| HTTP Method | API URL | API Version |
|---|---|---|
| POST | https://api.payzone.ma/transaction/3dsauth | 0208 |
| Field | Type | Max Length | Required | Description | Version |
|---|---|---|---|---|---|
| threeDSServerTransID | String | 36 | yes | The unique identifier of the 3DS transaction (returned from 3DSCheck operation) | 0208 |
Note: Gateway API transactions are done with a different library than payment-page API. See the code sample comments for more info:
/*
* Example of a 3DSecure V2 Auth operation
*/
$client = new GatewayClient();
$transaction = $client->newTransaction('3DSAuth');
$transaction->setSCATransactionID($threeDSServerTransID);
$response = $transaction->send();
// If response code 655, authentication is required
if ('655' === $response->errorCode) {
// Merchant should display a form with POST autosubmit and redirect the user
// If response code 000, no authentication is required and direct Sale/Authorize operation is permitted
} elseif ('000' === $response->errorCode) {
$transaction = $client->newTransaction('CCSale');
$transaction->setTransactionInformation('200', 'USD', "orderID123");
$transaction->setCardInformation(null, '000', 'Jean XxXxX', null, null);
$transaction->setShopperInformation('Jean XxXxX', null, null, null, null, null, null, null, null, null);
$transaction->setSCACRes($response->CRes);
$response = $transaction->send();
if ('000' === $response->errorCode) {
// Example as to confirm the order in your cart CRM
$cart->order->confirm();
}
} else {
echo "Error {$response->errorCode} with message {$response->errorMessage}";
}
PaymentGatewayConnector connector = new PaymentGatewayConnector(API_URL, ORIGINATOR, PASSWORD);
ThreeDSAuthRequest request = new ThreeDSAuthRequest();
request.setThreeDSServerTransID(threeDSCheckResponse.getThreeDSServerTransID());
try {
response = connector.doThreeDSAuthTransaction(request);
} catch (Exception e) {
e.printStackTrace();
}
if (response != null) {
if (TransactionResultCode.TRANSACTION_SUCCESSFULLY.equals(response.getErrorCode()) {
System.out.println("Success: " + response.getErrorMessage());
} else {
System.out.println("Failure: " + response.getErrorMessage());
}
}
IMPORTANT! Mind that, depending on the customer’s credit card issuer bank, it is possible that the protocol falls back to 3DSecure v1. In such cases, instead of
CReqandthreeDSURLparameters, this operation may returnACSUrlandPaReq. The transactions should then proceed as 3DSecure v1.
The body of the response is in JSON format.
The following fields are present in the response :
| Name | Type | Description |
|---|---|---|
| errorCode | String | See API Response Codes |
| errorMessage | String | See API Response Codes |
| threeDSURL | String | v2 URL of the ACS in case the authentication response message indicates that a challenge is required. |
| CReq | String | v2 The data to be sent to the threeDSURL (Only present if challenge is requested) |
| CRes | String | v2 The data to be sent to the Sale/Authorization operation (Only present if frictionless) |
| ACSUrl | String | v1 URL to 3D Secure Page of the issuing bank |
| PaReq | String | v1Payer Authentication Request |