Endpoints

The Risk Payer Authentication API provides three sequential endpoints that work together to implement the complete 3D Secure authentication flow. Each endpoint serves a specific purpose in the authentication process and must be called in the correct order.

Endpoint Overview

Authentication Flow Sequence

Endpoint
Purpose
When to Use

Setup

Initialize authentication process

Always - First step in every flow

Check Enrollment

Verify card enrollment and perform authentication

Always - After setup completion

Validate

Confirm challenge completion

Only when challenge is required

Common Request Elements

Authentication

All endpoints require:

x-api-key: <YOUR_API_KEY>
Content-Type: application/json

Card Information Formats

All endpoints accept three card number formats:

  • Permanent Token: "{{token_id : detokenize}}"

  • Temporal Token: "{{temp_token_id : transaction}}"

  • Plain Card Number: "4111111111111111"

Response Structure

All endpoints return standardized responses:

{
  "status": "success|fail|error",
  "message": "Descriptive message",
  "data": { /* Endpoint-specific data */ }
}

Implementation Notes

Sequential Dependencies

  • Setup provides tokens needed for Check Enrollment

  • Check Enrollment provides transaction ID needed for Validate

  • Validate is only used when enrollment status is Pending_authentication

Error Handling

Each endpoint can return different error scenarios:

  • Card validation errors (expired, invalid)

  • Authentication system errors

  • Network and system failures

Cardinal Commerce Integration

  • Setup provides device data collection URL

  • Check Enrollment uses device data and may trigger challenges

  • Validate confirms challenge completion results

Next Steps

Explore the detailed documentation for each endpoint:

Each endpoint page includes complete request/response examples, parameter definitions, and integration guidelines.

Last updated

Was this helpful?