# Endpoints

The Risk Payer Authentication API provides three sequential endpoints that work together to implement the complete 3D Secure authentication flow. Each endpoint serves a specific purpose in the authentication process and must be called in the correct order.

### Endpoint Overview

#### Authentication Flow Sequence

| Endpoint             | Purpose                                           | When to Use                       |
| -------------------- | ------------------------------------------------- | --------------------------------- |
| **Setup**            | Initialize authentication process                 | Always - First step in every flow |
| **Check Enrollment** | Verify card enrollment and perform authentication | Always - After setup completion   |
| **Validate**         | Confirm challenge completion                      | Only when challenge is required   |

### Common Request Elements

#### Authentication

All endpoints require:

```
x-api-key: <YOUR_API_KEY>
Content-Type: application/json
```

#### Card Information Formats

All endpoints accept three card number formats:

* **Permanent Token**: `"{{token_id : detokenize}}"`
* **Temporal Token**: `"{{temp_token_id : transaction}}"`
* **Plain Card Number**: `"4111111111111111"`

#### Response Structure

All endpoints return standardized responses:

```json
{
  "status": "success|fail|error",
  "message": "Descriptive message",
  "data": { /* Endpoint-specific data */ }
}
```

### Implementation Notes

#### Sequential Dependencies

* **Setup** provides tokens needed for **Check Enrollment**
* **Check Enrollment** provides transaction ID needed for **Validate**
* **Validate** is only used when enrollment status is `Pending_authentication`

#### Error Handling

Each endpoint can return different error scenarios:

* Card validation errors (expired, invalid)
* Authentication system errors
* Network and system failures

#### Cardinal Commerce Integration

* **Setup** provides device data collection URL
* **Check Enrollment** uses device data and may trigger challenges
* **Validate** confirms challenge completion results

### Next Steps

Explore the detailed documentation for each endpoint:

* [**Setup Authentication**](/api-docs/api-reference/risk/payer-authentication-3d-secure/endpoints/setup.md) - Initialize the authentication process
* [**Check Enrollment**](/api-docs/api-reference/risk/payer-authentication-3d-secure/endpoints/check-enroll.md) - Verify card enrollment and perform authentication
* [**Validate Authentication**](/api-docs/api-reference/risk/payer-authentication-3d-secure/endpoints/validate.md) - Validate challenge completion results

Each endpoint page includes complete request/response examples, parameter definitions, and integration guidelines.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://firstoken.gitbook.io/api-docs/api-reference/risk/payer-authentication-3d-secure/endpoints.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.