3D Secure Authentication

To manage certain aspects of the 3D Secure (3DS) authentication, you will need to integrate with the following APIs.

Once the customer has accepted or rejected the push notification for a 3DS challenge, you can use this endpoint to notify us of the result.

You must call this endpoint before the expiration time, otherwise it will return a 400 error. You can find the expiration information from the webhook event

Only the first call to this endpoint will be processed, any subsequent duplicate requests will be ignored, although you will still receive a success response.

POST /v3/spend/profiles/{{profileId}}/3dsecure/challenge-result

transactionReferencetext

Transaction reference as received in the webhook event

challengeStatustext

One of APPROVED or REJECTED

Example Request
curl -X POST 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profile_id}}/3dsecure/challenge-result'
-H 'Authorization: Bearer <your api token>'
-H 'Content-Type: application/json'
-d '{
"transactionReference": "148579538",
"challengeStatus": "APPROVED"
}'

Response

204 - No Content