Step 3: Authorise and Capture

Now we need to authorise and capture the payment. We will use SEPA direct debit in our example.

We call the API endpoint POST Smart/Transactions/STX_xxx/prepare/debit , passing the payment instrument:

POST /api/v2/Smart/Transactions/STX_xxx/prepare/debit HTTP/1.1
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Content-Type: application/json
Accept: application/json
"container": {
"type": "bank_account",
"private": {
"owner": "Max Mustermann",
"iban": "DE35500105175418493188"

If everything is fine, the API responds with 200 OK and the object representation:

HTTP/1.1 200 OK
Content-Type: application/json
"object": "smart.transactions",
// ...
"container": {
"object": "payment.containers",
"transactions": [
"object": "payment.transactions",
"created": "2020-03-27T10:55:23+01:00",
"updated": "2020-03-27T10:56:39+01:00",
"status": "ok",
// ...
"payment_method": "debit",
"trans_id": 33326868,
// ...

Since we used auto_capture when creating the Smart Transaction, the payment is started automatically after its authorisation. Status ok, received or collection means you can deliver. Status pending means you have to wait for one of these statusses. Status failed means the payment failed, and you must repeat the payment process.

The following objects have been created:

  • the ID of the Payment Transaction (here PCI_FDBREW9ZS7P6FTN4ZY2ATC6NK0QWO7);

  • the ID of the Payment Container (here PCT_W44PJNRAV2NPM7CG6Z0YYE877CJBAZ).

The Payment Transaction is needed to track the payment, and you should save its ID. The Payment Container can be used to make a new payment with the same SEPA direct debit mandate later. It must be used with the Payment Customer it was generated for (s. step 2).

A 3-D Secure check may be required for credit card payment, which is explained in the Reference part. Likewise PayPal and Sofort.