Payment Consents
PaymentConsent is an API resource to represent the agreement between merchant and Customer of making subsequent payments using the provided PaymentMethod. In general, we can categorize the usages of PaymentConsent into two groups.
- Merchant can initiate the payment without customer's presence (MIT). For example, membership subscription and utilities.
- Customer can initiate the payment without having to input payment method information again (CIT). For example, fast checkout with saved method.
To make payments, you can confirm a PaymentIntent with the reference of PaymentConsent, which must be in the status of VERIFIED, REQUIRES_PAYMENT_METHOD or REQUIRES_CUSTOMER_ACTION. The latter two are only allowed for card and direct debit payment methods as they can be verified directly by the success of the initial payment.
POST /api/v1/pa/payment_consents/createPOST /api/v1/pa/payment_consents/{id}/updatePOST /api/v1/pa/payment_consents/{id}/verifyPOST /api/v1/pa/payment_consents/{id}/verify_continuePOST /api/v1/pa/payment_consents/{id}/disableGET /api/v1/pa/payment_consents/{id}GET /api/v1/pa/payment_consents
Create a PaymentConsent
POST /api/v1/pa/payment_consents/create
Create a PaymentConsent.
Airwallex assigned account identifier of the connected entity(another account which is linked with platform). It is to be used by the platform to indicate the connected entity in the transaction where platform is the owner of transaction. Notice: This can not be used with x-on-behalf-of header together.
Unique identifier from Airwallex of the customer who will make the payment with this PaymentConsent
Indicate whether the subsequent payments are scheduled. Only applicable when next_triggered_by is merchant. One of scheduled, unscheduled, installments.
Default: unscheduled
A set of key-value pairs that can be attached to this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
The party to trigger subsequent payments. One of merchant, customer.
Unique request identifier specified by the merchant. Maximum length is 64.
Terms to specify how this Payment Consent will be used.
The granularity per billing cycle. Required when payment_schedule.period_unit is WEEK, MONTH, or YEAR. (e.g. charge_day_per_billing_cycle= 5, payment_schedule.period_unit = MONTH, payment_schedule.period = 1 if collect payment on the 5th of each month).
End date to expect payment request.
The first payment. It could include the costs associated with the first debited amount.Optional if payment agreement type is VARIABLE.
The fixed payment amount that can be charged for a single payment.Required if payment agreement type is FIXED.
The maximum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The minimum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The agreed type of amounts for subsequent payment. Should be one of FIXED, VARIABLE.
- FIXED: payment amount is fixed. A specific amount is required.
- VARIABLE: payment amount is variable at each collection. A max limit is recommended.
The currency of this payment. Please refer to supported currencies .
The number of period units between billing cycles. For example, the payment cycle is one month if period=1 and period_unit=MONTH. Required when merchant_trigger_reason = scheduled
Specifies billing frequency. One of DAY, WEEK, MONTH, and YEAR. Required when merchant_trigger_reason = scheduled
Start date to expect payment request.
The total number of billing cycles. For example, the mandate will last for 1 year if total_billing_cycles=12, payment_schedule.period=1 and payment_schedule.period_unit=MONTH if the merchant_trigger_reason is scheduled. Merchant can bill customers 12 times when total_billing_cycles=12 if the merchant_trigger_reason is unscheduledThe mandate will continue indefinitely if total_billing_cycles is null.
PaymentConsent's client secret for browser or app. Only returned by PaymentConsent create API.
The provided client_secret is valid for 60 minutes
Account identifier of the connected account.
Time at which this PaymentConsent was created
Unique identifier from Airwallex of the customer who will make the payment with this PaymentConsent
Disable reason. Only applicable when status is DISABLED
Verification failure reason. Only applicable when status is REQUIRES_PAYMENT_METHOD and REQUIRES_CUSTOMER_ACTION.
The failure code returned by Airwallex
The verification failure details.
Consent verification failed. Please retry the consent verification or select a different payment method.
Unique identifier of this PaymentConsent
Unique identifier of the initial PaymentIntent confirmed with this PaymentConsent
An authorization from shopper to merchant to debit payments from their bank account.
The time at which shopper accepts the mandate.
BACS Direct Debit mandate information.
Reference of the Direct Debit instrument.
A unique six-digit number used to identify a business paying or receiving money through a Bacs Direct Debit transaction.
SEPA Direct Debit mandate information.
A unique number used to identify a business paying or receiving money through a SEPA Direct Debit transaction.
Reference of the Direct Debit mandate.
The payment method type of the mandate. Can be ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
The version of the mandate.
Only applicable when next_triggered_by is merchant. One of scheduled, unscheduled, installments.
A set of key-value pairs that can be attached to this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
Next action for merchant
The content type of the request when method is POST. If not provided, the content type should be application/json
The additional data that can be used to complete this action
Email address to send the MicroDeposit verification link. Appears if type is notify_micro_deposits
Fallback url to redirect the shopper to the web page if the redirection to the app fails. Returned only if the flow is mobile_app.
The redirect method if the action type is redirect. One of GET, POST
Number of funds that will be deposited into shopper account. Appears if type is notify_micro_deposits
Android package name. Returned only if the flow is mobile_app and the os_type is android.
QR Code text representation if the action type is redirect, only applicable to wechatpay.
the remaining attempts to verify micro_deposit or retry micro_debit.
Stage of the request flow
Type of next action can be either redirect, redirect_iframe, notify_micro_deposits or retry_micro_debit
The redirect url
The party to trigger subsequent payments. One of merchant, customer
PaymentMethod information attached for subsequent payments
ACH Direct Debit information. Only provided when type is ach_direct_debit.
9-digit number to identify a bank in the US.
4-17 digits number to identify a bank account in the US.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Alipay CN information. Only provided when type is alipaycn.
One of qrcode, mobile_web, mobile_app, mini_program
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Alipay HK information. Only provided when type is alipayhk.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Apple pay information. Only provided when type is applepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
BACS Direct Debit information. Only provided when type is bacs_direct_debit.
8 digits number to identify a bank account in the UK.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes. One of GB, US. Default to GB if not provided
House number and street name, e.g., 777 Casino Drive
Locality name, e.g., Apartment 123
Postcode of the address.
State or province of the address. Should be provided if country code is US. Use the two-character ISO3166-2:US state code.
Post town.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
6-digit number to identify a bank in the UK.
BECS Direct Debit information. Only provided when type is becs_direct_debit.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Account holder's email.
Account holder name.
Card information. Only provided when type is card.
Additional information of external network token requestor. Would return when number_type is EXTERNAL_NETWORK_TOKEN
Merchant Verification Value (Provided by VISA during onboarding) or MasterCard Assigned ID (Provided by MasterCard during onboarding)
Token requestor unique identifier (Provided by card schemes during onboarding)
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
Bank identify number of this card
Brand of the card. One of mastercard, visa, union pay, american express, jcb, discover, diners club international.
Funding type of the card
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Information for Korean Card
A 10-digit business number of the company.
A 6-digit date of birth in the format of YYMMDD.
Card password first 2 digits.
Last four digits of the card number
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Card holder name
Type of the number. One of PAN, EXTERNAL_NETWORK_TOKEN, AIRWALLEX_NETWORK_TOKEN.
DANA information. Only provided when type is dana.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
EFT Direct Debit information. Only provided when type is eft_direct_debit.
4-17 digits number to identify a bank account in Canada.
Indicate whether the account is a business account.
3-digit number to identify a bank institution in Canada.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Identify a bank branch transit in Canada.
GCASH information. Only provided when type is gcash.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Google pay information. Only provided when type is googlepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
Unique identifier of the PaymentMethod attached for subsequent payments. Only provided when type is card.
KAKAOPAY information. Only provided when type is kakaopay.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Payto information. Only provided when type is payto.
The account name.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
The PayID of the recipient.
11 digits number to identify the PayId. Required when phone_number, owner_email, and organisation_id is null.
The organisation id of the recipient. The PayID must be in the format of payid:airwallex.com.
owner email to identify the PayId. Required when phone_number, australian_business_number, and organisation_id is null.
The phone number of the PayId. Required when owner_email, australian_business_number, and organisation_id is null.
SEPA Direct Debit information. Only provided when type is sepa_direct_debit.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes.
Postcode of the address.
street of the address.
town of the address.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The 2-letter ISO country/region code from which the consumer will be paying.
15–34 characters to identify a bank account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Type of the PaymentMethod. One of card, googlepay, applepay, alipayhk, truemoney, gcash, dana, kakaopay, tng, alipaycn, rabbit_line_pay, wechatpay, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
Unique request identifier specified by the merchant
- REQUIRES_PAYMENT_METHOD: Populate
payment_methodwhen calling verify.- This value is returned if
payment_methodis either null, or thepayment_methodhas failed during verify, and a differentpayment_methodshould be provided.
- This value is returned if
- REQUIRES_CUSTOMER_ACTION: Pending customer action, see
next_actionfor details. - PENDING: The mandate of the PaymentConsent has been submitted. It only occurs when payment method type is
bacs_direct_debit. You need to wait for the final result. The status will becomeDISABLEDif the mandate is rejected orVERIFIEDif the mandate is accepted. - PAUSED: The active mandate of the PaymentConsent has been paused. The PaymentConsent can be paused only when the previous status was
VERIFIED. It only occurs when payment method type ispayto. The status will becomeDISABLEDif the mandate is canceled orVERIFIEDif the mandate is resumed. - VERIFIED: The PaymentConsent has been verified and it can be used for subsequent payments.
- DISABLED: The PaymentConsent is disabled. You cannot verify it again.
The terms of this consent.
The granularity per billing cycle. Required when payment_schedule.period_unit is WEEK, MONTH, or YEAR. (e.g. charge_day_per_billing_cycle= 5, payment_schedule.period_unit = MONTH, payment_schedule.period = 1 if collect payment on the 5th of each month).
End date to expect payment request.
The first payment. It could include the costs associated with the first debited amount.Optional if payment agreement type is VARIABLE.
The fixed payment amount that can be charged for a single payment.Required if payment agreement type is FIXED.
The maximum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The minimum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The agreed type of amounts for subsequent payment. Should be one of FIXED, VARIABLE.
- FIXED: payment amount is fixed. A specific amount is required.
- VARIABLE: payment amount is variable at each collection. A max limit is recommended.
The currency of this payment. Please refer to supported currencies .
The number of period units between billing cycles. For example, the payment cycle is one month if period=1 and period_unit=MONTH. Required when merchant_trigger_reason = scheduled
Specifies billing frequency. One of DAY, WEEK, MONTH, and YEAR. Required when merchant_trigger_reason = scheduled
Start date to expect payment request.
The total number of billing cycles. For example, the mandate will last for 1 year if total_billing_cycles=12, payment_schedule.period=1 and payment_schedule.period_unit=MONTH if the merchant_trigger_reason is scheduled. Merchant can bill customers 12 times when total_billing_cycles=12 if the merchant_trigger_reason is unscheduledThe mandate will continue indefinitely if total_billing_cycles is null.
Time at which this PaymentConsent was last updated
| Error status | Description |
|---|---|
| 400 | Bad Request. Possible error codes: |
| 401 | Unauthorized. Possible error codes: |
| 403 | Forbidden |
| 404 | Not Found. Possible error codes: |
| 500 | Server Error. Possible error codes: |
$curl --request POST \> --url 'https://api-demo.airwallex.com/api/v1/pa/payment_consents/create' \> --header 'Authorization: Bearer {{ACCESS_TOKEN}}' \> --header 'Content-Type: application/json' \> --data '{> "customer_id": "cus_hkpdsjz4vg1x3uscdj",> "metadata": {> "subscriptionNumber": "2025040700000001"> },> "next_triggered_by": "merchant",> "merchant_trigger_reason": "scheduled",> "request_id": "0a0753bb-ec35-4a29-34bf-1fa712bc162d">}'
1{2 "id": "cst_hkpdsjz1vg0x1uscdj",3 "request_id": "0a0753bb-ec35-4a29-34bf-1fa712bc162d",4 "customer_id": "cus_hkpdsjz4vg1x3uscdj",5 "status": "REQUIRES_PAYMENT_METHOD",6 "next_triggered_by": "merchant",7 "merchant_trigger_reason": "scheduled",8 "metadata": {9 "subscriptionNumber": "2025040700000001"10 },11 "client_secret": "eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE3MzgzMDY2MzAsImV4cCI6MTczODMxMDIzMCwidHlwZSI6ImNsaWVudC1zZWNyZXQiLCJwYWRjIjoiSEsiLCJhY2NvdW50X2lkIjoiN2EwYzQ3YzctNzM0Zi00NzdmLTk1OWItMzIxNTQyNzgxYTgyIiwiY29uc2VudF9pZCI6ImNzdF9oa3Bkc2p6MXZnMHgxdXNjZGoiLCJjdXN0b21lcl9pZCI6ImN1c19oa3Bkc2p6NHZnMXgzdXNjZGoifQ.c8zs0QlpUy_NwWy_JsHqHSiRpbtpGnIVWNsVHsSvJQ0",12 "created_at": "2021-08-31T06:57:15+00:00",13 "updated_at": "2021-08-31T06:57:15+00:00"14}
Update a PaymentConsent
POST /api/v1/pa/payment_consents/{id}/update
Update the metadata of a PaymentConsent.
PaymentConsent unique identifier
A set of key-value pairs that will be updated for this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
Unique request identifier specified by the merchant. Maximum length is 64.
PaymentConsent's client secret for browser or app. Only returned by PaymentConsent create API.
The provided client_secret is valid for 60 minutes
Account identifier of the connected account.
Time at which this PaymentConsent was created
Unique identifier from Airwallex of the customer who will make the payment with this PaymentConsent
Disable reason. Only applicable when status is DISABLED
Verification failure reason. Only applicable when status is REQUIRES_PAYMENT_METHOD and REQUIRES_CUSTOMER_ACTION.
The failure code returned by Airwallex
The verification failure details.
Consent verification failed. Please retry the consent verification or select a different payment method.
Unique identifier of this PaymentConsent
Unique identifier of the initial PaymentIntent confirmed with this PaymentConsent
An authorization from shopper to merchant to debit payments from their bank account.
The time at which shopper accepts the mandate.
BACS Direct Debit mandate information.
Reference of the Direct Debit instrument.
A unique six-digit number used to identify a business paying or receiving money through a Bacs Direct Debit transaction.
SEPA Direct Debit mandate information.
A unique number used to identify a business paying or receiving money through a SEPA Direct Debit transaction.
Reference of the Direct Debit mandate.
The payment method type of the mandate. Can be ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
The version of the mandate.
Only applicable when next_triggered_by is merchant. One of scheduled, unscheduled, installments.
A set of key-value pairs that can be attached to this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
Next action for merchant
The content type of the request when method is POST. If not provided, the content type should be application/json
The additional data that can be used to complete this action
Email address to send the MicroDeposit verification link. Appears if type is notify_micro_deposits
Fallback url to redirect the shopper to the web page if the redirection to the app fails. Returned only if the flow is mobile_app.
The redirect method if the action type is redirect. One of GET, POST
Number of funds that will be deposited into shopper account. Appears if type is notify_micro_deposits
Android package name. Returned only if the flow is mobile_app and the os_type is android.
QR Code text representation if the action type is redirect, only applicable to wechatpay.
the remaining attempts to verify micro_deposit or retry micro_debit.
Stage of the request flow
Type of next action can be either redirect, redirect_iframe, notify_micro_deposits or retry_micro_debit
The redirect url
The party to trigger subsequent payments. One of merchant, customer
PaymentMethod information attached for subsequent payments
ACH Direct Debit information. Only provided when type is ach_direct_debit.
9-digit number to identify a bank in the US.
4-17 digits number to identify a bank account in the US.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Alipay CN information. Only provided when type is alipaycn.
One of qrcode, mobile_web, mobile_app, mini_program
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Alipay HK information. Only provided when type is alipayhk.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Apple pay information. Only provided when type is applepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
BACS Direct Debit information. Only provided when type is bacs_direct_debit.
8 digits number to identify a bank account in the UK.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes. One of GB, US. Default to GB if not provided
House number and street name, e.g., 777 Casino Drive
Locality name, e.g., Apartment 123
Postcode of the address.
State or province of the address. Should be provided if country code is US. Use the two-character ISO3166-2:US state code.
Post town.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
6-digit number to identify a bank in the UK.
BECS Direct Debit information. Only provided when type is becs_direct_debit.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Account holder's email.
Account holder name.
Card information. Only provided when type is card.
Additional information of external network token requestor. Would return when number_type is EXTERNAL_NETWORK_TOKEN
Merchant Verification Value (Provided by VISA during onboarding) or MasterCard Assigned ID (Provided by MasterCard during onboarding)
Token requestor unique identifier (Provided by card schemes during onboarding)
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
Bank identify number of this card
Brand of the card. One of mastercard, visa, union pay, american express, jcb, discover, diners club international.
Funding type of the card
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Information for Korean Card
A 10-digit business number of the company.
A 6-digit date of birth in the format of YYMMDD.
Card password first 2 digits.
Last four digits of the card number
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Card holder name
Type of the number. One of PAN, EXTERNAL_NETWORK_TOKEN, AIRWALLEX_NETWORK_TOKEN.
DANA information. Only provided when type is dana.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
EFT Direct Debit information. Only provided when type is eft_direct_debit.
4-17 digits number to identify a bank account in Canada.
Indicate whether the account is a business account.
3-digit number to identify a bank institution in Canada.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Identify a bank branch transit in Canada.
GCASH information. Only provided when type is gcash.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Google pay information. Only provided when type is googlepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
Unique identifier of the PaymentMethod attached for subsequent payments. Only provided when type is card.
KAKAOPAY information. Only provided when type is kakaopay.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Payto information. Only provided when type is payto.
The account name.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
The PayID of the recipient.
11 digits number to identify the PayId. Required when phone_number, owner_email, and organisation_id is null.
The organisation id of the recipient. The PayID must be in the format of payid:airwallex.com.
owner email to identify the PayId. Required when phone_number, australian_business_number, and organisation_id is null.
The phone number of the PayId. Required when owner_email, australian_business_number, and organisation_id is null.
SEPA Direct Debit information. Only provided when type is sepa_direct_debit.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes.
Postcode of the address.
street of the address.
town of the address.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The 2-letter ISO country/region code from which the consumer will be paying.
15–34 characters to identify a bank account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Type of the PaymentMethod. One of card, googlepay, applepay, alipayhk, truemoney, gcash, dana, kakaopay, tng, alipaycn, rabbit_line_pay, wechatpay, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
Unique request identifier specified by the merchant
- REQUIRES_PAYMENT_METHOD: Populate
payment_methodwhen calling verify.- This value is returned if
payment_methodis either null, or thepayment_methodhas failed during verify, and a differentpayment_methodshould be provided.
- This value is returned if
- REQUIRES_CUSTOMER_ACTION: Pending customer action, see
next_actionfor details. - PENDING: The mandate of the PaymentConsent has been submitted. It only occurs when payment method type is
bacs_direct_debit. You need to wait for the final result. The status will becomeDISABLEDif the mandate is rejected orVERIFIEDif the mandate is accepted. - PAUSED: The active mandate of the PaymentConsent has been paused. The PaymentConsent can be paused only when the previous status was
VERIFIED. It only occurs when payment method type ispayto. The status will becomeDISABLEDif the mandate is canceled orVERIFIEDif the mandate is resumed. - VERIFIED: The PaymentConsent has been verified and it can be used for subsequent payments.
- DISABLED: The PaymentConsent is disabled. You cannot verify it again.
The terms of this consent.
The granularity per billing cycle. Required when payment_schedule.period_unit is WEEK, MONTH, or YEAR. (e.g. charge_day_per_billing_cycle= 5, payment_schedule.period_unit = MONTH, payment_schedule.period = 1 if collect payment on the 5th of each month).
End date to expect payment request.
The first payment. It could include the costs associated with the first debited amount.Optional if payment agreement type is VARIABLE.
The fixed payment amount that can be charged for a single payment.Required if payment agreement type is FIXED.
The maximum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The minimum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The agreed type of amounts for subsequent payment. Should be one of FIXED, VARIABLE.
- FIXED: payment amount is fixed. A specific amount is required.
- VARIABLE: payment amount is variable at each collection. A max limit is recommended.
The currency of this payment. Please refer to supported currencies .
The number of period units between billing cycles. For example, the payment cycle is one month if period=1 and period_unit=MONTH. Required when merchant_trigger_reason = scheduled
Specifies billing frequency. One of DAY, WEEK, MONTH, and YEAR. Required when merchant_trigger_reason = scheduled
Start date to expect payment request.
The total number of billing cycles. For example, the mandate will last for 1 year if total_billing_cycles=12, payment_schedule.period=1 and payment_schedule.period_unit=MONTH if the merchant_trigger_reason is scheduled. Merchant can bill customers 12 times when total_billing_cycles=12 if the merchant_trigger_reason is unscheduledThe mandate will continue indefinitely if total_billing_cycles is null.
Time at which this PaymentConsent was last updated
| Error status | Description |
|---|---|
| 400 | Bad Request. Possible error codes: |
| 401 | Unauthorized. Possible error codes: |
| 403 | Forbidden |
| 404 | Not Found. Possible error codes: |
| 500 | Server Error. Possible error codes: |
$curl --request POST \> --url 'https://api-demo.airwallex.com/api/v1/pa/payment_consents/cst_hkpdsjz1vg0x1uscdj/update' \> --header 'Authorization: Bearer {{ACCESS_TOKEN}}' \> --header 'Content-Type: application/json' \> --data '{> "request_id": "60ee1700-fdc4-48b2-87e4-0cf21cd2de5e",> "metadata": {> "foo": "bar"> }>}'
1{2 "id": "cst_hkpdsjz1vg0x1uscdj",3 "request_id": "60ee1700-fdc4-48b2-87e4-0cf21cd2de5e",4 "customer_id": "cus_hkpdsjz4vg1x3uscdj",5 "status": "VERIFIED",6 "next_triggered_by": "merchant",7 "merchant_trigger_reason": "scheduled",8 "initial_payment_intent_id": "int_hkpdskz7vg1xc7uscdj",9 "payment_method": {10 "type": "card",11 "id": "mtd_hkpds1z4zh00i2eb1h"12 },13 "metadata": {14 "amount": "10",15 "subscriptionNumber": "2025040700000001"16 },17 "mandate": {},18 "created_at": "2021-08-31T06:57:15+00:00",19 "updated_at": "2021-08-31T07:01:15+00:00"20}
Verify a PaymentConsent
POST /api/v1/pa/payment_consents/{id}/verify
Verify the PaymentConsent with the payment_method details (or payment_method.id if reusing an existing one) when the customer is ready to store payment credentials into the PaymentConsent for subsequent payments.
Additional customer actions might be required to complete the verification for some payment methods. In that case, next_action will be returned to guide you through the process and the PaymentConsent status will be updated to REQUIRES_CUSTOMER_ACTION.
Once the status becomes VERIFIED, the PaymentConsent is ready for making subsequent payments.
When verifying a PaymentConsent initiated by customer, if an existing VERIFIED PaymentConsent already references the provided card or bank account number, the request will be declined with resource_already_exists to avoid generating multiple identical PaymentConsents.
PaymentConsent unique identifier
Descriptor that may be displayed to the customer during the verification.
Client device information. It is recommended to provide this data to increase the odds of having frictionless 3DS.
Accept header value
Browser specific data
Is Java enabled?
Is JavaScript enabled?
User Agent header value
Device unique identifier or Advertisement unique identifier or IMEI
Public IP address, both IPv4 and IPv6 are supported.
Language or locale
Location data
Latitude
Longitude
Mobile specific data
Device model
OS type
OS version
Screen color depth in bits
Screen height in pixels
Screen width in pixels
Timezone offset to UTC in hours, with added minutes if necessary
PaymentMethod information that will be used for subsequent payments.
When payment_method.type is set to card, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit, googlepay, applepay, caller must provide either the payment_method.id of an existing PaymentMethod or the full payload of payment method information with which we will generate a new PaymentMethod.
ACH Direct Debit information.
9-digit number to identify a bank in the US. Required when verification method is micro_deposit. Should not be set when verification method is plaid
4-17 digits number to identify a bank account in the US. Required when verification method is micro_deposit. Should not be set when verification method is plaid
Indicate whether the account is a business account. Default to false.
The version of mandate language. Custom mandate version if you render your own mandate document to the payer instead of the default version provided by Airwallex.
Account holder's email. Required when verification method is micro_deposit.
Account holder name. Required when verification method is micro_deposit.
Verification method. Can be plaid or micro_deposit. Default: micro_deposit
Alipaycn information. flow can be one of qrcode, mobile_web, mobile_app
Refer to the specification above.
One of ios, android. os_type must be set when flow is mobile_web, mobile_app.
Alipayhk information. flow can be one of qrcode, mobile_web, mobile_app
Refer to the specification above.
One of ios, android. os_type must be set when flow is mobile_web, mobile_app.
Apple pay information.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Email address of the customer
First name of the customer. Maximum length is 128.
Last name of the customer. Maximum length is 128.
Phone number of the customer
Payment data from ApplePayPaymentToken
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of emv or three_ds.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Cardholder name
Card number
BACS Direct Debit information.
Required when verification method is micro_deposit. Should not be set when verification method is truelayer
Account holder's address. Required when verification method is micro_deposit.
Country code of the address. Use the two-character ISO Standard Country Codes. One of GB, US. Default to GB if not provided
House number and street name, e.g., 777 Casino Drive
Locality name, e.g., Apartment 123
Postcode of the address.
State or province of the address. Should be provided if country code is US. Use the two-character ISO3166-2:US state code.
Post town.
Bank of the account. Required when verification method is truelayer. Should not be set when verification method is micro_deposit
Indicate whether the account is a business account. Default to false.
The version of mandate language. Custom mandate version if you render your own mandate document to the payer instead of the default version provided by Airwallex.
Account holder's email. Required when verification method is micro_deposit.
Account holder name. Required when verification method is micro_deposit.
6-digit number to identify a bank in the UK. Required when verification method is micro_deposit. Should not be set when verification method is truelayer
Verification method. Can be truelayer or micro_deposit. Default: micro_deposit
BECS Direct Debit information.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
Indicate whether the account is a business account. Default to false.
The version of mandate language. Custom mandate version if you render your own mandate document to the payer instead of the default version provided by Airwallex.
Account holder's email.
Account holder name.
Card information.
Additional information of external network token requestor. Should be provided when number_type is EXTERNAL_NETWORK_TOKEN
Merchant Verification Value (Provided by VISA during onboarding) or MasterCard Assigned ID (Provided by MasterCard during onboarding)
Token requestor unique identifier (Provided by card schemes during onboarding)
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Email address of the customer
First name of the customer. Maximum length is 128.
Last name of the customer. Maximum length is 128.
Phone number of the customer
The cryptogram value. Must be provided if card.number_type is EXTERNAL_NETWORK_TOKEN. Maximum length is 28.
CVC of this card. Required except using external network tokenized
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Authentication data from an external 3D-Secure provider (3RI for MIT subsequent transaction)
Authentication value, will be used to provide proof of authentication for 3DS v2
UUID assigned by the Directory Server to identify a single transaction for 3DS v2
Electronic Commerce Indicator provided by the ACS or DS to indicate the results of the attempt to authenticate the Cardholder
Add the SCA exemptions if your 3DS provider decides any exemptions are applicable. One of TRA, LVP, ANONYMOUS
UUID assigned by the 3DS server to identify a single transaction for 3DS v2
3DS version in the format major.minor.patch
Card holder name. Maximum length is 128.
Card number
Type of the number. One of PAN, EXTERNAL_NETWORK_TOKEN. Default: PAN
Set it to FORCE_3DS if you want to enforce 3DS with our 3DS provider. Set it to EXTERNAL_3DS if you want to use your own 3DS provider, in this case payment_method_options.card.external_three_ds should be provided in the confirm request. Set it to SKIP_3DS if you want to skip 3DS regardless of the risk score. null by default
Dana information. flow can be one of qrcode, mobile_web
Refer to the specification above.
One of ios, android. os_type must be set when flow is mobile_web, mobile_app.
EFT Direct Debit information.
4-17 digits number to identify a bank account in Canada. Required when verification method is micro_deposit or micro_deposit_and_debit. Should not be set when verification method is plaid
Indicate whether the account is a business account. Default to false.
3-digit number to identify a institution in Canada. Required when verification method is micro_deposit or micro_deposit_and_debit.Should not be set when verification method is plaid
The version of mandate language. Custom mandate version if you render your own mandate document to the payer instead of the default version provided by Airwallex.
Account holder's email. Required when verification method is micro_deposit or micro_deposit_and_debit.
Account holder name. Required when verification method is micro_deposit or micro_deposit_and_debit.
5-digit number to identify a bank in Canada. Required when verification method is micro_deposit or micro_deposit_and_debit. Should not be set when verification method is plaid
Verification method. Can be micro_deposit or micro_deposit_and_debit. Default: micro_deposit.
Gcash information. flow can be one of qrcode, mobile_web, mobile_app
Refer to the specification above.
One of ios, android. os_type must be set when flow is mobile_web, mobile_app.
Google pay information.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Email address of the customer
First name of the customer. Maximum length is 128.
Last name of the customer. Maximum length is 128.
Phone number of the customer
A UTF-8 encoded, serialized JSON object with the keys specified.
Authentication data from an external 3D-Secure provider. Only applicable when Google Pay PAN_ONLY authentication method is used.
Authentication value, will be used to provide proof of authentication for 3DS v2
UUID assigned by the Directory Server to identify a single transaction for 3DS v2
Electronic Commerce Indicator provided by the ACS or DS to indicate the results of the attempt to authenticate the Cardholder
Add the SCA exemptions if your 3DS provider decides any exemptions are applicable. One of TRA, LVP, ANONYMOUS
UUID assigned by the 3DS server to identify a single transaction for 3DS v2
3DS version in the format major.minor.patch
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of emv or three_ds.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Cardholder name
Card number
Unique identifier of the PaymentMethod attached for subsequent payments.
Kakaopay information. flow can be one of qrcode, mobile_web, mobile_app
Refer to the specification above.
One of ios, android. os_type must be set when flow is mobile_web, mobile_app.
Payto information.
The account name.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
11 digits number to identify the PayId. Required when phone_number, owner_email, and organisation_id is null.
The organisation id of the recipient. The PayID must be in the format of payid:airwallex.com.
owner email to identify the PayId. Required when phone_number, australian_business_number, and organisation_id is null.
Payer name of the PayId.
The phone number of the PayId. Required when owner_email, australian_business_number, and organisation_id is null.
Rabbit LINE Pay information. flow can be one of qrcode, mobile_web, mobile_app
Refer to the specification above.
One of ios, android. os_type must be set when flow is mobile_web, mobile_app.
SEPA Direct Debit information.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes.
Postcode of the address.
street of the address.
town of the address.
Bank of the account. Required when verification method is truelayer. You can call API to retrieve the available bank names.
Indicate whether the account is a business account. Default to false.
The 2-letter ISO country/region code of the bank account. Required when verification method is truelayer. One of GB, AT, BE, DE, ES, FI, FR, IE, IT, LT, NL, PL, PT, SE.
IBAN of the bank account. Required when verification method is micro_deposit. Should not be set when verification method is truelayer
The version of mandate language. Custom mandate version if you render your own mandate document to the payer instead of the default version provided by Airwallex.
Account holder's email. Required when verification method is micro_deposit.
Account holder name. Required when verification method is micro_deposit.
Verification method. Can be truelayer or micro_deposit. Default: micro_deposit
Tng information. flow can be one of qrcode, mobile_web, mobile_app
Refer to the specification above.
One of ios, android. os_type must be set when flow is mobile_web, mobile_app.
Truemoney information. flow can be one of qrcode, mobile_web, mobile_app
Refer to the specification above.
One of ios, android. os_type must be set when flow is mobile_web, mobile_app.
Type of the PaymentMethod. One of card, googlepay, applepay, alipayhk, truemoney, gcash, dana, kakaopay, tng, alipaycn, rabbit_line_pay, wechatpay, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
Wechat information.
Payment channel. Use pos for POS transactions.
The specific WeChat Pay flow to use. One of qrcode, official_account, mini_program, mobile_app, mobile_web
Required when flow is mini_program
Unique request identifier specified by the merchant. Maximum length is 64.
The web page URL or application scheme URI to redirect the customer after PaymentConsent verification.
Risk Control Options
Set it to true if you want to skip fraud processing. Please contact your account manager to enable the feature to take effect. Defaults to false.
Set it to 'true' if you want to use TRA exemption when create payment intent, only applicable when you skip risk processing
Additional information needed to verify a PaymentConsent
Apple pay information for verifying PaymentConsent
The alternative amount of verification if zero amount is not acceptable for the provider. The transaction of this amount should be reverted once the verification process finished. Must be greater than 0. Please refer to supported currencies for supported minor units.
Currency of the initial PaymentIntent to verify the PaymentConsent. Three-letter ISO 4217 currency code. Must be a supported currency
Card information for verifying PaymentConsent
The alternative amount of verification if zero amount is not acceptable for the provider. The transaction of this amount should be reverted once the verification process finished. Must be greater than 0. Please refer to supported currencies for supported minor units.
Currency of the initial PaymentIntent to verify the PaymentConsent. Three-letter ISO currency code. Must be a supported currency
Google pay information for verifying PaymentConsent
The alternative amount of verification if zero amount is not acceptable for the provider. The transaction of this amount should be reverted once the verification process finished. Must be greater than 0. Please refer to supported currencies for supported minor units.
Currency of the initial PaymentIntent to verify the PaymentConsent. Three-letter ISO currency code. Must be a supported currency .
Authentication data from an external 3D-Secure provider (3RI for MIT subsequent transaction)
Authentication value, will be used to provide proof of authentication for 3DS v2
UUID assigned by the Directory Server to identify a single transaction for 3DS v2
Electronic Commerce Indicator provided by the ACS or DS to indicate the results of the attempt to authenticate the Cardholder
Add the SCA exemptions if your 3DS provider decides any exemptions are applicable. One of TRA, LVP, ANONYMOUS
UUID assigned by the 3DS server to identify a single transaction for 3DS v2
3DS version in the format major.minor.patch
Set it to FORCE_3DS if you want to enforce 3DS with our 3DS provider. Set it to EXTERNAL_3DS if you want to use your own 3DS provider, in this case payment_method_options.card.external_three_ds should be provided in the confirm request. Set it to SKIP_3DS if you want to skip 3DS regardless of the risk score. null by default
WeChat Pay information for verifying PaymentConsent
Indicates the currency of subsequent PaymentIntent that will be processed with this PaymentConsent. Please refer to supported currencies .
PaymentConsent's client secret for browser or app. Only returned by PaymentConsent create API.
The provided client_secret is valid for 60 minutes
Account identifier of the connected account.
Time at which this PaymentConsent was created
Unique identifier from Airwallex of the customer who will make the payment with this PaymentConsent
Disable reason. Only applicable when status is DISABLED
Verification failure reason. Only applicable when status is REQUIRES_PAYMENT_METHOD and REQUIRES_CUSTOMER_ACTION.
The failure code returned by Airwallex
The verification failure details.
Consent verification failed. Please retry the consent verification or select a different payment method.
Unique identifier of this PaymentConsent
Unique identifier of the initial PaymentIntent confirmed with this PaymentConsent
An authorization from shopper to merchant to debit payments from their bank account.
The time at which shopper accepts the mandate.
BACS Direct Debit mandate information.
Reference of the Direct Debit instrument.
A unique six-digit number used to identify a business paying or receiving money through a Bacs Direct Debit transaction.
SEPA Direct Debit mandate information.
A unique number used to identify a business paying or receiving money through a SEPA Direct Debit transaction.
Reference of the Direct Debit mandate.
The payment method type of the mandate. Can be ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
The version of the mandate.
Only applicable when next_triggered_by is merchant. One of scheduled, unscheduled, installments.
A set of key-value pairs that can be attached to this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
Next action for merchant
The content type of the request when method is POST. If not provided, the content type should be application/json
The additional data that can be used to complete this action
Email address to send the MicroDeposit verification link. Appears if type is notify_micro_deposits
Fallback url to redirect the shopper to the web page if the redirection to the app fails. Returned only if the flow is mobile_app.
The redirect method if the action type is redirect. One of GET, POST
Number of funds that will be deposited into shopper account. Appears if type is notify_micro_deposits
Android package name. Returned only if the flow is mobile_app and the os_type is android.
QR Code text representation if the action type is redirect, only applicable to wechatpay.
the remaining attempts to verify micro_deposit or retry micro_debit.
Stage of the request flow
Type of next action can be either redirect, redirect_iframe, notify_micro_deposits or retry_micro_debit
The redirect url
The party to trigger subsequent payments. One of merchant, customer
PaymentMethod information attached for subsequent payments
ACH Direct Debit information. Only provided when type is ach_direct_debit.
9-digit number to identify a bank in the US.
4-17 digits number to identify a bank account in the US.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Alipay CN information. Only provided when type is alipaycn.
One of qrcode, mobile_web, mobile_app, mini_program
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Alipay HK information. Only provided when type is alipayhk.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Apple pay information. Only provided when type is applepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
BACS Direct Debit information. Only provided when type is bacs_direct_debit.
8 digits number to identify a bank account in the UK.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes. One of GB, US. Default to GB if not provided
House number and street name, e.g., 777 Casino Drive
Locality name, e.g., Apartment 123
Postcode of the address.
State or province of the address. Should be provided if country code is US. Use the two-character ISO3166-2:US state code.
Post town.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
6-digit number to identify a bank in the UK.
BECS Direct Debit information. Only provided when type is becs_direct_debit.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Account holder's email.
Account holder name.
Card information. Only provided when type is card.
Additional information of external network token requestor. Would return when number_type is EXTERNAL_NETWORK_TOKEN
Merchant Verification Value (Provided by VISA during onboarding) or MasterCard Assigned ID (Provided by MasterCard during onboarding)
Token requestor unique identifier (Provided by card schemes during onboarding)
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
Bank identify number of this card
Brand of the card. One of mastercard, visa, union pay, american express, jcb, discover, diners club international.
Funding type of the card
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Information for Korean Card
A 10-digit business number of the company.
A 6-digit date of birth in the format of YYMMDD.
Card password first 2 digits.
Last four digits of the card number
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Card holder name
Type of the number. One of PAN, EXTERNAL_NETWORK_TOKEN, AIRWALLEX_NETWORK_TOKEN.
DANA information. Only provided when type is dana.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
EFT Direct Debit information. Only provided when type is eft_direct_debit.
4-17 digits number to identify a bank account in Canada.
Indicate whether the account is a business account.
3-digit number to identify a bank institution in Canada.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Identify a bank branch transit in Canada.
GCASH information. Only provided when type is gcash.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Google pay information. Only provided when type is googlepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
Unique identifier of the PaymentMethod attached for subsequent payments. Only provided when type is card.
KAKAOPAY information. Only provided when type is kakaopay.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Payto information. Only provided when type is payto.
The account name.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
The PayID of the recipient.
11 digits number to identify the PayId. Required when phone_number, owner_email, and organisation_id is null.
The organisation id of the recipient. The PayID must be in the format of payid:airwallex.com.
owner email to identify the PayId. Required when phone_number, australian_business_number, and organisation_id is null.
The phone number of the PayId. Required when owner_email, australian_business_number, and organisation_id is null.
SEPA Direct Debit information. Only provided when type is sepa_direct_debit.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes.
Postcode of the address.
street of the address.
town of the address.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The 2-letter ISO country/region code from which the consumer will be paying.
15–34 characters to identify a bank account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Type of the PaymentMethod. One of card, googlepay, applepay, alipayhk, truemoney, gcash, dana, kakaopay, tng, alipaycn, rabbit_line_pay, wechatpay, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
Unique request identifier specified by the merchant
- REQUIRES_PAYMENT_METHOD: Populate
payment_methodwhen calling verify.- This value is returned if
payment_methodis either null, or thepayment_methodhas failed during verify, and a differentpayment_methodshould be provided.
- This value is returned if
- REQUIRES_CUSTOMER_ACTION: Pending customer action, see
next_actionfor details. - PENDING: The mandate of the PaymentConsent has been submitted. It only occurs when payment method type is
bacs_direct_debit. You need to wait for the final result. The status will becomeDISABLEDif the mandate is rejected orVERIFIEDif the mandate is accepted. - PAUSED: The active mandate of the PaymentConsent has been paused. The PaymentConsent can be paused only when the previous status was
VERIFIED. It only occurs when payment method type ispayto. The status will becomeDISABLEDif the mandate is canceled orVERIFIEDif the mandate is resumed. - VERIFIED: The PaymentConsent has been verified and it can be used for subsequent payments.
- DISABLED: The PaymentConsent is disabled. You cannot verify it again.
The terms of this consent.
The granularity per billing cycle. Required when payment_schedule.period_unit is WEEK, MONTH, or YEAR. (e.g. charge_day_per_billing_cycle= 5, payment_schedule.period_unit = MONTH, payment_schedule.period = 1 if collect payment on the 5th of each month).
End date to expect payment request.
The first payment. It could include the costs associated with the first debited amount.Optional if payment agreement type is VARIABLE.
The fixed payment amount that can be charged for a single payment.Required if payment agreement type is FIXED.
The maximum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The minimum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The agreed type of amounts for subsequent payment. Should be one of FIXED, VARIABLE.
- FIXED: payment amount is fixed. A specific amount is required.
- VARIABLE: payment amount is variable at each collection. A max limit is recommended.
The currency of this payment. Please refer to supported currencies .
The number of period units between billing cycles. For example, the payment cycle is one month if period=1 and period_unit=MONTH. Required when merchant_trigger_reason = scheduled
Specifies billing frequency. One of DAY, WEEK, MONTH, and YEAR. Required when merchant_trigger_reason = scheduled
Start date to expect payment request.
The total number of billing cycles. For example, the mandate will last for 1 year if total_billing_cycles=12, payment_schedule.period=1 and payment_schedule.period_unit=MONTH if the merchant_trigger_reason is scheduled. Merchant can bill customers 12 times when total_billing_cycles=12 if the merchant_trigger_reason is unscheduledThe mandate will continue indefinitely if total_billing_cycles is null.
Time at which this PaymentConsent was last updated
| Error status | Description |
|---|---|
| 400 | Bad Request. Possible error codes: |
| 401 | Unauthorized. Possible error codes: |
| 403 | Forbidden |
| 404 | Not Found. Possible error codes: |
| 500 | Server Error. Possible error codes: |
$curl --request POST \> --url 'https://api-demo.airwallex.com/api/v1/pa/payment_consents/cst_hkpdsjz1vg0x1uscdj/verify' \> --header 'Authorization: Bearer {{ACCESS_TOKEN}}' \> --header 'Content-Type: application/json' \> --data '{> "request_id": "3a3bafab-79ac-4e75-a966-01cf6c62056f",> "device_data": {> "device_id": "59ec5db9-399c-4043-9a6c-fcd1a48d99aa",> "language": "en-AU",> "screen_color_depth": 32,> "screen_height": 800,> "screen_width": 390> },> "payment_method": {> "type": "card",> "card": {> "number": "4035501000000008",> "expiry_month": "03",> "expiry_year": "2030",> "name": "John Doe",> "cvc": "737"> }> },> "verification_options": {> "card": {> "amount": 0.01,> "currency": "USD"> }> },> "return_url": "https://www.airwallex.com",> "should_check_duplicate_cit_consent": false>}'
1{2 "id": "cst_hkpdsjz1vg0x1uscdj",3 "request_id": "3a3bafab-79ac-4e75-a966-01cf6c62056f",4 "customer_id": "cus_hkpdsjz4vg1x3uscdj",5 "status": "REQUIRES_CUSTOMER_ACTION",6 "next_triggered_by": "merchant",7 "merchant_trigger_reason": "scheduled",8 "initial_payment_intent_id": "int_hkpdskz7vg1xc7uscdj",9 "payment_method": {10 "type": "card",11 "id": "mtd_hkpds1z4zh00i2eb1h",12 "card": {13 "expiry_month": "03",14 "expiry_year": "2030",15 "name": "John Doe",16 "bin": "403550",17 "last4": "0008",18 "brand": "visa",19 "issuer_country_code": "US",20 "card_type": "CREDIT",21 "fingerprint": "AKvN4TqxI04SNFZ+oYRXaECtDA==",22 "billing": {23 "first_name": "John",24 "last_name": "Doe",25 "email": "[email protected]",26 "phone_number": "+1 1234567890",27 "address": {28 "country_code": "US",29 "state": "CA",30 "city": "San Francisco",31 "street": "1460 Mission St.#02W101",32 "postcode": "94103"33 }34 },35 "issuer_name": "JPMorgan Chase",36 "is_commercial": false,37 "number_type": "PAN"38 }39 },40 "metadata": {41 "amount": "10",42 "subscriptionNumber": "2025040700000001"43 },44 "mandate": {},45 "next_action": {46 "type": "redirect_iframe",47 "method": "GET",48 "url": "https://www.example.com/redirect",49 "stage": "WAITING_DEVICE_DATA_COLLECTION"50 },51 "created_at": "2021-08-31T06:57:15+00:00",52 "updated_at": "2021-08-31T07:01:15+00:00"53}
Continue to verify a PaymentConsent
POST /api/v1/pa/payment_consents/{id}/verify_continue
Continue verify a paymentConsent, required when verification method is micro-deposit. Merchants can use this api to verify the amount of micro-deposit if the payment consent wait for the verification result of micro-deposit. Micro-debit is triggered when micro-deposit is triggered, micro-debit is not part of micro-deposit verification. If micro-deposit is success and micro-debit failed, merchants can use this api to retry micro-debit.
PaymentConsent unique identifier
The verification request of micro-deposit, required only if type is verify_micro_deposits
The amounts of the micro-deposit in the shopper’s bank statement. Please refer to supported currencies for supported minor units.
Unique request identifier specified by the merchant
Type of the continue type. One of verify_micro_deposits, retry_micro_debit.
PaymentConsent's client secret for browser or app. Only returned by PaymentConsent create API.
The provided client_secret is valid for 60 minutes
Account identifier of the connected account.
Time at which this PaymentConsent was created
Unique identifier from Airwallex of the customer who will make the payment with this PaymentConsent
Disable reason. Only applicable when status is DISABLED
Verification failure reason. Only applicable when status is REQUIRES_PAYMENT_METHOD and REQUIRES_CUSTOMER_ACTION.
The failure code returned by Airwallex
The verification failure details.
Consent verification failed. Please retry the consent verification or select a different payment method.
Unique identifier of this PaymentConsent
Unique identifier of the initial PaymentIntent confirmed with this PaymentConsent
An authorization from shopper to merchant to debit payments from their bank account.
The time at which shopper accepts the mandate.
BACS Direct Debit mandate information.
Reference of the Direct Debit instrument.
A unique six-digit number used to identify a business paying or receiving money through a Bacs Direct Debit transaction.
SEPA Direct Debit mandate information.
A unique number used to identify a business paying or receiving money through a SEPA Direct Debit transaction.
Reference of the Direct Debit mandate.
The payment method type of the mandate. Can be ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
The version of the mandate.
Only applicable when next_triggered_by is merchant. One of scheduled, unscheduled, installments.
A set of key-value pairs that can be attached to this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
Next action for merchant
The content type of the request when method is POST. If not provided, the content type should be application/json
The additional data that can be used to complete this action
Email address to send the MicroDeposit verification link. Appears if type is notify_micro_deposits
Fallback url to redirect the shopper to the web page if the redirection to the app fails. Returned only if the flow is mobile_app.
The redirect method if the action type is redirect. One of GET, POST
Number of funds that will be deposited into shopper account. Appears if type is notify_micro_deposits
Android package name. Returned only if the flow is mobile_app and the os_type is android.
QR Code text representation if the action type is redirect, only applicable to wechatpay.
the remaining attempts to verify micro_deposit or retry micro_debit.
Stage of the request flow
Type of next action can be either redirect, redirect_iframe, notify_micro_deposits or retry_micro_debit
The redirect url
The party to trigger subsequent payments. One of merchant, customer
PaymentMethod information attached for subsequent payments
ACH Direct Debit information. Only provided when type is ach_direct_debit.
9-digit number to identify a bank in the US.
4-17 digits number to identify a bank account in the US.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Alipay CN information. Only provided when type is alipaycn.
One of qrcode, mobile_web, mobile_app, mini_program
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Alipay HK information. Only provided when type is alipayhk.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Apple pay information. Only provided when type is applepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
BACS Direct Debit information. Only provided when type is bacs_direct_debit.
8 digits number to identify a bank account in the UK.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes. One of GB, US. Default to GB if not provided
House number and street name, e.g., 777 Casino Drive
Locality name, e.g., Apartment 123
Postcode of the address.
State or province of the address. Should be provided if country code is US. Use the two-character ISO3166-2:US state code.
Post town.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
6-digit number to identify a bank in the UK.
BECS Direct Debit information. Only provided when type is becs_direct_debit.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Account holder's email.
Account holder name.
Card information. Only provided when type is card.
Additional information of external network token requestor. Would return when number_type is EXTERNAL_NETWORK_TOKEN
Merchant Verification Value (Provided by VISA during onboarding) or MasterCard Assigned ID (Provided by MasterCard during onboarding)
Token requestor unique identifier (Provided by card schemes during onboarding)
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
Bank identify number of this card
Brand of the card. One of mastercard, visa, union pay, american express, jcb, discover, diners club international.
Funding type of the card
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Information for Korean Card
A 10-digit business number of the company.
A 6-digit date of birth in the format of YYMMDD.
Card password first 2 digits.
Last four digits of the card number
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Card holder name
Type of the number. One of PAN, EXTERNAL_NETWORK_TOKEN, AIRWALLEX_NETWORK_TOKEN.
DANA information. Only provided when type is dana.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
EFT Direct Debit information. Only provided when type is eft_direct_debit.
4-17 digits number to identify a bank account in Canada.
Indicate whether the account is a business account.
3-digit number to identify a bank institution in Canada.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Identify a bank branch transit in Canada.
GCASH information. Only provided when type is gcash.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Google pay information. Only provided when type is googlepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
Unique identifier of the PaymentMethod attached for subsequent payments. Only provided when type is card.
KAKAOPAY information. Only provided when type is kakaopay.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Payto information. Only provided when type is payto.
The account name.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
The PayID of the recipient.
11 digits number to identify the PayId. Required when phone_number, owner_email, and organisation_id is null.
The organisation id of the recipient. The PayID must be in the format of payid:airwallex.com.
owner email to identify the PayId. Required when phone_number, australian_business_number, and organisation_id is null.
The phone number of the PayId. Required when owner_email, australian_business_number, and organisation_id is null.
SEPA Direct Debit information. Only provided when type is sepa_direct_debit.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes.
Postcode of the address.
street of the address.
town of the address.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The 2-letter ISO country/region code from which the consumer will be paying.
15–34 characters to identify a bank account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Type of the PaymentMethod. One of card, googlepay, applepay, alipayhk, truemoney, gcash, dana, kakaopay, tng, alipaycn, rabbit_line_pay, wechatpay, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
Unique request identifier specified by the merchant
- REQUIRES_PAYMENT_METHOD: Populate
payment_methodwhen calling verify.- This value is returned if
payment_methodis either null, or thepayment_methodhas failed during verify, and a differentpayment_methodshould be provided.
- This value is returned if
- REQUIRES_CUSTOMER_ACTION: Pending customer action, see
next_actionfor details. - PENDING: The mandate of the PaymentConsent has been submitted. It only occurs when payment method type is
bacs_direct_debit. You need to wait for the final result. The status will becomeDISABLEDif the mandate is rejected orVERIFIEDif the mandate is accepted. - PAUSED: The active mandate of the PaymentConsent has been paused. The PaymentConsent can be paused only when the previous status was
VERIFIED. It only occurs when payment method type ispayto. The status will becomeDISABLEDif the mandate is canceled orVERIFIEDif the mandate is resumed. - VERIFIED: The PaymentConsent has been verified and it can be used for subsequent payments.
- DISABLED: The PaymentConsent is disabled. You cannot verify it again.
The terms of this consent.
The granularity per billing cycle. Required when payment_schedule.period_unit is WEEK, MONTH, or YEAR. (e.g. charge_day_per_billing_cycle= 5, payment_schedule.period_unit = MONTH, payment_schedule.period = 1 if collect payment on the 5th of each month).
End date to expect payment request.
The first payment. It could include the costs associated with the first debited amount.Optional if payment agreement type is VARIABLE.
The fixed payment amount that can be charged for a single payment.Required if payment agreement type is FIXED.
The maximum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The minimum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The agreed type of amounts for subsequent payment. Should be one of FIXED, VARIABLE.
- FIXED: payment amount is fixed. A specific amount is required.
- VARIABLE: payment amount is variable at each collection. A max limit is recommended.
The currency of this payment. Please refer to supported currencies .
The number of period units between billing cycles. For example, the payment cycle is one month if period=1 and period_unit=MONTH. Required when merchant_trigger_reason = scheduled
Specifies billing frequency. One of DAY, WEEK, MONTH, and YEAR. Required when merchant_trigger_reason = scheduled
Start date to expect payment request.
The total number of billing cycles. For example, the mandate will last for 1 year if total_billing_cycles=12, payment_schedule.period=1 and payment_schedule.period_unit=MONTH if the merchant_trigger_reason is scheduled. Merchant can bill customers 12 times when total_billing_cycles=12 if the merchant_trigger_reason is unscheduledThe mandate will continue indefinitely if total_billing_cycles is null.
Time at which this PaymentConsent was last updated
| Error status | Description |
|---|---|
| 400 | Bad Request. Possible error codes: |
| 401 | Unauthorized. Possible error codes: |
| 403 | Forbidden |
| 404 | Not Found. Possible error codes: |
| 500 | Server Error. Possible error codes: |
$curl --request POST \> --url 'https://api-demo.airwallex.com/api/v1/pa/payment_consents/cst_hkpdsjz1vg0x1uscdj/verify_continue' \> --header 'Authorization: Bearer {{ACCESS_TOKEN}}' \> --header 'Content-Type: application/json' \> --data '{> "request_id": "a1b6d685-ce24-4214-afda-71922546c57a",> "type": "verify_micro_deposits",> "micro_deposit": {> "amounts": [> 0.01,> 0.02> ]> }>}'
1{2 "id": "cst_hkpdsjz1vg0x1uscdj",3 "request_id": "a1b6d685-ce24-4214-afda-71922546c57a",4 "customer_id": "cus_hkpdsjz4vg1x3uscdj",5 "status": "PENDING",6 "next_triggered_by": "merchant",7 "merchant_trigger_reason": "scheduled",8 "metadata": {9 "foo": "bar"10 },11 "client_secret": "eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE3MzgzMDY2MzAsImV4cCI6MTczODMxMDIzMCwidHlwZSI6ImNsaWVudC1zZWNyZXQiLCJwYWRjIjoiSEsiLCJhY2NvdW50X2lkIjoiN2EwYzQ3YzctNzM0Zi00NzdmLTk1OWItMzIxNTQyNzgxYTgyIiwiY29uc2VudF9pZCI6ImNzdF9oa3Bkc2p6MXZnMHgxdXNjZGoiLCJjdXN0b21lcl9pZCI6ImN1c19oa3Bkc2p6NHZnMXgzdXNjZGoifQ.c8zs0QlpUy_NwWy_JsHqHSiRpbtpGnIVWNsVHsSvJQ0",12 "mandate": {13 "type": "verify_micro_deposits",14 "sepa_direct_debit": {15 "creditor_identifier": "DE123456789",16 "reference": "REF123456789"17 },18 "version": "1.0",19 "accepted_at": "2021-08-31T07:01:15+00:00"20 },21 "created_at": "2021-08-31T06:57:15+00:00",22 "updated_at": "2021-08-31T07:01:15+00:00"23}
Disable a PaymentConsent
POST /api/v1/pa/payment_consents/{id}/disable
Disable a PaymentConsent by unique identifier. After a PaymentConsent is disabled, the status will become DISABLED and the PaymentConsent cannot be used or updated.
PaymentConsent unique identifier
Unique request identifier specified by the merchant. Maximum length is 64.
PaymentConsent's client secret for browser or app. Only returned by PaymentConsent create API.
The provided client_secret is valid for 60 minutes
Account identifier of the connected account.
Time at which this PaymentConsent was created
Unique identifier from Airwallex of the customer who will make the payment with this PaymentConsent
Disable reason. Only applicable when status is DISABLED
Verification failure reason. Only applicable when status is REQUIRES_PAYMENT_METHOD and REQUIRES_CUSTOMER_ACTION.
The failure code returned by Airwallex
The verification failure details.
Consent verification failed. Please retry the consent verification or select a different payment method.
Unique identifier of this PaymentConsent
Unique identifier of the initial PaymentIntent confirmed with this PaymentConsent
An authorization from shopper to merchant to debit payments from their bank account.
The time at which shopper accepts the mandate.
BACS Direct Debit mandate information.
Reference of the Direct Debit instrument.
A unique six-digit number used to identify a business paying or receiving money through a Bacs Direct Debit transaction.
SEPA Direct Debit mandate information.
A unique number used to identify a business paying or receiving money through a SEPA Direct Debit transaction.
Reference of the Direct Debit mandate.
The payment method type of the mandate. Can be ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
The version of the mandate.
Only applicable when next_triggered_by is merchant. One of scheduled, unscheduled, installments.
A set of key-value pairs that can be attached to this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
Next action for merchant
The content type of the request when method is POST. If not provided, the content type should be application/json
The additional data that can be used to complete this action
Email address to send the MicroDeposit verification link. Appears if type is notify_micro_deposits
Fallback url to redirect the shopper to the web page if the redirection to the app fails. Returned only if the flow is mobile_app.
The redirect method if the action type is redirect. One of GET, POST
Number of funds that will be deposited into shopper account. Appears if type is notify_micro_deposits
Android package name. Returned only if the flow is mobile_app and the os_type is android.
QR Code text representation if the action type is redirect, only applicable to wechatpay.
the remaining attempts to verify micro_deposit or retry micro_debit.
Stage of the request flow
Type of next action can be either redirect, redirect_iframe, notify_micro_deposits or retry_micro_debit
The redirect url
The party to trigger subsequent payments. One of merchant, customer
PaymentMethod information attached for subsequent payments
ACH Direct Debit information. Only provided when type is ach_direct_debit.
9-digit number to identify a bank in the US.
4-17 digits number to identify a bank account in the US.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Alipay CN information. Only provided when type is alipaycn.
One of qrcode, mobile_web, mobile_app, mini_program
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Alipay HK information. Only provided when type is alipayhk.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Apple pay information. Only provided when type is applepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
BACS Direct Debit information. Only provided when type is bacs_direct_debit.
8 digits number to identify a bank account in the UK.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes. One of GB, US. Default to GB if not provided
House number and street name, e.g., 777 Casino Drive
Locality name, e.g., Apartment 123
Postcode of the address.
State or province of the address. Should be provided if country code is US. Use the two-character ISO3166-2:US state code.
Post town.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
6-digit number to identify a bank in the UK.
BECS Direct Debit information. Only provided when type is becs_direct_debit.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Account holder's email.
Account holder name.
Card information. Only provided when type is card.
Additional information of external network token requestor. Would return when number_type is EXTERNAL_NETWORK_TOKEN
Merchant Verification Value (Provided by VISA during onboarding) or MasterCard Assigned ID (Provided by MasterCard during onboarding)
Token requestor unique identifier (Provided by card schemes during onboarding)
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
Bank identify number of this card
Brand of the card. One of mastercard, visa, union pay, american express, jcb, discover, diners club international.
Funding type of the card
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Information for Korean Card
A 10-digit business number of the company.
A 6-digit date of birth in the format of YYMMDD.
Card password first 2 digits.
Last four digits of the card number
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Card holder name
Type of the number. One of PAN, EXTERNAL_NETWORK_TOKEN, AIRWALLEX_NETWORK_TOKEN.
DANA information. Only provided when type is dana.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
EFT Direct Debit information. Only provided when type is eft_direct_debit.
4-17 digits number to identify a bank account in Canada.
Indicate whether the account is a business account.
3-digit number to identify a bank institution in Canada.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Identify a bank branch transit in Canada.
GCASH information. Only provided when type is gcash.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Google pay information. Only provided when type is googlepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
Unique identifier of the PaymentMethod attached for subsequent payments. Only provided when type is card.
KAKAOPAY information. Only provided when type is kakaopay.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Payto information. Only provided when type is payto.
The account name.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
The PayID of the recipient.
11 digits number to identify the PayId. Required when phone_number, owner_email, and organisation_id is null.
The organisation id of the recipient. The PayID must be in the format of payid:airwallex.com.
owner email to identify the PayId. Required when phone_number, australian_business_number, and organisation_id is null.
The phone number of the PayId. Required when owner_email, australian_business_number, and organisation_id is null.
SEPA Direct Debit information. Only provided when type is sepa_direct_debit.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes.
Postcode of the address.
street of the address.
town of the address.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The 2-letter ISO country/region code from which the consumer will be paying.
15–34 characters to identify a bank account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Type of the PaymentMethod. One of card, googlepay, applepay, alipayhk, truemoney, gcash, dana, kakaopay, tng, alipaycn, rabbit_line_pay, wechatpay, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
Unique request identifier specified by the merchant
- REQUIRES_PAYMENT_METHOD: Populate
payment_methodwhen calling verify.- This value is returned if
payment_methodis either null, or thepayment_methodhas failed during verify, and a differentpayment_methodshould be provided.
- This value is returned if
- REQUIRES_CUSTOMER_ACTION: Pending customer action, see
next_actionfor details. - PENDING: The mandate of the PaymentConsent has been submitted. It only occurs when payment method type is
bacs_direct_debit. You need to wait for the final result. The status will becomeDISABLEDif the mandate is rejected orVERIFIEDif the mandate is accepted. - PAUSED: The active mandate of the PaymentConsent has been paused. The PaymentConsent can be paused only when the previous status was
VERIFIED. It only occurs when payment method type ispayto. The status will becomeDISABLEDif the mandate is canceled orVERIFIEDif the mandate is resumed. - VERIFIED: The PaymentConsent has been verified and it can be used for subsequent payments.
- DISABLED: The PaymentConsent is disabled. You cannot verify it again.
The terms of this consent.
The granularity per billing cycle. Required when payment_schedule.period_unit is WEEK, MONTH, or YEAR. (e.g. charge_day_per_billing_cycle= 5, payment_schedule.period_unit = MONTH, payment_schedule.period = 1 if collect payment on the 5th of each month).
End date to expect payment request.
The first payment. It could include the costs associated with the first debited amount.Optional if payment agreement type is VARIABLE.
The fixed payment amount that can be charged for a single payment.Required if payment agreement type is FIXED.
The maximum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The minimum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The agreed type of amounts for subsequent payment. Should be one of FIXED, VARIABLE.
- FIXED: payment amount is fixed. A specific amount is required.
- VARIABLE: payment amount is variable at each collection. A max limit is recommended.
The currency of this payment. Please refer to supported currencies .
The number of period units between billing cycles. For example, the payment cycle is one month if period=1 and period_unit=MONTH. Required when merchant_trigger_reason = scheduled
Specifies billing frequency. One of DAY, WEEK, MONTH, and YEAR. Required when merchant_trigger_reason = scheduled
Start date to expect payment request.
The total number of billing cycles. For example, the mandate will last for 1 year if total_billing_cycles=12, payment_schedule.period=1 and payment_schedule.period_unit=MONTH if the merchant_trigger_reason is scheduled. Merchant can bill customers 12 times when total_billing_cycles=12 if the merchant_trigger_reason is unscheduledThe mandate will continue indefinitely if total_billing_cycles is null.
Time at which this PaymentConsent was last updated
| Error status | Description |
|---|---|
| 400 | Bad Request. Possible error codes: |
| 401 | Unauthorized. Possible error codes: |
| 403 | Forbidden |
| 404 | Not Found. Possible error codes: |
| 500 | Server Error. Possible error codes: |
$curl --request POST \> --url 'https://api-demo.airwallex.com/api/v1/pa/payment_consents/cst_hkpdsjz1vg0x1uscdj/disable' \> --header 'Authorization: Bearer {{ACCESS_TOKEN}}' \> --header 'Content-Type: application/json' \> --data '{> "request_id": "43c4e930-1130-43ae-bfb2-b60cbfe1297f">}'
1{2 "id": "cst_hkpdsjz1vg0x1uscdj",3 "request_id": "43c4e930-1130-43ae-bfb2-b60cbfe1297f",4 "customer_id": "cus_hkpdsjz4vg1x3uscdj",5 "status": "DISABLED",6 "next_triggered_by": "merchant",7 "merchant_trigger_reason": "scheduled",8 "initial_payment_intent_id": "int_hkpdskz7vg1xc7uscdj",9 "payment_method": {10 "type": "card",11 "id": "mtd_hkpds1z4zh00i2eb1h",12 "card": {13 "expiry_month": "03",14 "expiry_year": "2030",15 "name": "John Doe",16 "bin": "403550",17 "last4": "0008",18 "brand": "visa",19 "issuer_country_code": "US",20 "card_type": "CREDIT",21 "fingerprint": "AKvN4TqxI04SNFZ+oYRXaECtDA==",22 "billing": {23 "first_name": "John",24 "last_name": "Doe",25 "email": "[email protected]",26 "phone_number": "+1 1234567890",27 "address": {28 "country_code": "US",29 "state": "CA",30 "city": "San Francisco",31 "street": "1460 Mission St.#02W101",32 "postcode": "94103"33 }34 },35 "issuer_name": "JPMorgan Chase",36 "is_commercial": false,37 "number_type": "PAN"38 }39 },40 "metadata": {41 "amount": "10",42 "subscriptionNumber": "2025040700000001"43 },44 "mandate": {},45 "created_at": "2021-08-31T06:57:15+00:00",46 "updated_at": "2021-08-31T07:01:15+00:00"47}
Retrieve a PaymentConsent
GET /api/v1/pa/payment_consents/{id}
Retrieve a PaymentConsent by unique identifier
PaymentConsent unique identifier
PaymentConsent's client secret for browser or app. Only returned by PaymentConsent create API.
The provided client_secret is valid for 60 minutes
Account identifier of the connected account.
Time at which this PaymentConsent was created
Unique identifier from Airwallex of the customer who will make the payment with this PaymentConsent
Disable reason. Only applicable when status is DISABLED
Verification failure reason. Only applicable when status is REQUIRES_PAYMENT_METHOD and REQUIRES_CUSTOMER_ACTION.
The failure code returned by Airwallex
The verification failure details.
Consent verification failed. Please retry the consent verification or select a different payment method.
Unique identifier of this PaymentConsent
Unique identifier of the initial PaymentIntent confirmed with this PaymentConsent
An authorization from shopper to merchant to debit payments from their bank account.
The time at which shopper accepts the mandate.
BACS Direct Debit mandate information.
Reference of the Direct Debit instrument.
A unique six-digit number used to identify a business paying or receiving money through a Bacs Direct Debit transaction.
SEPA Direct Debit mandate information.
A unique number used to identify a business paying or receiving money through a SEPA Direct Debit transaction.
Reference of the Direct Debit mandate.
The payment method type of the mandate. Can be ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
The version of the mandate.
Only applicable when next_triggered_by is merchant. One of scheduled, unscheduled, installments.
A set of key-value pairs that can be attached to this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
Next action for merchant
The content type of the request when method is POST. If not provided, the content type should be application/json
The additional data that can be used to complete this action
Email address to send the MicroDeposit verification link. Appears if type is notify_micro_deposits
Fallback url to redirect the shopper to the web page if the redirection to the app fails. Returned only if the flow is mobile_app.
The redirect method if the action type is redirect. One of GET, POST
Number of funds that will be deposited into shopper account. Appears if type is notify_micro_deposits
Android package name. Returned only if the flow is mobile_app and the os_type is android.
QR Code text representation if the action type is redirect, only applicable to wechatpay.
the remaining attempts to verify micro_deposit or retry micro_debit.
Stage of the request flow
Type of next action can be either redirect, redirect_iframe, notify_micro_deposits or retry_micro_debit
The redirect url
The party to trigger subsequent payments. One of merchant, customer
PaymentMethod information attached for subsequent payments
ACH Direct Debit information. Only provided when type is ach_direct_debit.
9-digit number to identify a bank in the US.
4-17 digits number to identify a bank account in the US.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Alipay CN information. Only provided when type is alipaycn.
One of qrcode, mobile_web, mobile_app, mini_program
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Alipay HK information. Only provided when type is alipayhk.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Apple pay information. Only provided when type is applepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
BACS Direct Debit information. Only provided when type is bacs_direct_debit.
8 digits number to identify a bank account in the UK.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes. One of GB, US. Default to GB if not provided
House number and street name, e.g., 777 Casino Drive
Locality name, e.g., Apartment 123
Postcode of the address.
State or province of the address. Should be provided if country code is US. Use the two-character ISO3166-2:US state code.
Post town.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
6-digit number to identify a bank in the UK.
BECS Direct Debit information. Only provided when type is becs_direct_debit.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Account holder's email.
Account holder name.
Card information. Only provided when type is card.
Additional information of external network token requestor. Would return when number_type is EXTERNAL_NETWORK_TOKEN
Merchant Verification Value (Provided by VISA during onboarding) or MasterCard Assigned ID (Provided by MasterCard during onboarding)
Token requestor unique identifier (Provided by card schemes during onboarding)
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
Bank identify number of this card
Brand of the card. One of mastercard, visa, union pay, american express, jcb, discover, diners club international.
Funding type of the card
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Information for Korean Card
A 10-digit business number of the company.
A 6-digit date of birth in the format of YYMMDD.
Card password first 2 digits.
Last four digits of the card number
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Card holder name
Type of the number. One of PAN, EXTERNAL_NETWORK_TOKEN, AIRWALLEX_NETWORK_TOKEN.
DANA information. Only provided when type is dana.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
EFT Direct Debit information. Only provided when type is eft_direct_debit.
4-17 digits number to identify a bank account in Canada.
Indicate whether the account is a business account.
3-digit number to identify a bank institution in Canada.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Identify a bank branch transit in Canada.
GCASH information. Only provided when type is gcash.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Google pay information. Only provided when type is googlepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
Unique identifier of the PaymentMethod attached for subsequent payments. Only provided when type is card.
KAKAOPAY information. Only provided when type is kakaopay.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Payto information. Only provided when type is payto.
The account name.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
The PayID of the recipient.
11 digits number to identify the PayId. Required when phone_number, owner_email, and organisation_id is null.
The organisation id of the recipient. The PayID must be in the format of payid:airwallex.com.
owner email to identify the PayId. Required when phone_number, australian_business_number, and organisation_id is null.
The phone number of the PayId. Required when owner_email, australian_business_number, and organisation_id is null.
SEPA Direct Debit information. Only provided when type is sepa_direct_debit.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes.
Postcode of the address.
street of the address.
town of the address.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The 2-letter ISO country/region code from which the consumer will be paying.
15–34 characters to identify a bank account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Type of the PaymentMethod. One of card, googlepay, applepay, alipayhk, truemoney, gcash, dana, kakaopay, tng, alipaycn, rabbit_line_pay, wechatpay, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
Unique request identifier specified by the merchant
- REQUIRES_PAYMENT_METHOD: Populate
payment_methodwhen calling verify.- This value is returned if
payment_methodis either null, or thepayment_methodhas failed during verify, and a differentpayment_methodshould be provided.
- This value is returned if
- REQUIRES_CUSTOMER_ACTION: Pending customer action, see
next_actionfor details. - PENDING: The mandate of the PaymentConsent has been submitted. It only occurs when payment method type is
bacs_direct_debit. You need to wait for the final result. The status will becomeDISABLEDif the mandate is rejected orVERIFIEDif the mandate is accepted. - PAUSED: The active mandate of the PaymentConsent has been paused. The PaymentConsent can be paused only when the previous status was
VERIFIED. It only occurs when payment method type ispayto. The status will becomeDISABLEDif the mandate is canceled orVERIFIEDif the mandate is resumed. - VERIFIED: The PaymentConsent has been verified and it can be used for subsequent payments.
- DISABLED: The PaymentConsent is disabled. You cannot verify it again.
The terms of this consent.
The granularity per billing cycle. Required when payment_schedule.period_unit is WEEK, MONTH, or YEAR. (e.g. charge_day_per_billing_cycle= 5, payment_schedule.period_unit = MONTH, payment_schedule.period = 1 if collect payment on the 5th of each month).
End date to expect payment request.
The first payment. It could include the costs associated with the first debited amount.Optional if payment agreement type is VARIABLE.
The fixed payment amount that can be charged for a single payment.Required if payment agreement type is FIXED.
The maximum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The minimum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The agreed type of amounts for subsequent payment. Should be one of FIXED, VARIABLE.
- FIXED: payment amount is fixed. A specific amount is required.
- VARIABLE: payment amount is variable at each collection. A max limit is recommended.
The currency of this payment. Please refer to supported currencies .
The number of period units between billing cycles. For example, the payment cycle is one month if period=1 and period_unit=MONTH. Required when merchant_trigger_reason = scheduled
Specifies billing frequency. One of DAY, WEEK, MONTH, and YEAR. Required when merchant_trigger_reason = scheduled
Start date to expect payment request.
The total number of billing cycles. For example, the mandate will last for 1 year if total_billing_cycles=12, payment_schedule.period=1 and payment_schedule.period_unit=MONTH if the merchant_trigger_reason is scheduled. Merchant can bill customers 12 times when total_billing_cycles=12 if the merchant_trigger_reason is unscheduledThe mandate will continue indefinitely if total_billing_cycles is null.
Time at which this PaymentConsent was last updated
| Error status | Description |
|---|---|
| 400 | Bad Request. Possible error codes: |
| 401 | Unauthorized. Possible error codes: |
| 403 | Forbidden |
| 404 | Not Found. Possible error codes: |
| 500 | Server Error. Possible error codes: |
$curl --request GET \> --url 'https://api-demo.airwallex.com/api/v1/pa/payment_consents/cst_hkpdsjz1vg0x1uscdj' \> --header 'Authorization: Bearer {{ACCESS_TOKEN}}' \> --header 'Content-Type: application/json'
1{2 "id": "cst_hkpdsjz1vg0x1uscdj",3 "request_id": "cf682fd8-ce4b-483f-a003-f2533d0a58d2",4 "customer_id": "cus_hkpdsjz4vg1x3uscdj",5 "status": "REQUIRES_CUSTOMER_ACTION",6 "next_triggered_by": "merchant",7 "merchant_trigger_reason": "scheduled",8 "initial_payment_intent_id": "int_hkpdskz7vg1xc7uscdj",9 "payment_method": {10 "type": "card",11 "id": "mtd_hkpds1z4zh00i2eb1h",12 "card": {13 "expiry_month": "03",14 "expiry_year": "2030",15 "name": "John Doe",16 "bin": "403550",17 "last4": "0008",18 "brand": "visa",19 "issuer_country_code": "US",20 "card_type": "CREDIT",21 "fingerprint": "AKvN4TqxI04SNFZ+oYRXaECtDA==",22 "billing": {23 "first_name": "John",24 "last_name": "Doe",25 "email": "[email protected]",26 "phone_number": "+1 1234567890",27 "address": {28 "country_code": "US",29 "state": "CA",30 "city": "San Francisco",31 "street": "1460 Mission St.#02W101",32 "postcode": "94103"33 }34 },35 "issuer_name": "JPMorgan Chase",36 "is_commercial": false,37 "number_type": "PAN"38 }39 },40 "metadata": {41 "amount": "10",42 "subscriptionNumber": "2025040700000001"43 },44 "mandate": {},45 "next_action": {46 "type": "redirect_iframe",47 "method": "GET",48 "url": "https://www.example.com/redirect",49 "stage": "WAITING_DEVICE_DATA_COLLECTION"50 },51 "created_at": "2021-08-31T06:57:15+00:00",52 "updated_at": "2021-08-31T07:01:15+00:00"53}
Get list of PaymentConsents
GET /api/v1/pa/payment_consents
Retrieve list of PaymentConsents.
The unique identifier of a customer
The start time of created_at in ISO8601 format. The timestamp must include an explicit timezone (e.g. Z or -04:00).
One of scheduled, unscheduled
One of merchant, customer
Page number starting from 0
Number of PaymentConsents to be listed per page. Default value is 10. Maximum is 1000. The value greater than the maximum will be capped to the maximum.
The unique identifier of a PaymentMethod
Status of PaymentConsent
The end time of created_at in ISO8601 format. The timestamp must include an explicit timezone (e.g. Z or -04:00).
A flag which identifies whether there are more results.
List items
PaymentConsent's client secret for browser or app. Only returned by PaymentConsent create API.
The provided client_secret is valid for 60 minutes
Account identifier of the connected account.
Time at which this PaymentConsent was created
Unique identifier from Airwallex of the customer who will make the payment with this PaymentConsent
Disable reason. Only applicable when status is DISABLED
Verification failure reason. Only applicable when status is REQUIRES_PAYMENT_METHOD and REQUIRES_CUSTOMER_ACTION.
The failure code returned by Airwallex
The verification failure details.
Consent verification failed. Please retry the consent verification or select a different payment method.
Unique identifier of this PaymentConsent
Unique identifier of the initial PaymentIntent confirmed with this PaymentConsent
An authorization from shopper to merchant to debit payments from their bank account.
The time at which shopper accepts the mandate.
BACS Direct Debit mandate information.
Reference of the Direct Debit instrument.
A unique six-digit number used to identify a business paying or receiving money through a Bacs Direct Debit transaction.
SEPA Direct Debit mandate information.
A unique number used to identify a business paying or receiving money through a SEPA Direct Debit transaction.
Reference of the Direct Debit mandate.
The payment method type of the mandate. Can be ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
The version of the mandate.
Only applicable when next_triggered_by is merchant. One of scheduled, unscheduled, installments.
A set of key-value pairs that can be attached to this PaymentConsent. You can specify up to 50 keys with key names up to 50 characters long and values up to 500 characters long.
Next action for merchant
The content type of the request when method is POST. If not provided, the content type should be application/json
The additional data that can be used to complete this action
Email address to send the MicroDeposit verification link. Appears if type is notify_micro_deposits
Fallback url to redirect the shopper to the web page if the redirection to the app fails. Returned only if the flow is mobile_app.
The redirect method if the action type is redirect. One of GET, POST
Number of funds that will be deposited into shopper account. Appears if type is notify_micro_deposits
Android package name. Returned only if the flow is mobile_app and the os_type is android.
QR Code text representation if the action type is redirect, only applicable to wechatpay.
the remaining attempts to verify micro_deposit or retry micro_debit.
Stage of the request flow
Type of next action can be either redirect, redirect_iframe, notify_micro_deposits or retry_micro_debit
The redirect url
The party to trigger subsequent payments. One of merchant, customer
PaymentMethod information attached for subsequent payments
ACH Direct Debit information. Only provided when type is ach_direct_debit.
9-digit number to identify a bank in the US.
4-17 digits number to identify a bank account in the US.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Alipay CN information. Only provided when type is alipaycn.
One of qrcode, mobile_web, mobile_app, mini_program
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Alipay HK information. Only provided when type is alipayhk.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Apple pay information. Only provided when type is applepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
BACS Direct Debit information. Only provided when type is bacs_direct_debit.
8 digits number to identify a bank account in the UK.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes. One of GB, US. Default to GB if not provided
House number and street name, e.g., 777 Casino Drive
Locality name, e.g., Apartment 123
Postcode of the address.
State or province of the address. Should be provided if country code is US. Use the two-character ISO3166-2:US state code.
Post town.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
6-digit number to identify a bank in the UK.
BECS Direct Debit information. Only provided when type is becs_direct_debit.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
Indicate whether the account is a business account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Account holder's email.
Account holder name.
Card information. Only provided when type is card.
Additional information of external network token requestor. Would return when number_type is EXTERNAL_NETWORK_TOKEN
Merchant Verification Value (Provided by VISA during onboarding) or MasterCard Assigned ID (Provided by MasterCard during onboarding)
Token requestor unique identifier (Provided by card schemes during onboarding)
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
Bank identify number of this card
Brand of the card. One of mastercard, visa, union pay, american express, jcb, discover, diners club international.
Funding type of the card
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Information for Korean Card
A 10-digit business number of the company.
A 6-digit date of birth in the format of YYMMDD.
Card password first 2 digits.
Last four digits of the card number
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Card holder name
Type of the number. One of PAN, EXTERNAL_NETWORK_TOKEN, AIRWALLEX_NETWORK_TOKEN.
DANA information. Only provided when type is dana.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
EFT Direct Debit information. Only provided when type is eft_direct_debit.
4-17 digits number to identify a bank account in Canada.
Indicate whether the account is a business account.
3-digit number to identify a bank institution in Canada.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Identify a bank branch transit in Canada.
GCASH information. Only provided when type is gcash.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Google pay information. Only provided when type is googlepay.
Billing information
The billing address as it appears on the credit card issuer’s records
City of the address. Maximum of 100 characters.
The two-letter country code in ISO 3166-1 alpha-2 format.
Postcode of the address. Maximum of 10 characters.
State or province of the address. Maximum of 100 characters.
Street of the address. Maximum of 1000 characters.
Date of birth of the customer in the format: YYYY-MM-DD
Email address of the customer
First name of the customer
Last name of the customer
Phone number of the customer
The Lifecycle Identifier is a unique code that links all related transaction events - Capture, refund & disputes, making it easy to track a transaction throughout its lifecycle. This identifier is currently supported only when the card brand is MasterCard.
Type of the payment data details. One of tokenized_card or encrypted_payment_token.
Payment data with the tokenized card details.
Authentication method
EMV data
Output from the Secure Element
The PIN encrypted using the bank’s key
3D-Secure authentication data
Electronic Commerce Indicator, as defined by 3-D Secure
Online payment cryptogram, as defined by 3-D Secure
The authentication method type. One of CRYPTOGRAM_3DS, PAN_ONLY.
Bank identify number of this card
Brand of the card. One of visa, mastercard, maestro, chinaunionpay.
Device manufacturer identifier
Two digit number representing the card’s expiration month
Four digit number representing the card’s expiration year
Fingerprint of the card
A boolean field referring whether the card is commercial or not
Country code of the card issuer
Issuer name
Last four digits of the card number
Cardholder name
The card's type of payment. One of credit or debit.
Unique identifier of the PaymentMethod attached for subsequent payments. Only provided when type is card.
KAKAOPAY information. Only provided when type is kakaopay.
One of qrcode, mobile_web, mobile_app
ios, android
Alipay's User LoginId (Shopper) for Payment Consent Verification
Unique identifier of a user in payment method provider side. Only present after the payment has been completed or the consent has been verified.
Payto information. Only provided when type is payto.
The account name.
4-9 digits number to identify a bank account in Australia.
6-digit Bank-State-Branch number.
The PayID of the recipient.
11 digits number to identify the PayId. Required when phone_number, owner_email, and organisation_id is null.
The organisation id of the recipient. The PayID must be in the format of payid:airwallex.com.
owner email to identify the PayId. Required when phone_number, australian_business_number, and organisation_id is null.
The phone number of the PayId. Required when owner_email, australian_business_number, and organisation_id is null.
SEPA Direct Debit information. Only provided when type is sepa_direct_debit.
Account holder's address.
Country code of the address. Use the two-character ISO Standard Country Codes.
Postcode of the address.
street of the address.
town of the address.
Bank of the account. You can call API to retrieve the available bank names.
Indicate whether the account is a business account.
The 2-letter ISO country/region code from which the consumer will be paying.
15–34 characters to identify a bank account.
The result of micro debit.
The status of micro_debit.
The result of micro deposit.
The status of micro_deposit.
Email of the account holder.
Name of the account holder.
Type of the PaymentMethod. One of card, googlepay, applepay, alipayhk, truemoney, gcash, dana, kakaopay, tng, alipaycn, rabbit_line_pay, wechatpay, ach_direct_debit, bacs_direct_debit, becs_direct_debit, sepa_direct_debit, eft_direct_debit.
Unique request identifier specified by the merchant
- REQUIRES_PAYMENT_METHOD: Populate
payment_methodwhen calling verify.- This value is returned if
payment_methodis either null, or thepayment_methodhas failed during verify, and a differentpayment_methodshould be provided.
- This value is returned if
- REQUIRES_CUSTOMER_ACTION: Pending customer action, see
next_actionfor details. - PENDING: The mandate of the PaymentConsent has been submitted. It only occurs when payment method type is
bacs_direct_debit. You need to wait for the final result. The status will becomeDISABLEDif the mandate is rejected orVERIFIEDif the mandate is accepted. - PAUSED: The active mandate of the PaymentConsent has been paused. The PaymentConsent can be paused only when the previous status was
VERIFIED. It only occurs when payment method type ispayto. The status will becomeDISABLEDif the mandate is canceled orVERIFIEDif the mandate is resumed. - VERIFIED: The PaymentConsent has been verified and it can be used for subsequent payments.
- DISABLED: The PaymentConsent is disabled. You cannot verify it again.
The terms of this consent.
The granularity per billing cycle. Required when payment_schedule.period_unit is WEEK, MONTH, or YEAR. (e.g. charge_day_per_billing_cycle= 5, payment_schedule.period_unit = MONTH, payment_schedule.period = 1 if collect payment on the 5th of each month).
End date to expect payment request.
The first payment. It could include the costs associated with the first debited amount.Optional if payment agreement type is VARIABLE.
The fixed payment amount that can be charged for a single payment.Required if payment agreement type is FIXED.
The maximum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The minimum payment amount that can be charged for a single payment.Optional if payment agreement type is VARIABLE.
The agreed type of amounts for subsequent payment. Should be one of FIXED, VARIABLE.
- FIXED: payment amount is fixed. A specific amount is required.
- VARIABLE: payment amount is variable at each collection. A max limit is recommended.
The currency of this payment. Please refer to supported currencies .
The number of period units between billing cycles. For example, the payment cycle is one month if period=1 and period_unit=MONTH. Required when merchant_trigger_reason = scheduled
Specifies billing frequency. One of DAY, WEEK, MONTH, and YEAR. Required when merchant_trigger_reason = scheduled
Start date to expect payment request.
The total number of billing cycles. For example, the mandate will last for 1 year if total_billing_cycles=12, payment_schedule.period=1 and payment_schedule.period_unit=MONTH if the merchant_trigger_reason is scheduled. Merchant can bill customers 12 times when total_billing_cycles=12 if the merchant_trigger_reason is unscheduledThe mandate will continue indefinitely if total_billing_cycles is null.
Time at which this PaymentConsent was last updated
| Error status | Description |
|---|---|
| 400 | Bad Request. Possible error codes: |
| 401 | Unauthorized. Possible error codes: |
| 403 | Forbidden |
| 404 | Not Found. Possible error codes: |
| 500 | Server Error. Possible error codes: |
$curl --request GET \> --url 'https://api-demo.airwallex.com/api/v1/pa/payment_consents' \> --header 'Authorization: Bearer {{ACCESS_TOKEN}}' \> --header 'Content-Type: application/json'
1{2 "has_more": false,3 "items": [4 {5 "id": "cst_hkpdsjz1vg0x1uscdj",6 "request_id": "0a0753bb-ec35-4a29-34bf-1fa712bc162d",7 "customer_id": "cus_hkpdsjz4vg1x3uscdj",8 "next_triggered_by": "merchant",9 "merchant_trigger_reason": "scheduled",10 "metadata": {11 "subscriptionNumber": "2025040700000001"12 },13 "status": "REQUIRES_CUSTOMER_ACTION",14 "created_at": "2021-08-31T06:57:15+00:00",15 "updated_at": "2021-08-31T06:57:15+00:00",16 "client_secret": "eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE3MzgzMDY2MzAsImV4cCI6MTczODMxMDIzMCwidHlwZSI6ImNsaWVudC1zZWNyZXQiLCJwYWRjIjoiSEsiLCJhY2NvdW50X2lkIjoiN2EwYzQ3YzctNzM0Zi00NzdmLTk1OWItMzIxNTQyNzgxYTgyIiwiY29uc2VudF9pZCI6ImNzdF9oa3Bkc2p6MXZnMHgxdXNjZGoiLCJjdXN0b21lcl9pZCI6ImN1c19oa3Bkc2p6NHZnMXgzdXNjZGoifQ.c8zs0QlpUy_NwWy_JsHqHSiRpbtpGnIVWNsVHsSvJQ0"17 }18 ]19}