Check Authentication

You need to implement the Check Authentication Method V2 API if you wish to be consulted for every e-commerce transaction. Nium invokes this API to get the authentication method from you during the e-commerce transaction.

POST https://<EComAuthCodeValidationBaseURL>/v2/preference

📌 IMPORTANT

EComAuthCodeValidationBaseURL is the URL that you provide during the setup and which Nium uses as a base URL.

Headers

Header	Parameters
content-type	application/JSON
x-request-id	UUID
x-client-name	String

Request body

The API's request body is divided into these three areas:

Card information

Field	Description	Type	Required/Optional
`maskedCardNumber`	The 16-digit masked card number in format 1234-56xx-xxxx-3456.	UUID	Required
`customerHashId`	The unique customer identifier that's generated on customer creation.	UUID	Required
`cardHashId`	The unique card identifier that's generated while new or add-on card issuance.	UUID	Required
`email`	This field accepts the customer's email address ID.	String	Required
`phoneNumber`	This field accepts the customer’s phone number.	String	Required
`cardExpiry`	The card expiration year. This field contains the base64 encoded expiration date of the card in the `YYMM` format.	Number	Required

Merchant information

Field	Description	Type	Required/Optional
`id`	The identifier for the merchant performing the purchase request.	String	Optional
`name`	This field accepts the merchant's name.	String	Required
`mcc`	The code that's used to describe the merchant type of business.	String	Optional
`countryCode`	The country code of the merchant, for example, 840 numeric -3 format.	String	Optional
`url`	The URL or app name for the merchant performing the purchase request.	String	Optional

Transaction information

Field	Description	Type	Required/Optional
`amount`	This field accepts the transaction amount up to two decimals. The formatted transaction amount.	Number	Required
`currency`	This field accepts the three-letter ISO-4217 transaction currency code.	String	Required
`timestamp`	The transaction time stamp, for example, 2020-03-21T20:55:49.0000Z.	String	Optional

Request example

curl -X POST \
  <https://<EComAuthCodeValidationBaseURL>/v2/preference> \
  -H 'content-type: application/json' \
  -H 'x-request-id: 123e4567-e89b-12d3-a456-426655440000' \
  -H 'x-client-name: Cards-Card-Service' \
  -d '{
    "clientHashId": "e4wc6a3b-52a0-2301-a670-08db16e8447a",
    "customerHashId": "df3dfdf-d75a-4d7e-b575-f8ed34egfh94",
        "card",
      {
      "maskedCardNumber" : "4611-35xx-xxxx-1234",
      "cardHashId": "5fh34flg-8e7a-4bb5-a010-3a07cf714534",
      "email": "melissa@xyz.com",
      "phoneNumber": "9834201949",
      "cardExpiry":""
      },    
      "merchant",
      {
      "id":"",
      "name" : "Test Merchant",
      "mcc":"",
      "countryCode":"",
      "url":""
      }
      "transaction",
      {
      "amount": "1.10",
      "currency": "EUR",
      "timestamp":""
      }
    }

Response body

Field	Description	Type
`respCode`	The response code. The possible values are: \n • `00`—If OOB is the only authentication method supported. \n • `01`—If OOB with the fallback option (OTP plus passcode) method is supported. \n • `02`—If OTP plus passcode is the only supported method. \n • `03`—If OTP is the only method supported. \n • `04`—If OOB with fallback option OTP.	String
`message`	The message that's based on the preferences. The possible values are: \n • `OOB Only`—Only the OOB authentication method is supported. \n • `OOB with fallback to OTP+Passcode`—If the OOB with fallback option (OTP plus passcode) method is supported. \n • `OTP+Passcode Only`—If only the OTP plus passcode method is supported. \n • `OTP Only`—If the OTP-only method is supported. \n • `OOB with fallback OTP`—If the OOB with the fallback option (OTP) method is supported.	String

Response example

Success response — for OOB only

{
  "respCode" : "00", 
  "message"  : "OOB Only"
 }

Success response — for OOB with fallback to OTP SMS + passcode

{
  "respCode" : "01", 
  "message"  : "OOB with fallback to OTP+Passcode"
 }

Success Response — for OTP SMS + Passcode only

{
  "respCode" : "02", 
  "message"  : "OTP+Passcode Only"
 }

Success response — for OTP only

{ 
  "respCode" : "03",
  "message"  : "OTP Only"
}

Success response — for OOB with fallback to OTP

{
  "respCode" : "04",
  "message"  : "OOB with fallback to OTP"
}

Headers​

Request body​

Card information​

Merchant information​

Transaction information​

Request example​

Response body​

Response example​

Success response — for OOB only​

Success response — for OOB with fallback to OTP SMS + passcode​

Success Response — for OTP SMS + Passcode only​

Success response — for OTP only​

Success response — for OOB with fallback to OTP​