started with Adyen guide to:
- Get an overview of the steps needed to accept live payments.
- Create your test account.
After you have created your test account:
- Get your API Key. Save a copy as you'll need it for API calls you make to the plataforma de pagamentos da Adyen.
- Check that you are using v46 or later of the /payments endpoint.
Get authentication data
You can only use the 3D Secure 1 parameters on this page if you're in one of the territories where 3D Secure 1 is still supported.
If you didn't authenticate with Adyen, refer to Mapping Adyen parameters to EMVCo ones.
To authorise a 3D Secure 2 authenticated payment, you need the following data:
Some issuers don't provide all fields; the Applies to column shows which fields you need from which issuers.
| Field | Applies to |
|---|---|
| authenticationResponse | All issuers |
| directoryResponse | All issuers |
| authenticationValue | All issuers |
| dsTransID | All issuers |
| eci | All issuers |
| threeDSVersion | All issuers |
| cavv | All issuers |
| cavvAlgorithm | Cartes Bancaires |
| challengeCancel | Cartes Bancaires |
| challengeIndicator | Cartes Bancaires |
| exemptionIndicator | Cartes Bancaires |
| riskScore | Cartes Bancaires |
Send a payment authorisation request with 3D Secure authentication data
Make a POST /payments request and include the following:
Some issuers require different fields. The Applies to column shows which issuers require each field.
| Field | Applies to |
|---|---|
| paymentMethod.type | All issuers. Learn more for co-branded cards. |
| mpiData.authenticationResponse | All issuers |
| mpiData.directoryResponse | All issuers |
| mpiData.cavv | All issuers |
| dsTransID | All issuers |
| mpiData.eci | All issuers |
| mpiData.threeDSVersion | All issuers |
| threeDS2RequestData.challengeIndicator | Cartes Bancaires |
| mpiData.cavvAlgorithm | Cartes Bancaires |
| mpiData.challengeCancel | Cartes Bancaires |
| mpiData.riskScore | Cartes Bancaires |
| additionalData.acquirerCode | Cartes Bancaires. Set to "AdyenCartesBancaires". |
| additionalData.scaExemption | Cartes Bancaires |
| shopperInteraction | All issuers |
| recurringProcessingModel | All issuers |
Co-branded cards
If you are authorising for a co-branded card, you need to set the paymentMethod.type value to the scheme that authenticated the payment. For example, if you are authorising for a card co-branded with Visa and Cartes Bancaires, set the value to either visa or cartebancaire, depending on which scheme performed the authentication. Otherwise, the authorisation can be refused.
Sample request
curl https://checkout-test.adyen.com/v69/payments/ \
-H "x-API-key: YOUR_X-API-KEY" \
-H "content-type: application/json" \
-d '{
"amount": {
"currency": "EUR",
"value": 1000
},
"merchantAccount": "YOUR_MERCHANT_ACCOUNT",
"reference": "YOUR_ORDER_NUMBER",
"channel": "Web",
"mpiData": {
"cavv": "3q2+78r+ur7erb7vyv66vv////8=",
"eci": "05",
"dsTransID": "c4e59ceb-a382-4d6a-bc87-385d591fa09d",
"directoryResponse": "C",
"authenticationResponse": "Y",
"threeDSVersion": "2.1.0",
"{hint:Only applies to Cartes Bancaires.}cavvAlgorithm{/hint}": "ABC",
"{hint:Only required for Cartes Bancaires.}riskScore{/hint}": "95"
},
"paymentMethod": {
"type": "visa",
"number": "4917610000000000",
"expiryMonth": "10",
"expiryYear": "2020",
"holderName": "John Smith",
"cvc": "737"
},
"{hint:Only required for Cartes Bancaires.}threeDS2RequestData{/hint}": {
"challengeIndicator": "requestChallenge"
},
"{hint:Only required for Cartes Bancaires.}additionalData{/hint}": {
"scaExemption": "lowValue",
"acquirerCode": "AdyenCartesBancaires"
},
"shopperInteraction": "ContAuth",
"recurringProcessingModel": "Subscription"
}'Sample response
You will receive an Authorised resultCode if the payment authorisation was successful. Otherwise, see Result codes for a complete list of values and the actions that you need to take.