Skip to main content

Authorization

Whenever you want to charge the customer using a customer token you need to create an authorization which can be auto captured, or captured at a later stage.

Creating an authorization​

The customer token created previously can be used to charge the customer at any time. The customer is charged by creating an authorization using the customer token.

POST /purchase/authorizations HTTP/1.1
Host: api.uat.walleydev.com // (Please note! Different hostname in production)
Authorization: Bearer bXlVc2VybmFtZTpmN2E1ODA4MGQzZTk0M2VmNWYyMTZlMDE...
Content-Type: application/json

{
"customerToken": "f590b7c4-0d2e-4d99-a3c7-5c1a39f45dce",
"storeId": "1234",
"order": {
"items":[
{
"id": "id-001",
"description": "Description 002",
"unitPrice": "10",
"quantity": "1",
"vat": "25"
},
{
"id": "id-002",
"description": "Description 002",
"unitPrice": "2",
"quantity": "10",
"vat": "12"
}
],
"currency": "EUR",
"reference": "01478520",
"actionReference": "reference 1234",
"captureMode": "Auto"
},
"attemptSchedule": {
"relative": ["00:00:10", "00:00:10", "00:00:10", "00:00:10", "1.00:00:10"],
"absolute": ["2023-12-24T14:00:00", "2023-12-11T18:30:00"],
"preferSynchronous": true
},
"preIdentified" : { "registrationNumber": "12346789", "method": "biometric" }
}

Request Properties​

Request headers

HeaderRequiredExplanation
AuthorizationYesInstructions on how to generate the authorization header value can be found here.
Walley-Idempotency-KeyNoInstructions on how to use idempotency can be found here.
PropertyRequiredExplanation
customerTokenYesThe customer token retrieved from the initial Walley Checkout information
storeIdNoDRAFT Subject to change: If not provided then the store id in the customer token is used
orderYesOrder related information, see order tab
attemptScheduleNoIf not provided, we will perform one asynchronous attempt as soon as possible
preIdentifiedNoDRAFT Subject to change: Set to true if you have performed a strong identification of the buyer, this will disable the identification challenge

Important error responses​

Error codeCause
400Could be missing required properties, invalid schedule, or other client side verifiable errors
401Incorrect, missing or expired bearer token
404The customer token was not found for the authenticated bearer token
422The synchronous authorization could not be performed
503There was some internal error. Please try again