# Authorization ## Authorization `POST` `https://gateway-test.pagsmile.com/trade/pre-authorization` This endpoint allows you to create an authorization. #### Headers | Name | Type | Description | | ----------------------------------------------- | ------ | ------------------------------------------ | | Content-Type\* | string | application/json; chartset=UTF-8 | | Authorization\* | string | Basic Base($app\_*id:$security\_*key) | #### Request Body | Name | Type | Description | | -------------------------------------------------------------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | app\_id\* | string |

created app's id at dashboard

- Max. 32 chars -

| | timestamp\* | string |

yyyy-MM-dd HH:mm:ss
- Max. 19 chars -

| | buyer\_id\* | string | buyer id | | content | string | | | format\* | string | Fixed value: JSON | | notify\_url\* | string | Where Pagsmile will send notification to | | order\_amount\* | number | payment amount | | order\_currency\* | string | | | out\_trade\_no\* | string |

ID given by the merchant in their system
- Max. 64 chars -

| | return\_url | string | Redirect to Merchant's url when user finished checkout | | subject\* | string | | | timeout\_express | string |

m(minutes), h(hours), d(days), c(always end in current day).

Used to control the expiration time of submitting an order (from initial to processing). (90m in default, max 15d)

| | version | string | Fixed value: 2.0 | | token\* | string | The token received from Tokenization API. | | website\_url | string | | | threeds.sli | string | Security level indicator | | threeds.status\* | string | 3DSecure - Status text received from 3D secure vendor | | threeds.liability\_shift\* | string | liability shift - indicate whether the chargeback liability shifted to the card issuer | | threeds.status\_reason\_code\* | string | String EMVCO Indicator of the reason for the 3DS status code provided during the authentication, (Possible values: 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12, 13, 14, 15, 16) | | threeds.status\_code\* | string | 3DSecure - Status code recieved from authorization/authentication response, (Possible values: U, N, Y, A, C, D, R, I) | | threeds.eci\* | string | ECI value recieved from authorization/authentication response | | threeds.cavv\* | string | Authentication Value (CAVV / AAV for 3DS1) recieved from authorization/Authentication response | | threeds.version\* | string | The version of the 3D Secure that was used for authentication | | threeds.acs\_trans\_id\* | string | This field contains a universally unique transaction identifier assigned by the ACS to identify a single transaction. | | threeds.ds\_trans\_id\* | string | A universally unique transaction identifier is assigned by the DS to identify a single transaction. | | method\* | string | Fixed value: CreditCard | | trade\_type\* | string | Fixed value: API | | issuer\* | string | issuer of the card. | {% tabs %} {% tab title="200: OK submit successfully" %} ```json { "msg": "Success", "code": "10000", "out_trade_no": "8335***600", "web_url": "", "trade_no": "2022***215", "prepay_id": "MnFrV****OD0=-a220184D" } ``` {% endtab %} {% tab title="400: Bad Request invalid signature" %} ```json { "code":"40002", "msg":"Business Failed", "sub_code":"invalid-signature", "sub_msg":"invalid signature" } ``` {% endtab %} {% endtabs %} {% hint style="info" %} If the pre-authorization is successfully created, a callback with `"trade_status":"AUTHORIZED"` will be sent. If the pre-authorization fails to be created, a callback with `"trade_status":"REFUSED"` will be sent. {% endhint %} ### Example ``` curl --location --request POST 'https://gateway-test.pagsmile.com/trade/pre-authorization' \ --header 'Authorization: Basic MTYyNTgyOTIxNDUzMTY2Mzg6UGFnc21pbGVfc2tfZDUwMWQ1ZGNkNTI5OGQ5N2MwNmUzYjI4YjA2OWZjZmY3NDU5ZjY2NzNiMjFjMTFlYTY3NDM5MDgzOTZkOTYxNQ==' \ --header 'Content-Type: application/json' \ --data-raw '{ * "app_id": "1617****8052", * "timestamp": "2022-08-11 10:25:46", * "format": "JSON", * "out_trade_no": "out_181***1300", * "method": "CreditCard", * "order_amount": "120", * "order_currency": "BRL", * "subject": "Cobrança Ășnica digital", * "content": "trade pay test conent", * "trade_type": "API", * "notify_url": "http://demo.gemini-tiger.cn/callback/success", "return_url": "http://demo.gemini-tiger.cn/test", * "buyer_id": "buyer_0810", "timeout_express":"30m", * "token":"psct_b67******ecad89a5de", "version": "2.0", "website_url": "www.xcloud.com", * "issuer": "VISA", * "threeds": { * "version":"2", * "cavv":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA", * "eci":"05", * "acs_trans_id":"7777-8797-4645-1233", * "ds_trans_id":"7777-8797-4645-1233", * "status":"Cardholder authenticated", * "status_code":"Y", * "status_reason_code":"15", * "liability_shift":"true" }, }' ``` {% hint style="info" %} Note: **162\*\*\*\*\*\*\*\*\*\*\*\*38** is pagsmile's test app id for sandbox, and **MTYyNTgyOTIxNDUzMTY2Mzg6UGFnc21pbGVfc2tfZDUwMWQ1ZGNkNTI5OGQ5N2MwNmUzYjI4YjA2OWZjZmY3NDU5ZjY2NzNiMjFjMTFlYTY3NDM5MDgzOTZkOTYxNQ==** is authorization token associated with the test app id. {% endhint %} {% hint style="danger" %} Please use your own **app\_id** and generate your own **authorization token** when testing. {% endhint %}