/Preauthorization - Ukrcard en

Подивится українською

The Preauthorization request is used to complete a preauthorized payment in the case of a two-phase payment.
A merchant can perform this request if it has the relevant permissions in the system.

Request

Header Params

ExtSystemid

string

required

The identifier of the external system (ES) that generated the request. The identifier agrees with UKRKART during the registration of the ES

>= 1 characters<= 50 characters

Example:

ECOM_GOLD_BANK

string

required

External system login received from UKRKARD during registration

>= 1 characters<= 30 characters

Example:

SECURE_LOGIN

password

string

required

External system password received from UKRKARD during registration

>= 1 characters<= 30 characters

Example:

SECURE_PASSWORD

orderNumber

string

required

Number (identifier) of the order in the merchant’s online
store system. It is unique for every store in the system and
is generated on the order registration

>= 1 characters<= 32 characters

Example:

1234

orderId

string

optional

Number generated by wsGate after the registration of the order.

>= 36 characters<= 36 characters

Example:

dbafea6c-3394-4f6a-a0d2-21d3d8e93e42

RegDate

string <date-time>

required

Date/time of the request in yyyy-MM-dd HH:mm:ss format

<= 19 characters

Example:

2023-09-12 12:16:00

Match pattern:

YYYY-MM-DD hh:mm:ss

x-uws-clientdn

string

required

The specified value must be equal to the value specified in the Common Name (CN) field for the client's SSL certificate

<= 500 characters

Example:

GOLDENBANK

Content-Type

string

optional

application/json;charset=UTF-8

Example:

application/json;charset=UTF-8

charset

string

optional

UTF-8

Example:

UTF-8

enum<string>

required

application/json

Allowed value:

application/json

Body Params application/json

orderData

object

required

Transaction registration data

amount

number

150000

required

Order amount in the minor denomination (for example, cents). You can use a verification operation such as Debit Verify (which is similar to a Visa account and a Mastercard account) for a zero amount for additional 3DS authentication. For these operations, you must use the primary method /Payment with a zero amount. 3DS authentication will be present for MPS Visa and Mastercard cards. For NPS Prostir cards, the primary operation will be to verify the cloud record.

<= 10000000000000000000

currency

string

optional

Payment currency code in the ISO 4217 format. If it is not indicated, it must be entered equal to the currency code according to the rules (980 - UAH)

>= 3 characters<= 3 characters

externalFee

string

optional

Fee amount in the minor denomination of the currency. This can only be done for the p2pTransfer method

<= 9 characters

description

string

required

Free form description of the order.

<= 512 characters

sender

object

required

Details of the sender/payer

pan

string

required

Card number of the sender/payer (the card from which the transfer/purchase is made). Not used for A2C

<= 20 characters

expiry

string

required

Card expiration date of the sender/payer (the card from which the transfer/purchase is made). The date format is YYMM. Not used for A2C

<= 4 characters

Example:

2412

Match pattern:

YYMM

cvc

string

required

CVV2/CVC2 of the sender/payer card. Not used for A2C

>= 3 characters<= 3 characters

Example:

123

Match pattern:

^\d+$

senderCardName

string

required

Name of sender/payer (transferred values must be specified separately 'FirstName [MidName,] LastName', separated by ' ' space.). It is necessary to exclude the use of comma ',' and colon ':' as separators inside the values passed in the current tag/parameter. Not used for A2C.

<= 25 characters

senderAddress

string

optional

Sender's address. It is necessary to exclude the use of comma ',' and colon ':' as separators inside the values passed in the current tag/parameter. Not used for A2C, Payment

<= 35 characters

senderCity

string

optional

Sender's city. It is necessary to exclude the use of comma ',' and colon ':' as separators inside the values passed in the current tag/parameter. Not used for A2C, Payment.

<= 25 characters

Example:

Kyiv

senderCountry

string

optional

Country of sender. Not used for A2C, Payment.

>= 3 characters<= 3 characters

Example:

804

senderPostalCode

string

optional

Postal code of the sender. Not used for A2C, Payment.

<= 8 characters

Example:

M79019

pageData

object

required

External system page data

language

string

required

The language of the current page session

>= 2 characters<= 2 characters

Example:

returnUrl

string

required

URL to which the customer is redirected after a successful payment. The address must be specified in full, including the protocol used (for example, "https://test.ua" instead of test.ua). Otherwise, the user will be redirected to the default address

<= 512 characters

failUrl

string

required

Web address to which the customer is redirected if the payment fails. The address must be specified in full, including the protocol used (for example, https://test.ua instead of test.ua). Otherwise, the user will be redirected by default

<= 512 characters

browserParams

object

required

User browser properties

javascriptEnabled

string

required

A parameter that indicates whether Javascript support is enabled for the cardholder's browser

Example:

true

userAgent

string

required

The user's browser agent string

Example:

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.3

colorDepth

string

required

The color depth of the user's device screen

<= 3 characters

Example:

screenHeight

string

required

Screen height of the cardholder's device

screenWidth

string

required

Screen width of the cardholder's device

javaEnabled

boolean

required

A parameter that indicates whether Java support is enabled for the cardholder's browser

Default:

true

browserLanguage

string

required

User's browser language

Example:

uk-UA

browserTimeZone

string

required

User's browser time zone

Example:

Europe/Kiev

browserAcceptHeader

string

required

A parameter that informs the server to which the browser sends a request, those file formats (MIME types) that are acceptable to the browser as a response

Example:

*/*

browserIpAddress

string

required

IP address of the card holder's browser

>= 3 characters<= 5 characters

Example:

192.139.102.100

browserTimeZoneOffset

string

required

Time zone offset of the user's browser

>= 3 characters<= 5 characters

Example:

-120

fingerprint

string

optional

Information collected from the device's browser for further identification

string

optional

The operating system used by the cardholder device

osversion

string

optional

The version of the operating system used on the cardholder's device

mobile

string

optional

The parameter that determines the device of the owner of the mobile card

screenPrint

string

optional

Information about the screen resolution of the cardholder's device

plugins

string

optional

A list of plug-in modules installed in the cardholder's device browser.

deviceType

string

optional

The type of device on which the browser is running (mobile phone, computer, tablet, etc.).

device

string

optional

Card holder device information (model, version, etc.).

jsonParams

object

optional

Block for transmitting additional merchant parameters.

merchantIdType

string

optional

Document type
Possible values:
IDTP01 – Passport
IDTP0010 – Taxpayer ID (ІПН)
IDTP0016 – Company registration number (код ЄДРПОУ)
Example:
{"name":"merchantIdType","value":"IDTP01"}

merchantIdNumber

string

optional

Document details
varchar (13)
Example:
{"name":"merchantIdNumber","value":"ABCDXYZ124"}

Example

{
    "orderData": {
        "amount": 10000,
        "currency": 980,
        "description": "Операція #304324"
    },
    "sender": {
        "pan": "5248721588681850",
        "expiry": "2606",
        "cvc": "576",
        "senderCardName": "V1"
    },
    "pageData": {
        "language": "uk",
        "returnUrl": "https://mpit2.ukrcard.com.ua/payment/merchants/pilot/finish.html",
        "failUrl": "https://mpit2.ukrcard.com.ua/payment/merchants/pilot/finish.html"
    },
    "browserParams": {
        "browserTimeZone": "Europe/Kiev",
        "browserTimeZoneOffset": "-120",
        "browserLanguage": "ru-RU",
        "userAgent": "Mozilla/5.0 (Linux; Android 11; CPH2109 Build/RKQ1.200903.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/95.0.4638.74 Mobile Safari/537.36",
        "browserAcceptHeader": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
        "browserIpAddress": "78.27.183.109",
        "screenWidth": "320",
        "screenHeight": "712",
        "javaEnabled": "false",
        "colorDepth": "24"
    }
}

Request samples

Shell

JavaScript

Java

Swift

PHP

Python

HTTP

Objective-C

Ruby

OCaml

Dart

Responses

🟢200OK

application/json

Body

orderParam

object

required

orderStatus

integer

required

orderId

string

required

orderVerifyFlag

integer

required

orderAuthParam

object

required

fee

null

required

auth3DData

object

required

paReq

null

required

acsurl

string

required

creq

string

required

Example

{
    "orderParam": {
        "orderStatus": 0,
        "orderId": "677a1413-e59d-44d6-9a28-d2bc7208c27a",
        "orderVerifyFlag": 0,
        "orderAuthParam": {}
    },
    "fee": null,
    "auth3DData": {
        "paReq": null,
        "acsurl": "https://testacs.ukrcard.ua/acs/api/3ds2/creqbrw",
        "creq": "eyJ0aHJlZURTU2VydmVyVHJhbnNJRCI6ImQ1NjVkN2IwLTc5MzMtNDQ3Yi1hMTY4LWFhYjI4OTBhODUzMiIsImFjc1RyYW5zSUQiOiI5MmNkMDdkNy0xZWRmLTRlNGEtOTM4Ny1iNzNlOTQ1YWMwNTEiLCJjaGFsbGVuZ2VXaW5kb3dTaXplIjoiMDQiLCJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMS4wIn0="
    }
}