Card Transactions
Credit card transactions are always initiated through the API. Only local currencies (BRL, MXN, COP and CLP) are supported.
Card Tokenization
You can register a credit card for a specific customer, so you don't need to register the same card every transaction. Customers can have their cards registered to make transactions.
NOTE: If you use version 2 on our client js, you need send us the threeds object
curl -X POST "https://api.facilitapay.com/api/v1/subject/:subject_id/credit_cards" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...." \
-d '{
"credit_card": {
"card_number": "2584958561024786",
"card_expiration_date": "12/2030",
"card_brand": "Visa",
"card_security_code": "333",
"fullname": "Credit Card Holder Name",
"threeds": {
"softDescriptor": "Attrus",
"httpAcceptBrowserValue": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
"userAgentBrowserValue": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36",
"httpBrowserJavaEnabled": "false",
"httpBrowserLanguage": "en-US",
"httpBrowserColorDepth": "24",
"httpBrowserScreenHeight": "570",
"httpBrowserScreenWidth": "1080",
"httpBrowserJavaScriptEnabled": "true",
"httpBrowserTimeDifference": "180",
"ipAddress": "187.18.136.135",
"challengeWindowSize": "250x400",
"df_reference_id": "0_2ecc0eb3-b5f3-46a7-9dd2-481dda92290b",
"mcc": "8999"
}
}
}'
HTTP Request
POST /subject/:subject_id/credit_cards
Path Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
subject_id | Person or Company's ID | string | true |
Body Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
credit_card | An object containing all the required values | object | true |
card_number | The card number without spaces | string | true |
card_expiration_date | Card expiration date in MM/YY format | string | true |
card_brand | Card brand, such as Visa, Mastercard, Amex or Elo | string | true |
card_security_code | Partner's customer/company UUID | string | true |
fullname | Cardholder's name as it appears on the card | string | true |
threeds | Data containing at least the following required values: | object | true |
threeds.softDescriptor | It is a short description of the merchant that will appear on the buyer's credit card statement. If this field was filled will be used, otherwise the social name of merchant will be used also append the *attrus*, e.g.: MerchantName*attrus. Any characters that exceed this limit will be truncated. | string | false |
threeds.httpAcceptBrowserValue | Value of the Accept Header of the Customer's browser. | string | true |
threeds.httpBrowserLanguage | Customer's browser language according to https://www.techonthenet.com/js/language_tags.php | string | true |
threeds.httpBrowserJavaEnabled | If Java is enabled on customer browser. Options: true, false | string | true |
threeds.httpBrowserJavaScriptEnabled | If JavaScript is enabled on customer browser. Options: true, false | string | true |
threeds.httpBrowserColorDepth | Number of bits used to display images. | string | true |
threeds.httpBrowserScreenHeight | Height of the Customer's screen resolution. | string | true |
threeds.httpBrowserScreenWidth | Width of the Customer screen resolution. | string | true |
threeds.httpBrowserTimeDifference | Difference in minutes between GMT time and that of the Customer's browser. | string | true |
threeds.userAgentBrowserValue | The exact value of the User Agent Header. | string | true |
threeds.ipAddress | It is the IP address of the Customer's device. | string | true |
threeds.challengeWindowSize | The size of the challenge window displayed to the shopper. Options: fullPage, 250x400, 390x400, 500x600, 600x400. | string | true |
threeds.df_reference_id | Session ID generated after the DDC is completed. | string | true |
threeds.mcc | Dynamic MCC. If you have multiple merchant category codes, the MCC lets you send a different merchant category code per transaction. Options: 8999, 5045, 4722, 8299, 5947, 5065, 7372 | string | true |
Common mistakes
Solution: Provide a valid credit card verifying the card data and subject
Solution: Please provide the credit card holder's name as it appears on the card
Solution: Please provide a valid credit card number
Note: In the sandbox environment, all cards will be automatically registered as tokenized.
Confirm Card Tokenization
After tokenization card and if has challenge, you need confirm using this route.
curl -X POST "https://api.facilitapay.com/api/v1/subject/:subject_id/credit_cards/:credit_card_id/confirm" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...." \
-d '{
"credit_card": {
"card_number": "2584958561024786",
"card_expiration_date": "12/2030",
"card_brand": "Visa",
"card_security_code": "333",
"fullname": "Credit Card Holder Name"
}
}'
HTTP Request
POST /subject/:subject_id/credit_cards/:credit_card_id/confirm
Path Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
subject_id | Person or Company's ID | string | true |
credit_card_id | Credit card ID | string | true |
Body Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
credit_card | An object containing all the required values | object | true |
card_number | The card number without spaces | string | true |
card_expiration_date | Card expiration date in MM/YY format | string | true |
card_brand | Card brand, such as Visa, Mastercard, Amex or Elo | string | true |
card_security_code | Partner's customer/company UUID | string | true |
fullname | Cardholder's name as it appears on the card | string | true |
Common mistakes
Solution: Provide a valid credit card verifying the card data and subject
Solution: Please provide the credit card holder's name as it appears on the card
Example - Credit Card Transaction
This example covers a transaction of BRL 2500.50 using the credit card for an Attrus account to be converted to USD and sent to the partner's USD bank account. Note that it provides the credit card details on the fly. If you want to register(tokenize) the credit card prior to the transaction, please refer to the credit card registration endpoint above.
curl -X POST "https://api.facilitapay.com/api/v1/transactions" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...." \
-d '{
"transaction": {
"currency": "BRL",
"exchange_currency": "USD",
"value": "2500.50",
"from_credit_card": {
"card_number": "4761739001010036",
"card_expiration_date": "12/2022",
"card_security_code": "123",
"card_brand": "Visa",
"fullname": "Jose Silva"
},
"to_bank_account_id": "766eadfc-f020-4d2a-bed3-c9a95623ed24",
"subject_id": "deb1a9eb-39d0-4d3d-ab30-bee5406d8e21"
}
}'
HTTP Request
POST /transactions
Body Parameters
| Parameter | Description | Type | Required | Required For |
|---|---|---|---|---|
transaction | An object containing all the required values | object | true | |
currency | Source currency for the transaction (ISO 4217 format) | string | true | |
exchange_currency | Currency to be exchanged (ISO 4217 format) | string | true | |
value | Value to be exchanged (in the source currency) | string | true | |
from_credit_card_id | A registered (tokenized) credit card ID can also be provided instead of the whole credit card data | string | false | When you don't send from_credit_card |
from_credit_card | An object, containing the following parameters: | object | false | When you don't send from_credit_card_id |
from_credit_card.card_number | Credit card number. Valid credit card numbers would also work, but debit card numbers won't | string | false | |
from_credit_card.card_expiration_date | Card expiration date (mm/yyyy) | string | false | |
from_credit_card.card_security_code | 3-digit card security code | string | false | |
from_credit_card.card_brand | Brand of the credit card used in the transaction (e.g., Visa, MasterCard) | string | false | |
from_credit_card.fullname | Full name of the credit card's owner | string | false | |
from_credit_card.birthdate | Birthdate of the credit card owner | string | false | |
from_credit_card.document_type | Document type of the credit card owner | string | false | |
from_credit_card.document_number | Document number of the credit card owner | string | false | |
from_credit_card.phone_country_code | Country phones code (2 digits: BR +55; MX +52; COP +57; CL +52) | string | false | |
from_credit_card.phone_area_code | Internal country area code | string | false | |
from_credit_card.phone_number | Contact phone number linked to the credit card holder | string | false | |
to_bank_account_id | ID of an USD bank account from the partner | string | true | |
subject_id | ID of one of the partner's customer | string | true |
Note: All successful exchange transactions initiated in sandbox will be stored as wired. In the production environment they will be initially on the identified status. In either environment, if no exchange is created the transaction will be stored as identified, if it is approved.
Credit card transactions in Brazil 🇧🇷
Supported brands: Amex, Diners, Discover, JCB, Maestro, Mastercard and Visa
Refer to the payloads and tables to the right and below for the required parameters.
For sandbox, you can use a checkout page sample available on our portal or via the following link. This page will help you understand the needed information and the whole flow from the credit transactions.
We highly recommend testing the checkout page first before initiating direct API calls, because you can adapt it to your front-end environment.
curl -X POST "https://api.facilitapay.com/api/v1/transactions" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...." \
-d '{
"transaction": {
"currency": "BRL",
"exchange_currency": "BRL",
"value": "125.00",
"from_credit_card": {
"card_type": "credit",
"card_number": "4000000000001091",
"card_expiration_date": "01/2034",
"card_security_code": "395",
"card_brand": "master",
"fullname": "Jose Silva"
},
"threeds": {
"softDescriptor": "Attrus",
"httpAcceptBrowserValue": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
"httpBrowserLanguage": "en-US",
"httpBrowserJavaEnabled": "false",
"httpBrowserJavaScriptEnabled": "true",
"httpBrowserColorDepth": "24",
"httpBrowserScreenHeight": "969",
"httpBrowserScreenWidth": "1250",
"httpBrowserTimeDifference": "240",
"userAgentBrowserValue": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36",
"ipAddress": "127.0.0.1",
"challengeWindowSize": "250x400"
},
"to_bank_account_id": "3686155e-f5f6-4e5b-97e7-60473a506b8c",
"subject_id": "6b724825-ce7e-4da2-9def-d75957fee745",
"meta": {
"version": 2,
"df_reference_id": "0_165b7a2f-359a-4efb-aae2-6e09cb786cf9",
"mcc": "8999"
}
}
}'
To create using the API call you will use the following endpoint:
HTTP Request
POST /transactions
Body Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
transaction | transaction data containing at least the following required values: | object | true |
currency | Origin currency | string | true |
exchange_currency | Destination currency | string | true |
value | Total amount to be charged. Only numbers with exponent size 2 are allowed. (e.g.: 12.34). | string | true |
from_credit_card | Data containing at least the following required values: | object | true |
from_credit_card.card_number | The card number without spaces | string | true |
from_credit_card.card_expiration_date | Card expiration date in MM/YYYY format | string | true |
from_credit_card.card_brand | Card brand, such as visa, mastercard, or elo | string | true |
from_credit_card.card_security_code | 3-digit card security code | string | true |
from_credit_card.fullname | Cardholder's full name | string | true |
threeds | Data containing at least the following required values: | object | true |
threeds.softDescriptor | It is a short description of the merchant that will appear on the buyer's credit card statement. The first 13 characters will be appended to the string Attrus*, e.g.: Attrus*Airbnb. Any characters that exceed this limit will be truncated. | string | false |
threeds.httpAcceptBrowserValue | Value of the Accept Header of the Customer's browser. | string | true |
threeds.httpBrowserLanguage | Customer's browser language according to https://www.techonthenet.com/js/language_tags.php | string | true |
threeds.httpBrowserJavaEnabled | If Java is enabled on customer browser. Options: true, false | string | true |
threeds.httpBrowserJavaScriptEnabled | If JavaScript is enabled on customer browser. Options: true, false | string | true |
threeds.httpBrowserColorDepth | Number of bits used to display images. | string | true |
threeds.httpBrowserScreenHeight | Height of the Customer's screen resolution. | string | true |
threeds.httpBrowserScreenWidth | Width of the Customer screen resolution. | string | true |
threeds.httpBrowserTimeDifference | Difference in minutes between GMT time and that of the Customer's browser. | string | true |
threeds.userAgentBrowserValue | The exact value of the User Agent Header. | string | true |
threeds.ipAddress | It is the IP address of the Customer's device. | string | true |
threeds.challengeWindowSize | The size of the challenge window displayed to the shopper. Options: fullPage, 250x400, 390x400, 500x600, 600x400. | string | true |
to_bank_account_id | Partner internal bank account ID | string | true |
subject_id | The ID of the person or company involved in the transaction. | string | true |
meta | Transaction metadata. | object | true |
meta.version | Version of the API. Use the value 2. | number | true |
meta.df_reference_id | Session ID generated after the DDC is completed. | string | true |
meta.mcc | Dynamic MCC. If you have multiple merchant category codes, the MCC lets you send a different merchant category code per transaction. Options: 8999, 5045, 4722, 8299, 5947, 5065, 7372 | string | true |
Test Cards
| Card Number | Description |
|---|---|
4000000000001000 | Test Case 1: Successful Frictionless Authentication (Visa) |
5200000000001005 | Test Case 1: Successful Frictionless Authentication (Mastercard) |
4000000000001018 | Test Case 2: Failed Frictionless Authentication |
4000000000001026 | Test Case 3: Attempts Stand-In Frictionless Authentication |
4000000000001034 | Test Case 4: Unavailable Frictionless Authentication from the Issuer |
4000000000001042 | Test Case 5: Rejected Frictionless Authentication by the Issuer |
4000000000001059 | Test Case 6: Authentication Not Available on Lookup |
4000000000001067 | Test Case 7: Error on Lookup |
4000000000001075 | Test Case 8: Timeout on cmpi_lookup Transaction |
4000000000001091 | Test Case 10: Successful Step Up Authentication (Visa) |
5200000000001096 | Test Case 10: Successful Step Up Authentication (Mastercard) |
4000000000001109 | Test Case 11: Failed Step Up Authentication |
4000000000001117 | Test Case 12: Step Up Authentication is Unavailable |
4000000000001125 | Test Case 13: Error on Authentication |
Important Notes
- From August 2025, this will be the default endpoint to create transactions. Check out the older version on the
Credit card transactions Brazil (Deprecated)section. - A transaction with the status of
identifiedmeans that the payment was approved without challenge. - A transaction with the status of
pendingmeans that the payment is awaiting the challenge resolution. If the challenge was requested, but it is not completed within 5 minutes (i.e., timeout), the status is updated tocanceled. - A transaction with the status of
canceledmeans that the payment was canceled by some reason, see thecanceled_reasonfield on API response for more details.
Troubleshooting
Common errors for card transactions
This error occurs when:
- Your partner account is configured to require 3DS authentication (
only_3DS: true)- The transaction was submitted without the required 3DS data (missing
threedsobject ormeta.df_reference_id)
Solution: Ensure you are using the 3DS flow as documented above. Include the
threedsobject with all required parameters and themetaobject withversion,df_reference_id, andmccfields. If you are using the checkout page, make sure the DDC (Device Data Collection) step is completed before submitting the transaction.
Credit card transactions in Brazil 🇧🇷 - JWT for DDC
Generates a new JWT to be used in DDC (Device Data Collection) step. This token is required, otherwise, the DDC step will fail.
The DDC step is performed on the shopper's browser to collect device data as part of the authentication process. After the DDC step is done, it returns a SessionId, which will be sent as df_reference_id in the payment request.
For a practical example of how the DDC step is implemented, refer to the provided sample checkout page (in the previous section). This sample demonstrates the process of obtaining the JWT from the /acquirer_v2/ddc/token/ endpoint, passing it to the frontend (via facilitapay.setJwtForDdc(jwt)), and performing device data collection in the shopper's browser. Reviewing this HTML sample will help clarify how to integrate the DDC flow into your own checkout page.
curl -X GET "https://api.facilitapay.com/api/v1/acquirer_v2/ddc/token" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...."
HTTP Request
GET /acquirer_v2/ddc/token
Credit card transactions in Mexico 🇲🇽
Supported brands: Mastercard and Visa
For testing, you can use a checkout page sample available on our portal or via the following link. This page will help you understand the needed information and the whole flow from the credit transactions.
We highly recommend testing the checkout page first before initiating direct API calls, because you can adapt it to your front-end environment. Sample checkout pages links: One-time purchase Tokenized purchase
The source code for the HTML file is available below.
To create using the API call you will use the following endpoint:
curl -X POST "https://api.facilitapay.com/api/v1/transactions" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...." \
-d '{
"transaction": {
"currency": "MXN",
"exchange_currency": "USD",
"value": "2000.00",
"from_credit_card": {
"card_number": "4456524869770255",
"card_expiration_date": "03/27",
"card_security_code": "234",
"card_brand": "Visa",
"card_type": "Credit",
"fullname": "Luiz Abreu Nieto"
},
"threeds": { "jwt": "eyJhbGciOiJIUzI1NiIsInR5cC..."
},
"to_bank_account_id": "{{partner_usd_account_id}}",
"subject_id": "{{mx_person_id}}"
}
}'
HTTP Request
POST /transactions
Body Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
threeds | An object containing only the jwt token. You will get that token on the front-end | object | true |
Test Cards
| Card Numbers | Description |
|---|---|
4456528080389860, 4456529267234200, 4456529165328302, 4456524869770255 | Valid test cards that will trigger the 3ds OTP validation (must be above 1000 MXN) |
4456540000000063, 4456541249811088, 4456543371713314, 4456541982068615 | Valid test cards that will always approve, skipping the 3ds OTP validation |
4456530000000031, 4456530000000106, 4456536583667765, 4456536501449767 | Test cards that will fail the 3DS validation |
4456523340069956, 4456541249811088 | Test cards that will always fail |
4349003000047015, 4349001210846432, 4349001386781322, 4349003243371321 | Test cards that will always fail and the reason will be disclosed |
Confirm 3DS Credit Card Transaction in Mexico 🇲🇽
When your customer is prompted for an OTP, the transaction you created in the previous step will be held on pending until this step is done. Once that OTP is entered and confirmed, this endpoint needs to be called in the sequence. If the process is successfully complete, you will have an identified status transaction. Otherwise, it will be canceled. In this case you can check what happened in the errors or payment_failed field. Note: if you are using our HTML sample page, this part will be done automatically and any errors will be presented on pop-ups.
curl -X POST "https://api.facilitapay.com/api/v1/transactions/:id/confirm_threeds" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...."
HTTP Request
POST /transactions/:id/confirm_threeds
Path Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
id | ID of the transaction created in the previous step | string | true |
Credit card transactions in Colombia 🇨🇴
Supported brands: Mastercard and Visa
For Colombia you will create a credit card transaction calling our API, using the from_credit_card field. Check the payload below.
For sandbox, you can use a checkout page sample available on our portal or via the following link. This page will help you understand the needed information and the whole flow from the credit transactions.
We highly recommend testing the checkout page first before initiating direct API calls, because you can adapt it to your front-end environment.
To create using the API call you will use the following endpoint:
curl -X POST "https://api.facilitapay.com/api/v1/transactions" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...." \
-d '{
"transaction": {
"currency": "COP",
"exchange_currency": "USD",
"value": "2000000.00",
"from_credit_card": {
"card_number": "4456524869770255",
"card_expiration_date": "03/27",
"card_security_code": "234",
"card_brand": "Visa",
"card_type": "Credit",
"fullname": "Luiz Abreu Nieto"
},
"threeds": { "jwt": "eyJhbGciOiJIUzI1NiIsInR5cC..."
},
"to_bank_account_id": "{{partner_usd_account_id}}",
"subject_id": "{{co_person_id}}"
}
}'
HTTP Request
POST /transactions
Body Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
threeds | An object containing only the jwt token. You will get that token on the front-end | object | true |
Test Cards
| Card Numbers | Description |
|---|---|
4456528080389860, 4456529267234200, 4456529165328302, 4456524869770255 | Valid test cards that will trigger the 3ds OTP validation (must be above 100,000 COP) |
4456540000000063, 4456540000000064, 4456543371713314, 4456541982068615 | Valid test cards that will skip the 3ds OTP validation regardless of the value |
4456523340069956, 4456541249811088 | Test cards that will always fail |
4349003000047015, 4349001210846432, 4349001386781322, 4349003243371321 | Test cards that will always fail and the reason will be disclosed |
Confirm 3DS Credit Card Transaction in Colombia 🇨🇴
When your customer is prompted for an OTP (one-time password), the transaction you created in the previous step will be held on pending until this step is done. Once that OTP is entered and confirmed, this endpoint needs to be called in the sequence. If the process is successfully complete, you will have an identified status transaction. Otherwise, it will be canceled. In this case you can check what happened in the errors or payment_failed field. Note: if you are using the HTML sample page, this part will be done automatically and any errors will be presented on pop-ups. Notice that in sandbox, this scenario can be simulated by making a transaction greater than 100000 COP.
curl -X POST "https://api.facilitapay.com/api/v1/transactions/:id/confirm_threeds" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...."
HTTP Request
POST /transactions/:id/confirm_threeds
Path Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
id | ID of the transaction created in the previous step | string | true |
Credit card transactions in Chile 🇨🇱
Supported brands: Mastercard and Visa
To create transactions using a Chilean credit card, you have two options: utilize the provided API call, exemplified below, or opt for the checkout page sample available on our sandbox portal or via the following link. We highly recommend testing the checkout page first before initiating direct API calls, because you can adapt it to your front-end environment.
There are also 2 possible flows for payment: one-time payment and tokenization, each one with a full working HTML example. You can find further instructions on the HTML sample pages.
Check in the person or company sections for the required information you need to collect from your customers to enable the creation of a card transaction since the 3DS validation is implemented in CLP card transactions.
To create using the API call you will use the following endpoint:
curl -X POST "https://api.facilitapay.com/api/v1/transactions" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...." \
-d '{
"transaction": {
"currency": "CLP",
"exchange_currency": "USD",
"value": "30000",
"from_credit_card": {
"card_number": "4456524869770255",
"card_expiration_date": "03/30",
"card_security_code": "345",
"card_brand": "Visa",
"fullname": "Muñoz Perez Izidro"
},
"threeds": {
"jwt": "eyJhbGciOiJIUzI1NiIsInR5cC..."
},
"to_bank_account_id": "{{partner_usd_account_id}}",
"subject_id": "{{cl_person_id}}"
}
}'
HTTP Request
POST /transactions
Body Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
threeds | An object containing only the jwt token. You will get that token on the front-end | object | true |
Test Cards
| Card Numbers | Description |
|---|---|
4456528080389860, 4456529267234200, 4456529165328302, 4456524869770255 | Valid test cards that will trigger the 3ds OTP validation (must be above 100,000 COP) |
4456540000000063, 4456540000000064, 4456543371713314, 4456541982068615 | Valid test cards that will skip the 3ds OTP validation regardless of the value |
4456523340069956, 4456541249811088 | Test cards that will always fail |
4349003000047015, 4349001210846432, 4349001386781322, 4349003243371321 | Test cards that will always fail and the reason will be disclosed |
Confirm 3DS Credit Card Transaction in Chile 🇨🇱
When your customer is prompted for an OTP (one-time password), the transaction you created in the previous step will be held on pending until this step is done. Once that OTP is entered and confirmed, this endpoint needs to be called in the sequence.
If the process is successfully complete, you will have an identified status transaction. Otherwise, it will be canceled. In this case you can check what happened in the errors or payment_failed field.
Note: if you are using the HTML sample page, this part will be done automatically and any errors will be presented on pop-ups.
Notice that in sandbox, this scenario can be simulated by making a transaction greater than 3000 CLP.
curl -X POST "https://api.facilitapay.com/api/v1/transactions/:id/confirm_threeds" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9...."
HTTP Request
POST /transactions/:id/confirm_threeds
Path Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
id | ID of the transaction created in the previous step | string | true |