Set up an agreement
The setup agreement step validates the cardholder details and stores securely the credentials on file, so that they can be used in subsequent transactions many times without a need to be reintroduced by the customer.
The diagram below describes a typical setup agreement flow using the Merchant API.
You can set up an agreement using one of the following methods:
- /createPaymentRequest
- /setupSubscription
- VerifyCard as Unscheduled Charges
Along with the other mandatory parameters described in the createPaymentRequest page, when set up the agreement using createPaymentRequest API method, you should specify the type parameter. See below the possible values.
curl --request POST \ --url https://<YourShopName>.altapaysecure.com/merchant/API/createPaymentRequest \ --header 'Authorization: Basic auth' \ --data type=subscription \ --data `agreement[type]`=recurring \ --data 'terminal=Pensio Terminal' \ --data shop_orderid=abc123 \ --data amount=50 \ --data currency=EUR \
Use the setupSubscription method as a shortcut for calling the reservation method with type = subscription for payments using the full credit card details.
The method has the exact same parameter specification as reservation, but the type parameter is always set to subscription, even if you specify a different type in the method call.
curl --request POST \ --url https://<YourShopName>.altapaysecure.com/merchant/API/setupSubscription \ --header 'Authorization: Basic auth' \ --data type=subscription \ --data `agreement[type]`=unscheduled \ --data 'terminal=Pensio Terminal' \ --data shop_orderid=abc123 \ --data amount=50 \ --data currency=EUR \ --data cardnum=4111111111111111 \ --data emonth=08 \ --data eyear=2025 \ --data cvc=123 \
It is possible to use the verifyCard to set up unscheduled charges agreement.
See VerifyCard as Unscheduled Charges for more details.
The following table describes the required parameters when set up an agreement
The following list does not represent the complete list of the parameters used when set up an agreement. For the entire list of the parameters, please check the parameters list of every setup agreement method described above.
Select from the drop-down list to see the parameters relevant for that method/acquirer:
Parameter | Description | Type | Mandatory | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
type |
This is the authorization type. Below you can find more details about the type parameter and the possible values. |
string | Yes, excepting the case when setting up the agreement using /setupSubscription method. | ||||||||||||||||||
agreement[type] |
This is the type of the agreement. Below you can find more details about the agreement[type] parameter and the possible values. |
string | No. Recurring value will be used in case the parameter is not set. | ||||||||||||||||||
agreement[unscheduled_type] |
This is the type of the unscheduled agreement. Below you can find more details about the agreement[unscheduled_type] parameter and the possible values. |
string | Only in case the type is subscriptionAndCharge or subscriptionAndReserve and the agreement[type]=unscheduled. | ||||||||||||||||||
agreement[expiry] |
This is the date when the agreement expires. It must have the format YYYYMMDD. |
string | No. | ||||||||||||||||||
agreement[frequency] |
It is an integer value representing the frequency between the charge agreement requests made by the merchant. Possible values: |
string |
No.
Not allowed for unscheduled agreement. |
||||||||||||||||||
agreement[next_charge_date] |
This is the date of the first charge agreement request made by the merchant. It must have the format YYYYMMDD.. |
string | No | ||||||||||||||||||
agreement[admin_url] |
This is a link to a page on the merchant side where the customer can manage the agreement. |
string | |||||||||||||||||||
agreement[retention_period] |
The customer will be able to cancel the agreement only after passing this retention period. |
string | No | ||||||||||||||||||
customer_info[customer_phone] |
This is the customer phone number. Used to improve customer experience. |
string | Recommended for a good customer experience. | ||||||||||||||||||
orderLines |
The individual line items of the order. This is mandatory for some providers, and recommended for a good customer experience. See details here
UnitPrice and quantity parameters might be required for this order line, but that parameters are not relevant to the Create Vipps agreement request.
UnitPrice and quantity parameters might be required for this order line, but that parameters are not relevant to the Create Vipps agreement request. |
Array |
Subscription type
When setting up a new agreement, you can decide whether to just set up the agreement, or set it up and immediately create a reservation or charge for the created agreement, using the type parameter on the call:
Payment request type |
Description |
---|---|
subscription |
The payment is part of an agreement. The agreement is set up, and the payment is authorized immediately, but as a merchant, you have to capture each instalment separately using the captureReservation or chargeSubscription method, or using the Merchant Information Interface. |
subscriptionAndCharge |
The agreement is set up, and an attempt is made to capture the first instalment payment. The XML response has two <Transaction> elements. If either the agreement setup or the capture is successful, the <Result> XML response parameter is set to Success, even if the other transaction fails. This means that you cannot rely solely on the <Result> parameter to determine whether the transaction was successful.
|
subscriptionAndReserve |
The agreement is set up, and an attempt is made to reserve the first instalment payment. Not all acquirers support this. For more information, see Payment methods and providers.
If either the agreement setup, or the reservation is successful, the <Result> XML response parameter is set to Success, even if one of the transactions fail. The XML response has two <Transaction> elements. This means that you cannot rely solely on the <Result> parameter to determine whether the transaction was successful. |
Agreement type
When setting up a new agreement, you can decide what kind of agreement you want to create, using the agreement[type] parameter on the call:
Agreement type |
Description |
---|---|
recurring |
Allows the merchant to charge the customer with a specific frequency and in most cases with a specific amount, in exchange for fixed goods or services. Default. If no agreement[type] is provided, recurring will be used. When set up a recurring agreement, the Strong Customer Authentication takes place. |
instalment |
Allows the merchant to charge the customer for goods or services billed to a cardholder in multiple transactions, over a period of time agreed with the cardholder. When set up an instalment agreement, the Strong Customer Authentication takes place. |
unscheduled |
Allows the merchant to charge the customer for goods or services that do not follow a specific frequency, neither have a fixed amount to be paid out. When only setting up an unscheduled agreement "authType=subscription", you can use 0 as amount in order to avoid charging customer. If you're intending to reserve/charge right away, please use the right amount in the request. When set up an unscheduled agreement, the Strong Customer Authentication takes place. |
Unscheduled type
In case the type parameter is subscriptionAndCharge or subscriptionAndReserve and the agreement[type]=unscheduled, the agreement[unscheduled_type] parameter is mandatory.
Unshceduled type |
Description |
---|---|
incremental |
An incremental authorisation is typically found in hotel and car rental environments, where the cardholder has agreed to pay for any service incurred during the duration of the contract. A common scenario is additional services charged to the contract, such as extending a stay in a hotel. For the incremental authorisation, the cardholder authentication is not required. |
resubmission |
This is an event that occurs when the original purchase occurred but the Merchant was not able to get authorisation at the time the goods or the services were provided. For the resubmission authorisation, the cardholder authentication is not required. |
delayedCharges |
A delayed charge is typically used in hotel, cruise lines and vehicle rental environments to perform a supplemental account charge after original services are rendered. For the delayed charge authorisation, the cardholder authentication is not required. |
reauthorisation |
A reauthorisation is a purchase made after the original purchase. A common scenario is delayed/split shipments. For the reauthorisation, the cardholder authentication is not required. |
noShow |
A no-show is a transaction where the merchant are enabled to charge for services which the cardholder entered into an agreement to purchase, but the cardholder did not meet the terms of the agreement. For the no-show authorisations, the cardholder authentication is not required. |
charge |
A transaction using a Stored Credential for a fixed or variable amount that does not occur on a scheduled or regularly occurring transaction date. This includes account top-ups triggered by balance thresholds. For the charge authorisations, the Strong Customer Authentication takes place. |
Response Examples
Here is an example of the XML response when the agreement setup succeeds, but the first charge fails. The XML response is posted to the fail page (callback_fail).
There are two transactions, one with AuthType set to subscriptionAndCharge, representing the agreement, and one with AuthType set to subscription_payment, representing the first agreement payment.
The Result parameter in the XML response says Success, but the TransactionStatus of the agreement payment is captured_failed, and the TransactionStatus of the agreement itself says released. This means that you cannot rely on the Result parameter to determine whether the agreement was successfully paid for, but rather, you must look at the individual TransactionStatus parameters.
This means that if a charge fails, you can try to capture the payment at a later stage, without forcing your customer to create a new agreement.
You can use a credit card with number 4180000000001366 to trigger the failure.
<?xml version="1.0"?> <APIResponse version="20170228"> <Header> <Date>2020-11-20T16:27:56+01:00</Date> <Path>API/reservation</Path> <ErrorCode>0</ErrorCode> <ErrorMessage/> </Header> <Body> <Result>Success</Result> <Transactions> <Transaction> <TransactionId>24045341</TransactionId> <PaymentId>96d3c1da-f813-4eb2-b291-58a5a690831b</PaymentId> <AuthType>subscriptionAndCharge</AuthType> <TransactionStatus>released</TransactionStatus> <ReservedAmount>250.00</ReservedAmount> <RecurringDefaultAmount>250.00</RecurringDefaultAmount> </Transaction> <Transaction> <TransactionId>24045351</TransactionId> <PaymentId>951b9526-cfdc-4f2e-9912-83e6b9ee085a</PaymentId> <AuthType>subscription_payment</AuthType> <TransactionStatus>captured_failed</TransactionStatus> </Transaction> </Transactions> </Body> </APIResponse>
When the agreement setup fails because the payment fails, the Result shows Failed, and the TransactionStatus is recurring_failed.
Here is an edited example of the XML response:
<?xml version="1.0"?> <APIResponse version="20170228"> <Header> <Date>2020-11-20T16:48:59+01:00</Date> <Path>API/reservation</Path> <ErrorCode>0</ErrorCode> <ErrorMessage/> </Header> <Body> <Result>Failed</Result> <MerchantErrorMessage>TestAcquirer[pan=1466 or amount=14660]</MerchantErrorMessage> <CardHolderErrorMessage>Card Declined</CardHolderErrorMessage> <CardHolderMessageMustBeShown>false</CardHolderMessageMustBeShown> <Transactions> <Transaction> <TransactionId>24045611</TransactionId> <PaymentId>f9cc991a-a77a-42c8-9434-8fdd0f05a91b</PaymentId> <AuthType>subscriptionAndCharge</AuthType> <CardStatus>SoonExpired</CardStatus> <CreditCardExpiry> <Year>2017</Year> <Month>11</Month> </CreditCardExpiry> <CreditCardToken>33711c0f5a429e2065c4e1e5d5496b35b5a13af5</CreditCardToken> <CreditCardMaskedPan>413000******1466</CreditCardMaskedPan> <ThreeDSecureResult>Not_Attempted</ThreeDSecureResult> <LiableForChargeback>Merchant</LiableForChargeback> <CVVCheckResult>Not_Attempted</CVVCheckResult> <BlacklistToken>d73dad45c5934735899faf5465d1b37cfb1cb118</BlacklistToken> <ShopOrderId>4305925</ShopOrderId> <Shop>Sander Improvement Software AB</Shop> <Terminal>Sander Improvement Software AB Test Terminal</Terminal> <TransactionStatus>recurring_failed</TransactionStatus> <ReasonCode>NONE</ReasonCode> <MerchantCurrency>978</MerchantCurrency> <MerchantCurrencyAlpha>EUR</MerchantCurrencyAlpha> </Transaction> </Transactions> </Body> </APIResponse>
When the agreement setup is done by calling /createPaymentRequest, you get a redirect response which contains the URL where to redirect the customer to the payment page.
For more details about the /createPaymentRequest method response, please see createPaymentRequest response section.
<?xml version="1.0"?> <APIResponse version="20170228"> <Header> <Date>2022-04-01T12:46:23+00:00</Date> <Path>API/createPaymentRequest</Path> <ErrorCode>0</ErrorCode> <ErrorMessage/> </Header> <Body> <Result>Success</Result> <PaymentRequestId>9ac6084e-c8dc-4e3b-b812-34857ed41ce2</PaymentRequestId> <Url>https://<YourShopName>/eCommerce/API/requestForm?pid=9ac6084e-c8dc-4e3b-b812-34857ed41ce2</Url> <DynamicJavascriptUrl>https://<YourShopName>/eCommerce/API/embeddedPaymentWindow?pid=9ac6084e-c8dc-4e3b-b812-34857ed41ce2</DynamicJavascriptUrl> </Body> </APIResponse>
Visa decline reasons
Visa rules for merchants that are retrying declined transactions dependent on the decline message. Visa has 4 categories of decline reasons, for how merchants should be handling declined transactions. Please note that this is in relation to Visa cards.
Catagory of decline reason
Category 1
This category indicates that a card is blocked or never existed, meaning there is no circumstance under which the issuer will approve the transaction. There should be made No reattempt to authorise a transaction that has received a category-1 decline.
Category 2
This category indicates that the issuer may approve but cannot do so now due to a system issue or lack of cardholder funds. It is a temporary decline and may change over time and retry attempts. It is allowed up to 15 transaction reattempts per card in 30 days after receiving a category-2 decline.Category 3
This category indicates that the issuer cannot approve the transaction based on the details provided, for example, due to an invalid account number, incorrect card verification value or expiration date. Up to 25,000 category-3 declines in 30 days per merchant is allowed.
Category 4
This category includes all decline codes which are not included in categories 1, 2 and 3. Only 15 transaction reattempts per card in 30 days after receiving a category-4 decline is allowed.
Visa decline reasons
Category 1
Category 2
Category 3
Category 4
PBS decline error strings
Category 1
Category 2
Category 3
Category 4
Elavon decline reasons
Category 1
Category 2
Category 3
Category 4
Please make sure you store the transaction_id in your system.
The transactionId of the setup agreement transaction from the response will be sent as the agreement[id] parameter of the charge agreement request.