Step 3: Authorise and Capture

Now we need to authorise and capture the payment. We will use SEPA direct debit in our example.

We call the API endpoint POST Smart/Transactions/STX_xxx/prepare/debit, passing the payment instrument:

Request
POST /api/v2/Smart/Transactions/STX_xxx/prepare/debit HTTP/1.1
Host: connect-testing.secupay-ag.de
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Content-Type: application/json
Accept: application/json
 
{
"container": {
"type": "bank_account",
"private": {
"owner": "Max Mustermann",
"iban": "DE35500105175418493188"
}
}
}

In this very moment our system checks whether SEPA direct debit is acceptable in this situation.

Since everything was fine, the API responds with 200 OK, and the object representation:

Response
HTTP/1.1 200 OK
Content-Type: application/json
...
 
{
"object": "smart.transactions",
"id": "STX_2UYAHWYC32X2GT37V32E8BPRNUA2A3",
// ...
"container": {
"object": "payment.containers",
"id": "PCT_3Y42MJPSV2X2GT38A6HZPCXM3RP8AZ",
"type": "bank_account"
},
"transactions": [{
"object": "payment.transactions",
"id": "PCI_WHP5N34N5XX5G5NYU07CC54PJ4Q3N8",
"trans_id": 33326868,
"transaction_hash": "btlkfffnnrjs5183560"
}, {
"object": "payment.transactions",
"id": "PCI_WSG55SGU3SK6BDSKFQBGBN4PJ4Q3N9",
"trans_id": 33326869,
"transaction_hash": "btlkfffnnrjs5183560_33326869",
"reference_id": "1002"
}],
"created": "2021-03-16T18:20:15+01:00",
"updated": "2021-03-16T18:20:16+01:00",
"status": "ok",
// ...
"payment_method": "debit",
"trans_id": 33326868,
// ...
}

Since we used auto_capture when creating the Smart Transaction, the payment is already started. Because the transaction has intent sale, the status changed to ok.

The following objects have been created:

  • the ID of the Payment Transaction (here PCI_FDBREW9ZS7P6FTN4ZY2ATC6NK0QWO7);

  • the ID of the Payment Container (here PCT_W44PJNRAV2NPM7CG6Z0YYE877CJBAZ).

The Payment Transaction is needed to track the payment, and you should save its ID. The Payment Container can be used to make a new payment with the same SEPA direct debit mandate later. It must be used with the Payment Customer it was generated for (s. step 2).

Other payment methods may also include external checks, for instance a 3-D Secure check. This is explained in the Reference part.