search

Endpoints

The Risk Payer Authentication API provides three sequential endpoints that work together to implement the complete 3D Secure authentication flow. Each endpoint serves a specific purpose in the authentication process and must be called in the correct order.

hashtag
Endpoint Overview

hashtag
Authentication Flow Sequence

Endpoint
Purpose
When to Use

Setup

Initialize authentication process

Always - First step in every flow

Check Enrollment

Verify card enrollment and perform authentication

Always - After setup completion

Validate

Confirm challenge completion

Only when challenge is required

hashtag
Common Request Elements

hashtag
Authentication

All endpoints require:

x-api-key: <YOUR_API_KEY>
Content-Type: application/json

hashtag
Card Information Formats

All endpoints accept three card number formats:

  • Permanent Token: "{{token_id : detokenize}}"

  • Temporal Token: "{{temp_token_id : transaction}}"

  • Plain Card Number: "4111111111111111"

hashtag
Response Structure

All endpoints return standardized responses:

hashtag
Implementation Notes

hashtag
Sequential Dependencies

  • Setup provides tokens needed for Check Enrollment

  • Check Enrollment provides transaction ID needed for Validate

  • Validate is only used when enrollment status is Pending_authentication

hashtag
Error Handling

Each endpoint can return different error scenarios:

  • Card validation errors (expired, invalid)

  • Authentication system errors

  • Network and system failures

hashtag
Cardinal Commerce Integration

  • Setup provides device data collection URL

  • Check Enrollment uses device data and may trigger challenges

  • Validate confirms challenge completion results

hashtag
Next Steps

Explore the detailed documentation for each endpoint:

Each endpoint page includes complete request/response examples, parameter definitions, and integration guidelines.

PreviousFrictionless Failed AuthenticationNextSetup

Last updated