Pre-Authorization Effectuation service

Call details#

The nit obtained from the return of the pre-authorization creation service should be sent on the pre-authorization effectuation operation along with the parameters described in the table below (as necessary by each application):

  • Resource: /v1/preauthorizations/{nit}
  • HTTP Method: POST
  • Request format: JSON
  • Response format: JSON
  • Header parameters:
ParameterDescriptionFormatMandatory
Content-TypeFixed value application/json= 15 ANYES
merchant_idMerchant code on Carat Portal. The production and certification codes will be different.< 15 ANYES
merchant_keyMerchant authentication key on Carat Portal. The production and certification keys will be different.< 80 ANYES

Examples:#

Request:

To use this example, don't forget to define the variable {{url}} to the value
esitef-homologacao.softwareexpress.com.br

curl
--request POST "https://{{url}}/e-sitef/api/v1/preauthorizations/1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr"
--header "Content-Type: application/json"
--header "merchant_id: xxxxxxxx"
--header "merchant_key: xxxxxxxxxxx"
--data-binary
{
"authorizer_id":"2",
"installments":"2",
"installment_type":"4",
"card":{
"number":"xxxxxxxxxxxxxxxx",
"expiry_date":"1222",
"security_code":"123"
}
}
--verbose

Pre-Authorization#

Request:

To use this example, don't forget to define the variable {{url}} to the value
esitef-homologacao.softwareexpress.com.br

curl
--request POST "https://{{url}}/e-sitef/api/v1/preauthorizations/1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr"
--header "Content-Type: application/json"
--header "merchant_id: xxxxxxxx"
--header "merchant_key: xxxxxxxxxxx"
--data-binary
{
"authorizer_id":"2",
"installments":"2",
"installment_type":"4",
"card":{
"number":"xxxxxxxxxxxxxxxx",
"expiry_date":"1222",
"security_code":"123"
}
}
--verbose

Response:

{
"code":"0",
"message":"OK. Transaction successful.",
"pre_authorization":{
"authorizer_code":"000",
"authorizer_message":"Transacao OK.",
"status":"CON",
"nit":"1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr",
"customer_receipt":"=== CUSTOMER RECEIPT ===",
"merchant_receipt":"=== MERCHANT RECEIPT ===",
"authorizer_id":"2",
"authorizer_date":"09/11/2018T19:40",
"acquirer_id":"229",
"acquirer_name":"Bin",
"authorization_number":"013245",
"merchant_usn":"20190101",
"esitef_usn":"181109017689784",
"order_id":"orderID",
"sitef_usn":"212194",
"host_usn":"999212194",
"amount":"100",
"issuer":"2",
"payment_type":"C",
"authorizer_merchant_id":"000000000000000"
}
}

Pre-Authorization - Network Token#

Some card brands have a tokenization solution that offers the storage of cards in safes at the brand itself, in an encrypted form. This brand tokenization is intended to improve the security and quality of the transmitted card information, which leads to possible increases in the conversion of approval by issuing banks.

Request:

To use this example, don't forget to define the variable {{url}} to the value
esitef-homologacao.softwareexpress.com.br

curl
--request POST "https://{{url}}/e-sitef/api/v1/preauthorizations/8621c93b58e507d3fe0bda407f5cb0b1fe3971df591fd2652cc9f737134502d3"
--header "Content-Type: application/json"
--header "merchant_id: xxxxxxxx"
--header "merchant_key: xxxxxxxxxxx"
--data-binary
{
"card": {
"expiry_date": "1023",
"number": "xxxxxxxxxxxxxxxx",
"security_code": "123",
"cryptogram":"ALRzlt6NKQtPAAZAkOuIAAADFA=="
}
}'

Response:

{
"code": "0",
"message": "OK. Transaction successful.",
"pre_authorization": {
"authorizer_code": "000",
"authorizer_message": "Transacao Aprov.",
"status": "CON",
"nit": "8621c93b58e507d3fe0bda407f5cb0b1fe3971df591fd2652cc9f737134502d3",
"order_id": "1670945065929",
"customer_receipt":"=== CUSTOMER RECEIPT ===",
"merchant_receipt":"=== MERCHANT RECEIPT ===",
"authorizer_id": "2",
"acquirer_id": "229",
"acquirer_name": "Bin",
"authorizer_date": "13/12/2022T12:24",
"authorization_number": "136231",
"merchant_usn": "16114726760",
"esitef_usn": "221213115168264",
"sitef_usn": "136231",
"host_usn": "999136231 ",
"amount": "25255",
"payment_type": "C",
"issuer": "1",
"authorizer_merchant_id": "000000000000005",
"terminal_id": "ES000038"
}
}

Request Parameters#

ParameterDescriptionFormatMandatory
authorizer_idCarat Portal authorizers ID. Learn more.< 3 NYES
customer_idBuyers' ID. Only alphanumerics are allowed (no dots, dashes or other special characters).< 20 ANNO
discountDiscount amount in cents. In case of pre-authorizations with promotional values when using Visa Checkout, VISA suggests that this field should be submitted additionally.< 12 NNO
installmentsNumber of installments. Send 1 for spot sales.< 2 NYES
installment_typeInstallment financing type:
Value 3 = installments with interest.
Value 4 = installments without interest (use this value also on spot sales).
Value 6 = installments with interest (IATA).
Value 7 = installments without interest (IATA).
The IATA financing types are only used by companies that work with air transportation.
< 2 NYES
mccMerchant Category Code - Indicates the merchant category's ID.< 4 N Required only when using sub-acquirer Stone WS and it is optional to send it to acquirers with sub-merchant funding via SiTef.
merchant_emailStore e-mail. When this parameter is sent, it overwrites the store registered e-mail.< 40 ANNO
nitTransaction ID in Carat Portal (encrypted). Obtained from beginTransaction's return.= 64 ANYES
promo_codeVisa Checkout promotion code used in pre-authorization. In case of pre-authorizations with promotional values when using Visa Checkout, VISA suggests that this field should be submitted additionally.ANNO
soft_descriptorAdditional text that will be presented alongside the name of the establishment in the credit card invoice. Learn more< 22 ANNO
subtotalSubtotal amount, in cents. In case of pre-authorizations with promotional amounts by using Visa Checkout, VISA suggests that this field be submitted additionally.< 12 NNO
subacquirer_merchant_idIt is the merchant identification for the subacquirer.< 22 NNO
cardSending card data is mandatory. Only one of these fields must be used: number, token or wallet_transaction_id
holderCardholder's name. Required only for e-Rede, GetNet WS e VR (SmartNet) routings.< 30 ANCOND.
numberCustomer's card number (PAN).

Brand generated token (DPAN) for network token payment. Learn more
< 19 N
cryptogramCryptogram generated by the card brand= 28 ANNO
tokenUsed for recurring pre-authorizations, when the card is already stored at Carat Portal database.= 88 ANCOND.
wallet_transaction_idWallet Visa Checkout transaction ID.< 25 ANCOND.
initial_wallet_transaction_idInforms if the Wallet ID (wallet_transaction_id) is being used for the first time. If it's the first time, send true, otherwise, send false. Required only for Visa Checkout.
Default value: true
< 5 ANCOND.
expiry_dateCard expiry date in MMYY format.= 4 NCOND.
security_codeCard security code.< 5 NCOND.
wallet_typeField that specifies whether the transaction is processed with PAN or DPAN. If “type” is empty, the default value is PAN (non-tokenized card number). If there is a tokenized transaction, you must send the value “network_token”.ANNO
external_authentication This element receives MPI authentication fields.
version3DS version used in the authentication process (only version 2 is currently being accepted).< 1 ANNO
eciEletronic Commerce Indicator – Card holder authentication security level indicator.< 3 NNO
xidExternal card holder authentication transaction id.< 40 NNO
cavvCardholder Authentication Verification Value - Codes that refers to card holder authentication result data.< 40 NNO
acquirerData required only to specific acquirers / routings.
terminalSitef terminal code. In absence Carat Portal will generate a random terminal code.= 14 NNO
company_codeSitef company code. In absence Carat Portal will use company code from merchant configuration.= 8 NNO

(\*) **Installments funding routed by GetNetLac via SiTef** : In this case, the merchant will be responsible for the installment control, so the installment rules set up for the Carat Portal HTML payment interface won't take effect, only the authorizing installment rules will be verified and applied. For these mentioned networks, if pre-authorization is made at spot, the capture cannot be split. Also, pre-authorizations routed by **GetNetLac via SiTef**, when splitted, are only accepted without interest, that is, with the parameter `installment_type` = `4`. Interest-free installments are not accepted on this routing.

WARNING: The terminal e company_code parameters must be used only for SiTef routings and must be sent simultaneously.
It is also necessary send a request to the Carat Portal Support Team for the permission Allows the sending of Company and SiTef Terminal through REST.

Response Parameters#

The table below contains the response parameters of the pre-authorization effectuation service. The app should store the parameters that finds necessary. We suggest storing the parameters:order_id, authorization_number, merchant_usn, esitef_usn, sitef_usn, host_usn, status, code, amount, message (the message parameter can be displayed to the customer).

ParameterDescriptionFormat
codeCarat Portal response code. Anything besides 0 means failure. Learn more.< 4 N
messageCarat Portal response message.< 500 AN
pre_authorization
acquirer_idAcquirer/routing ID used in transaction.< 4 N
acquirer_nameAcquirer/routing name used in transaction.< 100 AN
amountPurchase amount specified by store (in cents) on transaction creation.< 12 AN
authorization_numberAuthorization number< 6 AN
authorizer_codeAuthorizer responde code.< 10 AN
authorizer_dateAuthorizer pre-auth effectuation date, returned by the authorizer on the format DD/MM/AAAA’T’HH:mm. Example: 13/07/2017T16:03= 16 AN
authorizer_idAuthorizer ID use in transaction.< 4 N
authorizer_merchant_idMerchant ID from authorizer.< 100 AN
authorizer_messageReponse message from authorizer.< 500 AN
customer_receiptCustomer receipt.< 4000 AN
eciEletronic Commerce Indicator.< 3 AN
esitef_usnCarat Portal pre-authorization's unique sequential number.= 15 N
host_usnAuthorizer NSU.< 15 AN
issuerIssuer code returned by the authorizer.< 5 AN
merchant_receiptMerchant receipt.< 4000 AN
merchant_usnUnique sequential number sent by store at the transaction creation.< 12 AN
nitCarat Portal pre-authorization transaction ID.= 64 AN
order_idOrder ID sent by the store at transaction creation.< 40 AN
payment_typePayment type from the selected authorizer: B = boleto, C = credit, D = debit, P = Private Label credit card, T = bank transfer, G = gift card, O = other payment methods, W = Boleto NR via Web Service= 1 AN
sitef_usnSiTef pre-authorization's unique sequential number.= 6 N
statusCarat Portal pre-authorization transaction status.= 3 AN
tidAcquirer/routing transaction ID. This field is only returned in transactions with external acquirer's.< 40 AN
xidXID field returned on 3DS authentications or certain acquirers/routings.< 40 AN
retryable_codeReversibility indicator of a transaction whose authorization was denied by the authorizer. This field will be returned in the response to the card payment request and must be taken into account in the online store's transaction retry mechanism. Valid codes:
01 – Reversible Denied Transaction, Retain Later.
02 – Irreversible Denied Transaction, Non-Retentive.
= 2 N