openapi: 3.1.0 servers: - url: https://balanceplatform-api-test.adyen.com/btl/v2 info: version: '2' x-publicVersion: true title: Authorization webhooks description: 'Adyen sends webhooks to inform your system about events related to transaction authorizations. ' termsOfService: https://www.adyen.com/legal/terms-and-conditions contact: name: Adyen Developer Experience team url: https://github.com/Adyen/adyen-openapi tags: - name: Relayed authorization webhooks: balancePlatform.authorisation.relayed: post: tags: - Relayed authorization summary: Relayed authorization requested description: 'Adyen sends this webhook to allow you to provide [relayed authorization](https://docs.adyen.com/issuing/authorisation/relayed-authorisation/#respond-to-webhook) for a transaction. To complete a relayed authorization, respond to this webhook with an **HTTP 200** response. Include the `authorisationDecision` in the response body. If we do not receive the response within two seconds, we apply your [fallback logic](https://docs.adyen.com/issuing/authorisation/relayed-authorisation/#fallback).' operationId: post-balancePlatform.authorisation.relayed x-sortIndex: 2 x-methodName: relayedAuthorizationRequested security: - BasicAuth: [] requestBody: content: application/json: schema: $ref: '#/components/schemas/RelayedAuthorisationRequest' responses: '200': content: application/json: schema: $ref: '#/components/schemas/RelayedAuthorisationResponse' description: OK - the request has succeeded. '400': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Bad Request - a problem reading or understanding the request. '401': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Unauthorized - authentication required. '403': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Forbidden - insufficient permissions to process the request. '422': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Unprocessable Entity - a request validation error. '500': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Internal Server Error - the server could not process the request. components: schemas: Amount: additionalProperties: false properties: currency: description: The three-character [ISO currency code](https://docs.adyen.com/development-resources/currency-codes#currency-codes). maxLength: 3 minLength: 3 type: string value: description: The amount of the transaction, in [minor units](https://docs.adyen.com/development-resources/currency-codes#minor-units). format: int64 type: integer required: - value - currency type: object AmountAdjustment: additionalProperties: false properties: amount: description: The adjustment amount. $ref: '#/components/schemas/Amount' amountAdjustmentType: description: 'The type of markup that is applied to an authorised payment. Possible values: **exchange**, **forexMarkup**, **authHoldReserve**, **atmMarkup**.' enum: - atmMarkup - authHoldReserve - exchange - forexMarkup type: string basepoints: description: The basepoints associated with the applied markup. format: int32 type: integer fixedAmount: description: The specific amount of the adjustment. $ref: '#/components/schemas/Amount' floorAmount: description: The minimum amount of the adjustment. $ref: '#/components/schemas/Amount' limitAmount: description: The maximum amount of the adjustment. $ref: '#/components/schemas/Amount' type: object Authentication: additionalProperties: false properties: email: description: The email address where the one-time password (OTP) is sent. type: string password: description: "The password used for 3D Secure password-based authentication.\ \ The value must be between 1 to 30 characters and must only contain the\ \ following supported characters.\n\n* Characters between **a-z**, **A-Z**,\ \ and **0-9**\n\n* Special characters: **\xE4\xF6\xFC\xDF\xC4\xD6\xDC\ +-*/\xE7%()=?!~#'\",;:$&\xE0\xF9\xF2\xE2\xF4\xFB\xE1\xFA\xF3**" maxLength: 30 minLength: 1 type: string phone: description: 'The phone number where the one-time password (OTP) is sent. This object must have: * A `type` set to **mobile**. * A `number` with a valid country code. * A `number` with more than 4 digits, excluding the country code. >Make sure to verify that the card user owns the phone number.' $ref: '#/components/schemas/Phone' type: object AuthorisationDecisionRequest: additionalProperties: false properties: reasonCode: description: The reason of the authorization decision. type: string status: description: 'The status of the authorization decision. Possible values: **Authorised** or **Refused**.' type: string statusCode: description: The code of the authorization decision. type: string type: object AuthorisationDecisionResponse: additionalProperties: false properties: refusalReason: description: The reason for refusing the authorization. type: string status: description: "The status of the authorization. \n\nPossible values: \n\n\ * **Authorised** \n\n* **Refused** \n\nFor more information, refer to\ \ [Use relayed authorization](https://docs.adyen.com/issuing/authorisation/relayed-authorisation/)." enum: - Authorised - Refused type: string required: - status type: object BalanceMutation: additionalProperties: false properties: balanceAfter: description: The balance amount after the mutation. $ref: '#/components/schemas/Amount' balanceBefore: description: The balance amount before the mutation. $ref: '#/components/schemas/Amount' currency: description: The three-character [ISO currency code](https://docs.adyen.com/development-resources/currency-codes). type: string mutationAmount: description: The amount of the mutation. $ref: '#/components/schemas/Amount' type: description: The type of the mutation. type: string type: object BankAccountDetails: additionalProperties: false properties: accountNumber: description: The bank account number, without separators or whitespace. type: string accountType: default: checking description: 'The bank account type. Possible values: **checking** or **savings**. Defaults to **checking**.' type: string branchNumber: description: The bank account branch number, without separators or whitespace type: string formFactor: default: physical description: "Business accounts with a `formFactor` value of **physical**\ \ are business accounts issued under the central bank of that country.\ \ The default value is **physical** for NL, US, and UK business accounts.\ \ \n\nAdyen creates a local IBAN for business accounts when the `formFactor`\ \ value is set to **virtual**. The local IBANs that are supported are\ \ for DE and FR, which reference a physical NL account, with funds being\ \ routed through the central bank of NL." type: string iban: description: The international bank account number as defined in the [ISO-13616](https://www.iso.org/standard/81090.html) standard. type: string routingNumber: description: The [routing number](https://en.wikipedia.org/wiki/ABA_routing_transit_number), without separators or whitespace. type: string sortCode: description: The [sort code](https://en.wikipedia.org/wiki/Sort_code), without separators or whitespace. type: string type: default: iban description: '**iban** or **usLocal** or **ukLocal**' type: string required: - type type: object BulkAddress: additionalProperties: false properties: city: description: The name of the city. type: string company: description: The name of the company. type: string country: description: The two-character ISO-3166-1 alpha-2 country code. For example, **US**. type: string email: description: The email address. type: string houseNumberOrName: description: The house number or name. type: string mobile: description: The full telephone number. type: string postalCode: description: 'The postal code. Maximum length: * 5 digits for addresses in the US. * 10 characters for all other countries.' type: string stateOrProvince: description: 'The two-letter ISO 3166-2 state or province code. Maximum length: 2 characters for addresses in the US.' type: string street: description: The streetname of the house. type: string required: - country type: object Card: additionalProperties: false properties: authentication: description: Contains the card user's password and mobile phone number. This is required when you issue cards that can be used to make online payments within the EEA and the UK, or can be added to digital wallets. Refer to [3D Secure and digital wallets](https://docs.adyen.com/issuing/3d-secure-and-wallets) for more information. $ref: '#/components/schemas/Authentication' bin: description: The bank identification number (BIN) of the card number. type: string brand: description: 'The brand of the physical or the virtual card. Possible values: **visa**, **mc**.' type: string brandVariant: description: 'The brand variant of the physical or the virtual card. For example, **visadebit** or **mcprepaid**. >Reach out to your Adyen contact to get the values relevant for your integration.' type: string cardholderName: description: "The name of the cardholder.\n Maximum length: 26 characters." maxLength: 26 type: string configuration: description: "Settings required when creating a physical or a virtual card.\ \ \n\nReach out to your Adyen contact to get the values that you can send\ \ in this object." $ref: '#/components/schemas/CardConfiguration' cvc: description: 'The CVC2 value of the card. > The CVC2 is not sent by default. This is only returned in the `POST` response for single-use virtual cards.' type: string deliveryContact: x-addedInVersion: '2' description: The delivery contact (name and address) for physical card delivery. $ref: '#/components/schemas/DeliveryContact' expiration: description: The expiration date of the card. $ref: '#/components/schemas/Expiry' formFactor: description: 'The form factor of the card. Possible values: **virtual**, **physical**.' enum: - physical - unknown - virtual type: string lastFour: description: Last last four digits of the card number. type: string number: description: 'The primary account number (PAN) of the card. > The PAN is masked by default and returned only for single-use virtual cards.' type: string threeDSecure: description: 'Allocates a specific product range for either a physical or a virtual card. Possible values: **fullySupported**, **secureCorporate**. >Reach out to your Adyen contact to get the values relevant for your integration.' type: string required: - formFactor - cardholderName - brand - brandVariant - number type: object CardConfiguration: additionalProperties: false properties: activation: description: Overrides the activation label design ID defined in the `configurationProfileId`. The activation label is attached to the card and contains the activation instructions. type: string activationUrl: description: "Your app's URL, if you want to activate cards through your\ \ app. For example, **my-app://ref1236a7d**. A QR code is created based\ \ on this URL, and is included in the carrier. Before you use this field,\ \ reach out to your Adyen contact to set up the QR code process. \n\n\ Maximum length: 255 characters." maxLength: 255 type: string bulkAddress: description: Overrides the shipment bulk address defined in the `configurationProfileId`. $ref: '#/components/schemas/BulkAddress' cardImageId: description: The ID of the card image. This is the image that will be printed on the full front of the card. type: string carrier: description: Overrides the carrier design ID defined in the `configurationProfileId`. The carrier is the letter or packaging to which the card is attached. type: string carrierImageId: description: The ID of the carrier image. This is the image that will printed on the letter to which the card is attached. type: string configurationProfileId: description: 'The ID of the card configuration profile that contains the settings of the card. For example, the envelope and PIN mailer designs or the logistics company handling the shipment. All the settings in the profile are applied to the card, unless you provide other fields to override them. For example, send the `shipmentMethod` to override the logistics company defined in the card configuration profile.' type: string currency: description: The three-letter [ISO-4217](https://en.wikipedia.org/wiki/ISO_4217) currency code of the card. For example, **EUR**. type: string envelope: description: 'Overrides the envelope design ID defined in the `configurationProfileId`. ' type: string insert: description: Overrides the insert design ID defined in the `configurationProfileId`. An insert is any additional material, such as marketing materials, that are shipped together with the card. type: string language: description: The two-letter [ISO-639-1](https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) language code of the card. For example, **en**. type: string logoImageId: description: The ID of the logo image. This is the image that will be printed on the partial front of the card, such as a logo on the upper right corner. type: string pinMailer: description: Overrides the PIN mailer design ID defined in the `configurationProfileId`. The PIN mailer is the letter on which the PIN is printed. type: string shipmentMethod: description: Overrides the logistics company defined in the `configurationProfileId`. type: string required: - configurationProfileId type: object DeliveryAddress: additionalProperties: false properties: city: description: The name of the city. type: string country: description: 'The two-character ISO-3166-1 alpha-2 country code. For example, **US**. >If you don''t know the country or are not collecting the country from the shopper, provide `country` as `ZZ`.' type: string line1: description: 'The name of the street. Do not include the number of the building. For example, if the address is Simon Carmiggeltstraat 6-50, provide **Simon Carmiggeltstraat**.' type: string line2: description: 'The number of the building. For example, if the address is Simon Carmiggeltstraat 6-50, provide **6-50**.' type: string line3: description: Additional information about the delivery address. type: string postalCode: description: 'The postal code. Maximum length: * 5 digits for an address in the US. * 10 characters for an address in all other countries.' type: string stateOrProvince: description: 'The two-letter ISO 3166-2 state or province code. For example, **CA** in the US or **ON** in Canada. > Required for the US and Canada.' type: string required: - country type: object DeliveryContact: additionalProperties: false properties: address: description: The address of the contact. $ref: '#/components/schemas/DeliveryAddress' company: x-addedInVersion: '2' description: The company name of the contact. type: string email: description: The email address of the contact. type: string fullPhoneNumber: description: 'The full phone number of the contact provided as a single string. It will be handled as a landline phone. **Examples:** "0031 6 11 22 33 44", "+316/1122-3344", "(0031) 611223344"' type: string name: description: The name of the contact. $ref: '#/components/schemas/Name' phoneNumber: description: The phone number of the contact. $ref: '#/components/schemas/PhoneNumber' webAddress: description: The URL of the contact's website. type: string required: - name - address type: object Expiry: additionalProperties: false properties: month: description: The month in which the card will expire. type: string year: description: The year in which the card will expire. type: string type: object IbanAccountIdentification: additionalProperties: false properties: iban: description: The international bank account number as defined in the [ISO-13616](https://www.iso.org/standard/81090.html) standard. type: string type: default: iban description: '**iban**' enum: - iban type: string required: - type - iban type: object MerchantData: additionalProperties: false properties: acquirerId: description: The unique identifier of the merchant's acquirer. type: string mcc: description: The merchant category code. type: string merchantId: description: The unique identifier of the merchant. type: string nameLocation: description: Contains the name and location of the merchant. $ref: '#/components/schemas/NameLocation' postalCode: description: The postal code of the merchant. type: string type: object Name: additionalProperties: false properties: firstName: description: The first name. maxLength: 80 type: string lastName: description: The last name. maxLength: 80 type: string required: - firstName - lastName type: object NameLocation: additionalProperties: false properties: city: description: The city where the merchant is located. type: string country: description: The country where the merchant is located in [three-letter country code](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-3) format. type: string countryOfOrigin: description: The home country in [three-digit country code](https://en.wikipedia.org/wiki/ISO_3166-1_numeric) format, used for government-controlled merchants such as embassies. type: string name: description: The name of the merchant's shop or service. type: string rawData: description: The raw data. type: string state: description: The state where the merchant is located. type: string type: object PaymentInstrument: additionalProperties: false properties: additionalBankAccountIdentifications: deprecated: true x-deprecatedInVersion: '2' x-deprecatedMessage: Please use `bankAccount` object instead description: Contains optional, additional business account details. Returned when you create a payment instrument with `type` **bankAccount**. items: oneOf: - $ref: '#/components/schemas/IbanAccountIdentification' type: array balanceAccountId: description: The unique identifier of the [balance account](https://docs.adyen.com/api-explorer/#/balanceplatform/v1/post/balanceAccounts__resParam_id) associated with the payment instrument. type: string bankAccount: description: Contains the business account details. Returned when you create a payment instrument with `type` **bankAccount**. $ref: '#/components/schemas/BankAccountDetails' card: description: Contains information about the card payment instrument. Returned when you create a payment instrument with `type` **card**. $ref: '#/components/schemas/Card' description: description: Your description for the payment instrument, maximum 300 characters. maxLength: 300 type: string id: description: The unique identifier of the payment instrument. type: string issuingCountryCode: description: The two-character [ISO 3166-1 alpha-2](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) country code where the payment instrument is issued. For example, **NL** or **US**. type: string paymentInstrumentGroupId: description: The unique identifier of the [payment instrument group](https://docs.adyen.com/api-explorer/#/balanceplatform/v1/post/paymentInstrumentGroups__resParam_id) to which the payment instrument belongs. type: string reference: description: Your reference for the payment instrument, maximum 150 characters. maxLength: 150 type: string replacedById: description: The unique identifier of the payment instrument that replaced this payment instrument. type: string replacementOfId: description: The unique identifier of the payment instrument that is replaced by this payment instrument. type: string status: description: "The status of the payment instrument. If a status is not specified\ \ when creating a payment instrument, it is set to **active** by default.\ \ However, there can be exceptions for cards based on the `card.formFactor`\ \ and the `issuingCountryCode`. For example, when issuing physical cards\ \ in the US, the default status is **inactive**.\n\nPossible values: \n\ \n * **active**: The payment instrument is active and can be used to\ \ make payments. \n\n * **inactive**: The payment instrument is inactive\ \ and cannot be used to make payments. \n\n * **suspended**: The payment\ \ instrument is suspended, either because it was stolen or lost. \n\n\ \ * **closed**: The payment instrument is permanently closed. This action\ \ cannot be undone. \n\n" enum: - active - closed - inactive - suspended type: string statusComment: x-addedInVersion: '2' description: The status comment provides additional information for the statusReason of the payment instrument. type: string statusReason: x-addedInVersion: '2' description: 'The reason for the status of the payment instrument. Possible values: **accountClosure**, **damaged**, **endOfLife**, **expired**, **lost**, **stolen**, **suspectedFraud**, **transactionRule**, **other**. If the reason is **other**, you must also send the `statusComment` parameter describing the status change.' enum: - accountClosure - damaged - endOfLife - expired - lost - other - stolen - suspectedFraud - transactionRule type: string type: description: 'The type of payment instrument. Possible values: **card**, **bankAccount**.' enum: - bankAccount - card type: string required: - balanceAccountId - issuingCountryCode - type - id type: object Phone: additionalProperties: false properties: number: description: "The full phone number provided as a single string. \nFor example,\ \ **\"0031 6 11 22 33 44\"**, **\"+316/1122-3344\"**, \n\n or **\"(0031)\ \ 611223344\"**." type: string type: description: "Type of phone number.\nPossible values: \n**Landline**, **Mobile**.\n" enum: - landline - mobile type: string required: - number - type type: object PhoneNumber: additionalProperties: false properties: phoneCountryCode: description: 'The two-character ISO-3166-1 alpha-2 country code of the phone number. For example, **US** or **NL**.' type: string phoneNumber: description: 'The phone number. The inclusion of the phone number country code is not necessary.' type: string phoneType: description: 'The type of the phone number. Possible values: **Landline**, **Mobile**, **SIP**, **Fax**.' enum: - Fax - Landline - Mobile - SIP type: string type: object RelayedAuthorisationRequest: additionalProperties: false properties: accountHolder: description: The reference of the account holder. $ref: '#/components/schemas/ResourceReference' amount: description: The amount of the transaction. $ref: '#/components/schemas/Amount' amountAdjustments: description: The amount adjustments in the transaction. items: $ref: '#/components/schemas/AmountAdjustment' type: array authCode: description: The authorization code for the payment. type: string authorisationDecision: description: The decision of the authorization. $ref: '#/components/schemas/AuthorisationDecisionRequest' authorisationType: description: 'The authorization type. Possible values: * **finalAuthorisation** * **preAuthorisation** * **defaultAuthorisation**' type: string balanceAccount: description: The reference of the balance account. $ref: '#/components/schemas/ResourceReference' balanceMutations: description: The list of balance mutations per event. items: $ref: '#/components/schemas/BalanceMutation' type: array balancePlatform: description: The unique identifier of the balance platform. type: string entryMode: description: 'The entry mode of the information of the payment instrument. For example: **contactless**, **chip**, **magstripe**.' type: string id: description: The unique identifier of the transfer. type: string merchantData: description: The information about the merchant. $ref: '#/components/schemas/MerchantData' originalAmount: description: The amount in the original currency. $ref: '#/components/schemas/Amount' paymentInstrument: description: Contains information about the payment instrument. $ref: '#/components/schemas/PaymentInstrument' processingType: description: 'The processing type used for this payment. For example: **ecommerce**, **pos**, **moto**.' type: string reference: description: The reference of the payment. type: string schemeRiskScore: description: The risk score provided by the card schemes. format: int32 type: integer schemeTraceId: description: The identifier of the original payment. This ID is provided by the scheme and can be alphanumeric or numeric, depending on the scheme. type: string schemeUniqueTransactionId: description: The unique identifier created by the scheme. This ID can be alphanumeric or numeric depending on the scheme. type: string scores: description: The list of transaction scores. items: $ref: '#/components/schemas/TransactionScoring' type: array threeDSecure: description: The data of the result from the 3DS authentication. $ref: '#/components/schemas/ThreeDSecure' transactionRulesResult: description: Contains the results of the evaluation of the transaction rules. $ref: '#/components/schemas/TransactionRulesResult' validationResult: description: Contains the checks that Adyen performed to validate the payment and the result of each. items: $ref: '#/components/schemas/ValidationResult' type: array type: object RelayedAuthorisationResponse: additionalProperties: false properties: authorisationDecision: description: Object representing the authorization decision. $ref: '#/components/schemas/AuthorisationDecisionResponse' metadata: additionalProperties: type: string description: Object that contains key-value pairs that you can use in your reporting or other business process. type: object reference: description: Reference of the payment. type: string type: object ResourceReference: additionalProperties: false properties: description: description: The description of the resource. type: string id: description: The unique identifier of the resource. type: string reference: description: The reference for the resource. type: string type: object ServiceError: additionalProperties: false properties: errorCode: description: The error code mapped to the error message. type: string errorType: description: The category of the error. type: string message: description: A short explanation of the issue. type: string pspReference: description: The PSP reference of the payment. type: string status: description: The HTTP response status. format: int32 type: integer type: object ThreeDSecure: additionalProperties: false properties: authenticationResult: description: The result from the performed authentication type: string authenticationType: description: The type of the performed authentication type: string type: object TransactionEventViolation: additionalProperties: false properties: reason: description: An explanation about why the transaction rule failed. type: string transactionRule: description: Contains information about the transaction rule. $ref: '#/components/schemas/TransactionRuleReference' transactionRuleSource: description: Contains the type and ID of the resource to which the transaction rule is linked. $ref: '#/components/schemas/TransactionRuleSource' type: object TransactionRuleReference: additionalProperties: false properties: description: description: The description of the resource. type: string id: description: The unique identifier of the resource. type: string reference: description: The reference for the resource. type: string type: object TransactionRuleSource: additionalProperties: false properties: id: description: ID of the resource, when applicable. type: string type: description: "Indicates the type of resource for which the transaction rule\ \ is defined.\n\nPossible values:\n\n * **PaymentInstrumentGroup**\n\n\ * **PaymentInstrument**\n\n* **BalancePlatform**\n\n* **EntityUsageConfiguration**\n\ \n* **PlatformRule**: The transaction rule is a platform-wide rule imposed\ \ by Adyen." type: string type: object TransactionRulesResult: additionalProperties: false properties: advice: description: The advice given by the Risk analysis. type: string allRulesPassed: description: Indicates whether the transaction passed the evaluation for all transaction rules. type: boolean failedTransactionRules: description: Array containing all the transaction rules that the transaction violated. This list is only sent when `allRulesPassed` is **false**. items: $ref: '#/components/schemas/TransactionEventViolation' type: array score: description: The score of the Risk analysis. format: int32 type: integer type: object TransactionScoring: additionalProperties: false properties: type: description: The type of score. type: string value: description: The value of the score. type: string type: object ValidationResult: additionalProperties: false properties: result: description: 'The result of the check. Possible values: - **valid**: The validation was successful. - **invalid**: The validation failed. - **notValidated**: The validation was not performed because some services were unreachable or Adyen does not have the information needed to perform the check. - **notApplicable**: The validation is not applicable.' type: string type: description: Type of check. type: string type: object securitySchemes: BasicAuth: scheme: basic type: http examples: {}