> ## Documentation Index > Fetch the complete documentation index at: https://docs.mangopay.com/llms.txt > Use this file to discover all available pages before exploring further. # The Deposit Preauthorization object ### Description The Deposit Preauthorization object enables you to reserve funds on a card so they can be captured later, using two API calls: * Authorization of the transaction, handled by the Deposit Preauthorization object * Capture of the funds, handled by the Deposit Preauthorized PayIn object The Deposit Preauthorization object is used for two payment methods, indicated by the `PaymentType`: * `CARD` – Created using [POST Create a Card Deposit Preauthorization](/api-reference/deposit-preauthorizations/create-card-deposit-preauthorization) * `PAYPAL` – Created using [POST Create a PayPal Deposit Preauthorization](/api-reference/deposit-preauthorizations/create-paypal-deposit-preauthorization) In both cases, the capture is made with the same endpoint, [POST Create a Deposit Preauthorized PayIn](/api-reference/deposit-preauthorizations/create-deposit-preauthorized-payin): * `CARD` – Within **29.5** days. * `PAYPAL` – Within 3 days as recommended by PayPal, but the technical limit is **29** days (not 29.5). Note that preauthorizations may not be permitted by some issuers and for some card types. **Best practice - For PayPal, capture funds within 3 days** PayPal recommends that you capture preauthorized funds within 3 days. This is because the success of the capture is subject to risk and the availability of funds on the card (or other funding instrument) that the user has linked to their PayPal account. **Note – Multi-capture not possible with the Deposit Preauthorization** Multiple partial captures are not possible with the Deposit Preauthorization, for either `CARD` or `PAYPAL`. In both cases however, the single capture can be for an amount less than the preauthorized amount. ### Attributes Max. length: 255 characters The date and time at which the object was created. The date and time at which the hold period ends and the preauthorized funds are released.\ At the expiration date, the deposit preauthorization’s `PaymentStatus` changes to `EXPIRED` if no captures were made. The unique identifier of the user at the source of the transaction. Information about the preauthorized funds. **Returned values:** The three-letter ISO 4217 code (EUR, GBP, etc.) of a supported currency (depends on feature, contract, and activation settings). The currency of the funds. An amount of money in the smallest sub-division of the currency (e.g., EUR 12.60 would be represented as `1260` whereas JPY 12 would be represented as just `12`). **Returned values:** `CREATED`, `SUCCEEDED`, `FAILED` The status of the authorization. **Returned values:** `WAITING`, `CANCELED`, `CANCEL_REQUESTED`, `EXPIRED`, `VALIDATED`, `FAILED` The payment status of the deposit preauthorization object: * `WAITING` – The deposit preauthorization can be used: the preauthorized funds can be captured (if `Status` is `SUCCEEDED`) or the preauthorization can be canceled manually. * `CANCELED` – Value to pass to manually cancel the deposit preauthorization before use; indicates that the deposit preauthorization was canceled manually. * `CANCEL_REQUESTED` – The cancellation of the deposit preauthorization has been requested but not yet processed. * `EXPIRED` – The hold period on the preauthorized funds has ended without it being used. * `VALIDATED` – Indicates that the preauthorized funds were captured. * `FAILED` – The pay-in against the preauthorization has failed, but a retry may be possible. Information about the deposit preauthorized pay-ins made against the deposit preauthorization. The unique identifier of the preauthorized pay-in (capture) made against the deposit preauthorization to debit the preauthorized funds. The unique identifier of the deposit preauthorized pay-in complement made against the deposit preauthorization to debit additional funds. The code indicating the result of the operation. This information is mostly used to handle errors or for filtering purposes. The explanation of the result code. The unique identifier of the Card object, obtained during the card registration process. **Returned values:** `VISA`, `MASTERCARD`, `CB`, `MAESTRO` The card network to use, as chosen by the cardholder, in case of co-branded cards. Max. length: 255 characters The URL to which users are automatically returned after 3DS2 if it is triggered (i.e., if the `SecureModeNeeded` parameter is set to `true`). Max. length: 255 characters The URL to which to redirect the user to proceed to 3DS2 validation. **Caution:** This variable URL is specific to each payment. You must rely on the returned URL in full (host, path, and queries) and not hardcode any part of it. Whether or not the `SecureMode` was used. **Returned values:** `CARD`, `DIRECT_DEBIT`, `PREAUTHORIZED`, `BANK_WIRE` The type of pay-in. **Returned values:** `WEB`, `DIRECT`, `EXTERNAL_INSTRUCTION` The type of execution for the pay-in. Max. length: 10 characters; only alphanumeric and spaces Custom description to appear on the user’s bank statement along with the platform name. Different banks may show more or less information. See the Customizing bank statement references article for details. **Returned values:** One of the supported languages in the ISO 639-1 format: DE, EN, ES, FR, IT, NL, PL, PT. The language in which the payment page is to be displayed. Information about the browser used by the end user (author) to perform the payment. The exact content of the HTTP accept headers as sent to the platform from the end user’s browser. Whether or not the end user’s browser has the ability to execute Java. Format: Two-letter language code (ISO 639-1 alpha-2) followed by two-letter country code (ISO 3166-1 alpha-2), separated by a hyphen (example: `en-US`; pattern:`^[a-zA-Z]{2}(-[a-zA-Z]{2})?$`) The language of the browser. The value representing the depth of the screen’s color palette for displaying images, in bits per pixel. Max. length: 6 characters The height of the screen in pixels. Max. length: 6 characters The width of the screen in pixels. The difference in minutes between the browser’s timezone and UTC. Max. length: 255 characters The exact content of the HTTP User-Agent header. Whether or not the end user’s browser has the ability to execute JavaScript. The IP address of the end user initiating the transaction, in IPV4 or IPV6 format. **Default value:** FirstName, LastName, and Address information of the Shipping object if any, otherwise the user (author). Information about the end user billing address. If left empty, the default values will be automatically taken into account. The first name of the user. Max. length: 100 characters The last name of the user. Information about the billing address. Max. length: 255 characters The first line of the address. Max. length: 255 characters The second line of the address. Max. length: 255 characters The city of the address. Max. length: 255 characters Required if `Country` is US, CA, or MX. The region of the address. Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) The country of the address. **Default value:** FirstName, LastName, and Address information of the Billing object, if supplied, otherwise of the user (author). Information about the end user’s shipping address. The first name of the user. Max. length: 100 characters The last name of the user. Information about the shipping address. Max. length: 255 characters The first line of the address. Max. length: 255 characters The second line of the address. Max. length: 255 characters The city of the address. Max. length: 255 characters Required if `Country` is US, CA, or MX. The region of the address. Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) The country of the address. **Returned values:** `V1`, `V2_1` The 3DS protocol version to be applied to the transaction. **Returned values:** `V1`, `V2_1` The 3DS protocol version applied to the transaction. Max. length: 255 characters Custom data that you can add to this object. Information about the card used for the transaction. \ If the information or data is not available, `null` is returned. The 6-digit bank identification number (BIN) of the card issuer. The name of the card issuer. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) The country where the card was issued. **Returned values:** `DEBIT`, `CREDIT`, `CHARGE CARD`. The type of card product. The card brand. Examples include: `AMERICAN EXPRESS`, `DISCOVER`, `JCB`, `MASTERCARD`, `VISA`, etc. **Note:** The possible returned values are numerous and liable to evolve over time. The subtype of the card product. Examples include: `CLASSIC`, `GOLD`, `PLATINUM`, `PREPAID`, etc. **Note:** The possible returned values are numerous and liable to evolve over time. Information about the authentication result, based on the request made by Mangopay and the decision of the issuer regarding the type of authentication to be enforced (if applicable). Response values: `CHALLENGE`, `FRICTIONLESS`, `DIRECT_AUTHORIZATION` The type of authentication: * `CHALLENGE` – The issuer requested SCA to be enforced (for example, using 3DS). * `FRICTIONLESS` – The transaction was exempted from SCA because an exemption was granted by the issuer. * `DIRECT_AUTHORIZATION` – The transaction was sent to the issuer for authorization without any frictionless or challenge (for example, if SCA doesn't apply). A `null` value typically indicates that authentication was not requested (for example, because the request failed before being sent) or a decision was not received. The unique reference generated for the profiling session, used by the fraud prevention solution to produce recommendations for the transaction using the profiling data. **Note:** Parameter not returned by the API. Profiling feature available on request – contact Mangopay via the Dashboard for more information. The PayPal identifier of the buyer. The last name of the buyer. The mobile phone number of the buyer. The first name of the buyer. The country of the buyer. PayPal's unique identifier for the order. The URL to which the user is returned after canceling the payment. If not provided, the Cancel button returns the user to the RedirectURL. Shipping information of the `LineItems` added to the pay-in object. The shipment’s tracking number provided by the carrier. The carrier for the shipment. Use the country-specific version of the carrier if it exists, otherwise use its global version. **Default value:** false If `true`, sends an email notification to the `PaypalBuyerAccountEmail` containing the `TrackingNumber` and `Carrier`, which allows the end user to track their shipment with the carrier. **Returned values:** `SET_PROVIDED_ADDRESS`, `GET_FROM_FILE`, `NO_SHIPPING` Information about the shipping address behavior on the PayPal payment page: * `SET_PROVIDED_ADDRESS` - The `Shipping` parameter becomes required and its values are displayed to the end user, who is not able to modify them. * `GET_FROM_FILE` – The `Shipping` parameter is ignored and the end user can choose from registered addresses. * `NO_SHIPPING` – No shipping address section is displayed. Max. length: 127 characters (truncated after) The platform’s order reference for the transaction. The email address registered on the PayPal account used to make the payment. **Returned values:** One of the supported languages in the ISO 639-1 format: AT, BR, CA, CH, CN, DE, DK, ES, FR, GB, ID, IL, IT, JK, JP, NL, NO, PL, PT, RU, SE, TH, TR, TW, US. The language in which the PayPal payment page is to be displayed. object Information about the items purchased in the transaction. The total of all line items’ `UnitAmount` and `TaxAmount` must equal the `DebitedFunds` amount (negative amounts not allowed). Max. length: 127 characters (truncated after) The name of the item. The quantity of the item. The cost of the item, excluding tax. The tax amount applied to the item. Max. length: 127 characters (truncated after) The platform’s unique reference for the seller. This value must be consistently used for the given seller. You can use, for example, the Mangopay `UserId` or the seller’s business name or first name and last name.\ Caution: Failure to use a unique seller identifier may result in PayPal restricting your service. **Allowed values:** PHYSICAL\_GOODS, DIGITAL\_GOODS, DONATION The category of the item: * `PHYSICAL_GOODS` – Tangible items that can be physically shipped and received with proof of delivery upon arrival. * `DIGITAL_GOODS` – Products or services that are distributed and consumed via digital platforms or devices. * `DONATION` – Voluntary contribution made without any goods or services received in return. Multiple line items can be categorized as `DONATION` within a single transaction, however it is not possible to combine `DONATION` other line item categories within the same transaction. Information about the end user’s shipping address, managed by `ShippingPreference`. The first name of the user. Max. length: 100 characters The last name of the user. Information about the shipping address. Max. length: 255 characters The first line of the address. Max. length: 255 characters The second line of the address. Max. length: 255 characters The city of the address. Max. length: 255 characters The region of the address. This field is optional except if the `Country` is US, CA, or MX. Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) The country of the address. Returned `null` because the billing address is not applicable to PayPal preauth. Max. length: 10 characters; only alphanumeric and spaces Custom description to appear on the user’s bank statement along with the platform name. Different banks may show more or less information. See the Customizing bank statement references article for details. The URL to which to redirect the user to complete the payment. **Caution:** This variable URL is specific to each payment. You must rely on the returned URL in full (host, path, and queries) and not hardcode any part of it. Max. length: 255 characters The URL to which the user is returned after the payment, whether the transaction is successful or not. **Returned values:** `WEB`, `DIRECT`, `EXTERNAL_INSTRUCTION` The type of execution for the pay-in. **Returned values:** `PAYPAL` The type of pay-in. **Returned values:** `CREATED`, `SUCCEEDED`, `FAILED` The status of the transaction. Max. length: 255 characters Custom data that you can add to this object.\ For transactions (pay-in, transfer, payout), you can use this parameter to identify corresponding information regarding the user, transaction, or payment methods on your platform. The explanation of the result code. The code indicating the result of the operation. This information is mostly used to handle errors or for filtering purposes. Information about the deposit preauthorized pay-ins made against the deposit preauthorization. The unique identifier of the preauthorized pay-in (capture) made against the deposit preauthorization to debit the preauthorized funds. This deprecated parameter is always returned `null`. **Returned values:** `WAITING`, `CANCELED`, `CANCEL_REQUESTED`, `EXPIRED`, `VALIDATED`, `FAILED` The payment status of the deposit preauthorization object: * `WAITING` – The deposit preauthorization can be used: the preauthorized funds can be captured (if `Status` is `SUCCEEDED`) or the preauthorization can be canceled manually. * `CANCELED` – Value to pass to manually cancel the deposit preauthorization before use; indicates that the deposit preauthorization was canceled manually. * `CANCEL_REQUESTED` – The cancellation of the deposit preauthorization has been requested but not yet processed. * `EXPIRED` – The hold period on the preauthorized funds has ended without it being used. * `VALIDATED` – Indicates that the preauthorized funds were captured. * `FAILED` – The pay-in against the preauthorization has failed, but a retry may be possible. **Returned values:** `CREATED`, `SUCCEEDED`, `FAILED` The status of the authorization. The unique identifier of the user at the source of the transaction. Information about the preauthorized funds. **Returned values:** The three-letter ISO 4217 code (EUR, GBP, etc.) of a supported currency (depends on feature, contract, and activation settings). The currency of the funds. An amount of money in the smallest sub-division of the currency (e.g., EUR 12.60 would be represented as `1260` whereas JPY 12 would be represented as just `12`). The date and time at which the hold period ends and the preauthorized funds are released.\ At the expiration date, the deposit preauthorization’s `PaymentStatus` changes to `EXPIRED` if no captures were made. The date and time at which the object was created. Max. length: 255 characters The unique identifier of the PayPal preauthorization. ### Related resources Learn more about 30-day preauthorization