This section helps the client build the External Authorization API. External Authorization API is a client-hosted API called by the Prepaid system whenever an auth transaction occurs for client approval (external authorizer).
Prerequisites
- Basis the approval/rejection from the client side, the response will be passed ahead with the network.
- The client should make this API available all the time and the response should be well within the timeout time.
- If the API does not respond withing the timeout time, then the issuer shall decline the transaction as timed-out.
- The timeout time at Wibmo Prepaid is 2000 milliseconds.
- The endpoint ending with <API_PATH> must be maintained by the client.
API / webhooks headers
| Parameter | Type | Parameter Requirement | Description |
|---|---|---|---|
| X-Consumer-Custom-ID | string (15) | Mandatory | This is the unique key to be shared with the client by Wibmo for the API environment exposure. |
| clientId | string (15) | Mandatory | This is the Unique ID for the client to be shared by Wibmo. |
| bankId | numeric (4) | Mandatory | Unique ID to identify the issuer bank. Wibmo to share.6060 - in case PayU is the issuer |
| entityId | numeric (4) | Optional | Child corporate/branch entity ID under the client. If not passed, it will default to the client's parent branch. |
External authorization
API URL Path: api/v1/externalAuth
Type: POST
Request parameters
| Parameter | Type | Parameter Requirement | Description | Sample value |
|---|---|---|---|---|
| customerId | string(50) | Optional | Unique customer ID for the customer in the Prepaid and client system. | HRM0054454 |
| urn | string(20) | Mandatory | Unique reference number for the customer. | 10000333 |
| merchantName | string(50) | Optional | The Merchant name of the transaction | xyz |
| terminalId | string(50) | Mandatory | Terminal ID | 1234 |
| mcc | numeric(10) | Optional | Payee merchant category code | 5999 |
| systemTraceAuditNumber | numeric(6) | Mandatory | STAN 6-digit unique internal audit number for the issuer | 162 |
| cardNetwork | string(20) | Mandatory | Card scheme | RUPAY |
| channel | string(10) | Mandatory | POS, ECOM, ATM, POS-Contactless | ATM |
| merchantId | string(50) | Optional | Payee merchant ID | 12 |
| transactionAmount | string(15) | Mandatory | Transaction amount in implied decimals. | 20000 |
| fee | string(15) | Optional | Fee collected for the transaction in implied decimals. | 1000 |
| transactionReferenceNumber | string(50) | Mandatory | Transaction Reference Number | 0200900780010618271700000123 |
| currencyCode | string(3) | Optional | In ISO-4217 country currency code format. E.g., 356 for INR and 840 for USD | 356 |
| last4Digits | string(4) | Mandatory | Last four digits of the card number | 8689 |
| originalRrn | string(30) | Optional | RRN received from the network | 726474 |
| billingCurrency | string(3) | Conditional For cross border transactions, billing currency and billing amount will be used. | Billing currency code in ISO-4217 country currency code format. E.g., 356 for INR and 840 for USD | 356 |
| billingAmount | string(15) | Conditional | Billing currency Amount in implied decimals. | 2000 |
Sample request
{
"fee": "1000",
"merchantName": "xyz",
"terminalId": "1234",
"mcc": 5999,
"systemTraceAuditNumber": 900780,
"entityId": "100",
"cardNetwork": "RUPAY",
"channel": "ATM",
"merchantId": "12",
"transactionAmount": "200000",
"transactionReferenceNumber": "0200900780010618271700000123",
"urn": "611930",
"currencyCode": "356",
"last4Digits": "1234",
"orignialRrn": "726474",
"customerId": "IN2016201611",
"billingCurrency": "356",
"billingAmount": "200000"
}
Response parameters
| Parameter | Type | Parameter Requirement | Description | Sample value |
|---|---|---|---|---|
| responseCode | string(5) | Mandatory | Response code as per the API response code table. | 00 |
| responseDescription | string(100) | Mandatory | Response description based on the responseCode. | TRANSACTION_APPROVED |
| responseDateTime | numeric(14) | Mandatory | Response timestamp in the format YYYYMMDDHHMMSS with time in 24 hr format. | 20161031214559 |
| transactionAmount | string(15) | Mandatory | Transaction amount. | 20000 |
| currencyCode | string(3) | Mandatory | Echoed from the request. | 356 |
Sample response
{
"transactionAmount": "200000",
"currencyCode": "356",
"responseCode": "00",
"responseDescription": "TRANSACTION_APPROVED",
"responseDateTime": "20161031214559"
}
Response codes
Note:
A proper response code should be sent in the response from the client. In case of any other scenario from the codes mentioned in the following table, `05` should be passed by default.
| Response code | Response description |
|---|---|
00 | TRANSACTION_APPROVED |
05 | DO_NOT_HONOR |
14 | CARD_NOT_FOUND |
34 | SUSPECTED_FRAUD |
41 | LOST_CARD |
43 | STOLEN_CARD |
51 | NO_SUFFICIENT_FUNDS |
61 | EXCEEDS_WITHDRAWAL_AMOUNT_LIMIT |
65 | EXCEEDS_WITHDRAWAL_FREQUENCY_LIMIT |