Payment API

Overview

Account Details

Overview
Create an account
Update an account
Get account information

Authorisation Control

Overview
Authorisation Control Webhook

Authorisation Forwarding

Overview
Forward authorisation webhook

Card details

Overview
Create card
Update card
Get application
Update application
Get card
Get plastic
Get EMV scripts
Update plastic

Customer

Overview
Get customer information
Create a customer
Update a customer
Customer hierarchy

Exchange Rates API

Overview
Get ECB exchange rate
Get ECB supported currencies
Get FX exchange rates

ID

Overview
Initiate 3rd party authentication flow
Callback to complete authentication flow

Instalment

Overview
Instalment Controller

Invoice

Overview
Get invoice information
Update invoice information

Notification

Overview
Receive a notification

Overview
PIN operations with pre-shared key
PIN operations using PKI

PIN Control

Overview
PIN Control handling

Purchase Details

Overview
Trigger repricing
Get purchase details
Create purchase details
Update purchase details

RBA Forwarding

Overview
RBA forwarding

Repricing

Overview
Create repricing agreements
Get repricing agreements
Update repricing agreements
Create price lists
Get price lists
Update price lists

Transaction

Overview
Test transactions
Test authorizations
Get transaction data
Create transactions
Create fees
Update a transaction
Batch payment

Transfer API

Overview
Post account to account transfer
Account to account batch transfer
Post card to card transfer

Wallet

Overview
Push Provision
Activation data
Get tokens

Test API

Overview
test-auth-request-templates
test-authorizations

Hierarchy API

Overview
Card Hierarchy Management
Card Hierarchy Group Management
Card Management in Card Hierarchy Groups

Spend Control API

Overview
Rule Sets Endpoints
Rules Endpoints
Spend Control Test Endpoint

Introduction

Enfuce ID is used for handling authentication towards both EnfuceID’s own authentication system and as well to 3rd party authentication systems.

Common

All endpoints will respect and make use of HTTP response codes. Requests and respones are UTF-8 encoded and in a standardized JSON format described here after. A client must be able to handle cases where elements are added to either the request or response, i.e still parsing the content but not act on new elements.

Authentication towards all endpoints are using basic authentication according to RFC 7617.

For the outgoing webhook basic authentication according to RFC 7617 is the method that is supported.

Timeout must be 150 seconds. This means that a 3rd party authentication system has 150 seconds to do a callback with result of authentication. Otherwise Enfuce will respond with timeout to ACS and end user authentication will fail and the callback is invalidated. The 3rd party authentication system can send TIMEOUT as result before the 150 seconds, if they would want to have a shorter timeout.

CustomerNumber in this context is equal to customerNumber in other parts of Enfuce API.| Authentication process in order to verify a 3D Secure purchase is having the following flow within Enfuce ID:

ACS receives incoming request from payment network including merchant information. End user is presented with a landing page. Landing page to be customized with font and 1 picture
ACS calls EnfuceID which is Enfuce internal authentication proxy
EnfuceID will forward the request and then calling 3rd party authentication system

Request contains a unique session id (UUID) that authentication system will report back authentication result on
It will also contain customer number (3rd party authentication system can if needed lookup more customer information from other parts of Enfuce API
EnfuceID expects a HTTP 200 OK response within 2 seconds

Once 3rd party authentication system has got a result they should call the callback endpoint with the result
EnfuceID forwards the result to ACS