The Preauthorization object
Description
The Preauthorization object enables you to reserve funds on a card so they can be captured later. A preauthorization thus has two parts:
- Authorization of the transaction, handled by the Preauthorization object
- Capture of the funds, handled by the Preauthorized PayIn object
The preauthorized funds can be captured within 6.5 days of a successful authorization.
If you require a hold period of longer than 6.5 days, see the Deposit Preauthorization object.
Note that preauthorizations may not be permitted by some issuers and for some card types.
Note – Multi-capture available with Visa, Mastercard, CB, and AMEX
Multiple partial captures of the preauthorized amount is possible on the card types:
CB_VISA_MASTERCARDAMEX
Further captures of the RemainingFunds can be made if the PaymentStatus is WAITING.
There is no limit to the number of captures that can be made if each is valid.
Attributes
Max. length: 255 characters
The unique identifier of the preauthorization.
Max. length: 255 characters
Custom data that you can add to this object.
For reports, this parameter can be useful to give the report a name.
The date and time at which the object was created.
The unique identifier of the user at the source of the transaction.
Best practice: When the payout author is different from the bank account owner, the Payout AuthorId value must be different from the Bank Account UserId value as well. Otherwise, Mangopay’s Compliance team will reject the payout.
Information about the preauthorized funds.
properties
Allowed values: The three-letter ISO 4217 code (EUR, GBP, etc.) of a supported currency (depends on feature, contract, and activation settings).
The currency of the funds.
An amount of money in the smallest sub-division of the currency (e.g., EUR 12.60 would be represented as 1260 whereas JPY 12 would be represented as just 12).
Information about the remaining preauthorized funds.
properties
Allowed values: The three-letter ISO 4217 code (EUR, GBP, etc.) of a supported currency (depends on feature, contract, and activation settings).
The currency of the funds.
An amount of money in the smallest sub-division of the currency (e.g., EUR 12.60 would be represented as 1260 whereas JPY 12 would be represented as just 12).
The date and time at which successful authorization occurred. If authorization failed, the value is null.
Allowed values: ENDED
The status of the recurring registration:
CREATED– The recurring registration was created, but no recurring pay-in has yet been made.AUTHENTICATION_NEEDED– The latest recurring pay-in linked to the registration object was refused. The registration object can still be used, but you need to execute a new customer-initiated transaction (CIT) for the end user to reauthenticate.IN_PROGRESS– The recurring registration object is in use and the subsequent corresponding recurring pay-ins can be made.ENDED– The recurrence ended: the registration can no longer be modified nor reused.
Allowed values: CANCELED,NO_SHOW_REQUESTED
The payment status of the deposit preauthorization object:
WAITING– The deposit preauthorization can be used: the preauthorized funds can be captured (without or prior to complement); a no-show can be declared; or the preauthorization can be canceled manually.CANCELED– Value to pass to manually cancel the deposit preauthorization before use (whether for capture or no-show); indicates that the deposit preauthorization was canceled manually.CANCEL_REQUESTED– The cancellation of the deposit preauthorization has been requested but not yet processed.EXPIRED– The hold period on the preauthorized funds has ended without it being used (whether for capture or no-show).VALIDATED– Indicates either (i) that the preauthorized funds were captured without complement; (ii) that the preauthorized funds and a complement were captured; or (iii) that a no-show was declared and a complement was captured.FAILED– The action against the preauthorization has failed (whether capture without complement, capture prior to complement, no-show request, complement), but a retry may be possible.
The date and time at which the hold period ends and the preauthorized funds are released.
At the expiration date, the preauthorization’s PaymentStatus changes to EXPIRED if no captures were made or VALIDATED if at least one capture was made.
The unique identifier of the pay-in.
The code indicating the result of the operation. This information is mostly used to handle errors or for filtering purposes.
The explanation of the result code.
Allowed values: DEFAULT, FORCE, NO_CHOICE
Default value: DEFAULT
The mode applied for the 3DS2 protocol for CB, Visa, and Mastercard. The options are:
DEFAULT– Requests an exemption to strong customer authentication (SCA), and thus a frictionless payment experience, if allowed by your Mangopay contract and accepted by the issuer.FORCE– Requests SCA.NO_CHOICE– Leaves the choice to the issuer whether to allow for a frictionless payment experience or to enforce SCA.
The unique identifier of the Card object, obtained during the card registration process.
Max. length: 255 characters
The URL to which users are automatically returned after 3DS2 if it is triggered (i.e., if the SecureModeNeeded parameter is set to true).
Max. length: 255 characters
The URL to which to redirect the user to proceed to 3DS2 validation.
Caution: This variable URL is specific to each payment. You must rely on the returned URL in full (host, path, and queries) and not hardcode any part of it.
Whether or not the SecureMode was used.
Returned values: CARD, DIRECT_DEBIT, PREAUTHORIZED, BANK_WIRE
The type of pay-in.
Returned values: WEB, DIRECT, EXTERNAL_INSTRUCTION
The type of execution for the pay-in.
Max. length: 10 characters; only alphanumeric and spaces
Custom description to appear on the user’s bank statement along with the platform name. Different banks may show more or less information. See the Customizing bank statement references article for details.
The language in which the payment page is to be displayed. This deprecated parameter defaults to EN.
Information regarding security and anti-fraud tools.
properties
The result of the Address Verification System check (only available for UK, US, and Canada).
Default value: true
Whether multiple captures are activated for the preauthorization.
Information about the browser used by the end user (author) to perform the payment.
properties
The exact content of the HTTP accept headers as sent to the platform from the end user’s browser.
Whether or not the end user’s browser has the ability to execute Java.
Format: Two-letter language code (ISO 639-1 alpha-2) followed by two-letter country code (ISO 3166-1 alpha-2), separated by a hyphen (example: en-US; pattern:^[a-zA-Z]{2}(-[a-zA-Z]{2})?$)
The language of the browser.
The value representing the depth of the screen’s color palette for displaying images, in bits per pixel.
Max. length: 6 characters
The height of the screen in pixels.
Max. length: 6 characters
The width of the screen in pixels.
The difference in minutes between the browser’s timezone and UTC.
Max. length: 255 characters
The exact content of the HTTP User-Agent header.
Whether or not the end user’s browser has the ability to execute JavaScript.
The IP address of the end user initiating the transaction, in IPV4 or IPV6 format.
Default value: FirstName, LastName, and Address information of the Shipping object if supplied.
Information about the end user billing address. If left empty, the default values will be automatically taken into account.
properties
The first name of the user.
Max. length: 100 characters
The last name of the user.
Information about the billing address.
properties
Max. length: 255 characters The first line of the address.
Max. length: 255 characters
The second line of the address.
Max. length: 255 characters The city of the address.
Max. length: 255 characters
Required if Country is US, CA, or MX.
The region of the address.
Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces.
Format: Two-letter country code (ISO 3166-1 alpha-2 format)
The country of the address.
Default value: FirstName, LastName, and Address information of the Billing object, if supplied, otherwise of the user (author).
Information about the end user’s shipping address. If left empty, the default values will be automatically taken into account.
properties
The first name of the user.
Max. length: 100 characters
The last name of the user.
Information about the shipping address.
properties
Max. length: 255 characters The first line of the address.
Max. length: 255 characters
The second line of the address.
Max. length: 255 characters The city of the address.
Max. length: 255 characters
Required if Country is US, CA, or MX.
The region of the address.
Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces.
Format: Two-letter country code (ISO 3166-1 alpha-2 format)
The country of the address.
Returned values: V1, V2_1
The 3DS protocol version to be applied to the transaction.
Returned values: V1, V2_1
The 3DS protocol version applied to the transaction.
Allowed values: VISA, MASTERCARD, CB, MAESTRO
The card network to use, as chosen by the cardholder, in case of co-branded cards.
Default value: ECommerce
Allowed values: ECommerce, TelephoneOrder
The channel through which the user provided their card details, used to indicate mail-order and telephone-order (MOTO) payments:
ECommerce– Payment received online.TelephoneOrder– Payment received via mail order or telephone order (MOTO).
Information about the card used for the transaction.
If the information or data is not available, null is returned.
properties
The 6-digit bank identification number (BIN) of the card issuer.
The name of the card issuer.
Format: Two-letter country code (ISO 3166-1 alpha-2 format)
The country where the card was issued.
Returned values: DEBIT, CREDIT, CHARGE CARD.
The type of card product.
The card brand. Examples include: AMERICAN EXPRESS, DISCOVER, JCB, MASTERCARD, VISA, etc.
Note: The possible returned values are numerous and liable to evolve over time.
The subtype of the card product. Examples include: CLASSIC, GOLD, PLATINUM, PREPAID, etc.
Note: The possible returned values are numerous and liable to evolve over time.
The unique reference generated for the profiling session, used by the fraud prevention solution to produce recommendations for the transaction using the profiling data.
Note: Parameter not returned by the API. Profiling feature available on request – contact Mangopay via the Dashboard for more information.
Information about the authentication result, based on the request made by Mangopay and the decision of the issuer regarding the type of authentication to be enforced (if applicable).
properties
Response values: CHALLENGE, FRICTIONLESS, DIRECT_AUTHORIZATION
The type of authentication:
CHALLENGE– The issuer requested SCA to be enforced (for example, using 3DS).FRICTIONLESS– The transaction was exempted from SCA because an exemption was granted by the issuer.DIRECT_AUTHORIZATION– The transaction was sent to the issuer for authorization without any frictionless or challenge (for example, if SCA doesn’t apply).
A null value typically indicates that authentication was not requested (for example, because the request failed before being sent) or a decision was not received.