Create a payment session to authenticate a cardholder before requesting a payment. Payment sessions can be linked to one or more payments (in the case of recurring and other merchant-initiated payments). The next_actions object in the response tells you which actions can be performed next.<\/p>\n\n\n\nAuthorizations:<\/summary>\n
Request Body schema: application\/json<\/h5>\n\n\n\n
Request body for creating a standalone authentication session.<\/p>\n\n\n\nsource required object (The source of the authentication.)<\/summary>\n
numberrequired<\/td>
string [ 13 .. 19 ] characters The card number.<\/td><\/tr>
expiry_monthrequired<\/td>
number [ 1 .. 12 ] The expiry month of the card.<\/td><\/tr>
expiry_yearrequired<\/td>
numberThe expiry year of the card (4 digits).<\/td><\/tr>
scheme<\/td>
stringIndicates the cardholder scheme choice.<\/td><\/tr>
billing_address<\/td>
objectThe customer’s billing address.<\/td><\/tr>
home_phone<\/td>
objectThe cardholder’s home phone number.<\/td><\/tr>
mobile_phone<\/td>
objectThe cardholder’s mobile phone number.<\/td><\/tr>
work_phone<\/td>
objectThe cardholder’s work phone number.<\/td><\/tr>
email<\/td>
string <= 254 characters The email of the cardholder.<\/td><\/tr>
name<\/td>
string [ 2 .. 45 ] characters The name of the cardholder.<\/td><\/tr>
stored<\/td>
boolean Default: falseThis must be set to true for authentications that use stored card details.<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/details>\n\n\n\n
currencyrequired<\/td>
string = 3 characters The three-letter ISO currency code.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
<\/p>\n\n\n\ncompletion required object (The completion (redirect) information.)<\/summary>\n
typerequired<\/td>
string <= 10 characters Whether the session should be hosted by Checkout.com.<\/td><\/tr>
success_url<\/td>
string <= 256 characters Overrides the default success redirect URL.<\/td><\/tr>
failure_url<\/td>
string <= 256 characters Overrides the default failure redirect URL.<\/td><\/tr>
callback_url<\/td>
stringCallback URL for non-hosted sessions.<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/details>\n\n\n\n
amount<\/td>
number >= 0 The payment amount in the minor currency unit.<\/td><\/tr>
processing_channel_id<\/td>
stringThe processing channel to be used for the session.<\/td><\/tr>
marketplace<\/td>
objectInformation related to authentication for payfac payments.<\/td><\/tr>
authentication_type<\/td>
stringIndicates the type of payment this session is for.<\/td><\/tr>
authentication_category<\/td>
stringIndicates the category of the authentication request.<\/td><\/tr>
account_info<\/td>
objectAdditional information about the Cardholder’s account.<\/td><\/tr>
challenge_indicator<\/td>
stringIndicates whether a challenge is requested for this session.<\/td><\/tr>
stringThe unique identifier of the request<\/td><\/tr>
Cko-Version<\/td>
stringThe version of the API<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
Response Schema: application\/json<\/h5>\n\n\n\n
session_secretrequired<\/td>
stringA base64 encoded value prefixed with sek_ that gives access to client-side operations for a single authentication within the Sessions API.<\/td><\/tr>
idrequired<\/td>
stringSession unique identifier.<\/td><\/tr>
transaction_idrequired<\/td>
stringThe transaction identifier that needs to be provided when communicating directly with the Access Control Server (ACS).<\/td><\/tr>
schemerequired<\/td>
stringIndicates the scheme this authentication is carried out against.<\/td><\/tr>
amountrequired<\/td>
numberThe amount in the minor currency.<\/td><\/tr>
currencyrequired<\/td>
stringThe three-letter ISO currency code.<\/td><\/tr>
completedrequired<\/td>
booleanIndicates whether this session has been completed.<\/td><\/tr>
challengedrequired<\/td>
booleanIndicates whether this session involved a challenge.<\/td><\/tr>
authentication_typerequired<\/td>
stringIndicates the type of payment this session is for.<\/td><\/tr>
authentication_categoryrequired<\/td>
stringIndicates the category of the authentication request.<\/td><\/tr>
certificates<\/td>
objectPublic certificates specific to a Directory Server (DS) for encrypting device data and verifying ACS signed content.<\/td><\/tr>
statusrequired<\/td>
stringIndicates the status of the session.<\/td><\/tr>
status_reason<\/td>
stringWhen the Session is unavailable this will point to the reason it is so.<\/td><\/tr>
approved<\/td>
booleanWhether the authentication was successful. This will only be set if the Session is in a final state.<\/td><\/tr>
protocol_versionrequired<\/td>
stringThe protocol version number of the specification used by the API for authentication.<\/td><\/tr>
account_info<\/td>
objectAdditional information about the Cardholder’s account.<\/td><\/tr>
merchant_risk_info<\/td>
objectAdditional information about the cardholder’s purchase.<\/td><\/tr>
reference<\/td>
stringA reference you can later use to identify this payment, such as an order number.<\/td><\/tr>
transaction_type<\/td>
stringIdentifies the type of transaction being authenticated.<\/td><\/tr>
next_actions<\/td>
Array of stringsSpecifies which action to take in order to complete the session.<\/td><\/tr>
ds<\/td>
objectThe directory server (DS) information.<\/td><\/tr>
acs<\/td>
objectThe access control server (ACS) information.<\/td><\/tr>
response_code<\/td>
stringThe response from the DS or ACS which indicates whether a transaction qualifies as an authenticated transaction or account verification.<\/td><\/tr>
response_status_reason<\/td>
stringThe response from the DS or ACS which provides information on why the response_code field has the specified value.<\/td><\/tr>
cryptogram<\/td>
stringPayment system-specific value provided as part of the ACS registration for each supported DS.<\/td><\/tr>
eci<\/td>
stringElectronic Commerce Indicator.<\/td><\/tr>
xid<\/td>
stringThe xid value to use for authorization.<\/td><\/tr>
cardholder_info<\/td>
stringMay provide cardholder information from the DS to be presented to the cardholder.<\/td><\/tr>
card<\/td>
objectDetails related to the Session source.<\/td><\/tr>
recurring<\/td>
objectDetails of a recurring authentication.<\/td><\/tr>
installment<\/td>
objectDetails of an installment authentication.<\/td><\/tr>
initial_transaction<\/td>
objectDetails of a previous transaction.<\/td><\/tr>
customer_ip<\/td>
stringThe card holder’s IP address.<\/td><\/tr>
_linksrequired<\/td>
objectThe links related to the session.<\/td><\/tr>
authentication_date<\/td>
string <date-time> Authentication date and time<\/td><\/tr>
exemption<\/td>
objectDetails related to exemption present in 3DS flow<\/td><\/tr>
flow_type<\/td>
stringIndicates whether the 3D Secure 2 authentication was challenged or frictionless<\/td><\/tr>
challenge_indicatorrequired<\/td>
stringIndicates the preference for whether or not a 3DS challenge should be performed.<\/td><\/tr>
optimization<\/td>
objectThe information about the optimization options selected.<\/td><\/tr>
stringThe authentication experience that was used for processing<\/td><\/tr>
google_spa<\/td>
objectGoogle SPA experience.<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/details>\n\n\n\n202 Session accepted and further action required<\/summary>\n
Cko-Request-Id<\/td>
stringThe unique identifier of the request<\/td><\/tr>
Cko-Version<\/td>
stringThe version of the API<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
Response Schema: application\/json<\/h5>\n\n\n\n
session_secretrequired<\/td>
stringA base64 encoded value prefixed with sek_ that gives access to client-side operations for a single authentication within the Sessions API.<\/td><\/tr>
idrequired<\/td>
stringSession unique identifier.<\/td><\/tr>
transaction_idrequired<\/td>
stringThe transaction identifier that needs to be provided when communicating directly with the Access Control Server (ACS).<\/td><\/tr>
schemerequired<\/td>
stringIndicates the scheme this authentication is carried out against.<\/td><\/tr>
amountrequired<\/td>
numberThe amount in the minor currency.<\/td><\/tr>
currencyrequired<\/td>
stringThe three-letter ISO currency code.<\/td><\/tr>
completedrequired<\/td>
booleanIndicates whether this session has been completed.<\/td><\/tr>
challengedrequired<\/td>
booleanIndicates whether this session involved a challenge.<\/td><\/tr>
authentication_typerequired<\/td>
stringIndicates the type of payment this session is for.<\/td><\/tr>
authentication_categoryrequired<\/td>
stringIndicates the category of the authentication request.<\/td><\/tr>
certificates<\/td>
objectPublic certificates specific to a Directory Server (DS) for encrypting device data and verifying ACS signed content.<\/td><\/tr>
statusrequired<\/td>
stringIndicates the status of the session.<\/td><\/tr>
status_reason<\/td>
stringWhen the Session is unavailable this will point to the reason it is so.<\/td><\/tr>
approved<\/td>
booleanWhether the authentication was successful. This will only be set if the Session is in a final state.<\/td><\/tr>
protocol_versionrequired<\/td>
stringThe protocol version number of the specification used by the API for authentication.<\/td><\/tr>
account_info<\/td>
objectAdditional information about the Cardholder’s account.<\/td><\/tr>
merchant_risk_info<\/td>
objectAdditional information about the cardholder’s purchase.<\/td><\/tr>
reference<\/td>
stringA reference you can later use to identify this payment, such as an order number.<\/td><\/tr>
transaction_type<\/td>
stringIdentifies the type of transaction being authenticated.<\/td><\/tr>
next_actions<\/td>
Array of stringsSpecifies which action to take in order to complete the session.<\/td><\/tr>
ds<\/td>
objectThe directory server (DS) information.<\/td><\/tr>
acs<\/td>
objectThe access control server (ACS) information.<\/td><\/tr>
response_code<\/td>
stringThe response from the DS or ACS which indicates whether a transaction qualifies as an authenticated transaction or account verification.<\/td><\/tr>
response_status_reason<\/td>
stringThe response from the DS or ACS which provides information on why the response_code field has the specified value.<\/td><\/tr>
cryptogram<\/td>
stringPayment system-specific value provided as part of the ACS registration for each supported DS.<\/td><\/tr>
eci<\/td>
stringElectronic Commerce Indicator.<\/td><\/tr>
xid<\/td>
stringThe xid value to use for authorization.<\/td><\/tr>
cardholder_info<\/td>
stringMay provide cardholder information from the DS to be presented to the cardholder.<\/td><\/tr>
card<\/td>
objectDetails related to the Session source.<\/td><\/tr>
recurring<\/td>
objectDetails of a recurring authentication.<\/td><\/tr>
installment<\/td>
objectDetails of an installment authentication.<\/td><\/tr>
initial_transaction<\/td>
objectDetails of a previous transaction.<\/td><\/tr>
customer_ip<\/td>
stringThe card holder’s IP address.<\/td><\/tr>
_linksrequired<\/td>
objectThe links related to the session.<\/td><\/tr>
authentication_date<\/td>
string <date-time> Authentication date and time<\/td><\/tr>
exemption<\/td>
objectDetails related to exemption present in 3DS flow<\/td><\/tr>
flow_type<\/td>
stringIndicates whether the 3D Secure 2 authentication was challenged or frictionless<\/td><\/tr>
challenge_indicatorrequired<\/td>
stringIndicates the preference for whether or not a 3DS challenge should be performed.<\/td><\/tr>
optimization<\/td>
objectThe information about the optimization options selected.<\/td><\/tr>
Array of stringsError response code(s).<\/td><\/tr>
errors<\/td>
objectAdditional error details.<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/details>\n\n\n\n422 Invalid data was sent<\/summary>\n
Response Schema: application\/json<\/h5>\n\n\n\n
request_idrequired<\/td>
stringThe unique request identifier.<\/td><\/tr>
error_typerequired<\/td>
stringThe type of error.<\/td><\/tr>
error_codesrequired<\/td>
Array of stringsError response code(s).<\/td><\/tr>
errors<\/td>
objectAdditional error details.<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/details>\n\n\n\n503 Service not available. A temporary server error.<\/summary>\n
Response Schema: application\/json<\/h5>\n\n\n\n
request_idrequired<\/td>
stringThe unique request identifier.<\/td><\/tr>
error_typerequired<\/td>
stringThe type of error.<\/td><\/tr>
error_codesrequired<\/td>
Array of stringsError response code(s).<\/td><\/tr>