Authorize a payment using the payment method

POST /payment-methods/{paymentMethodId}/authorize

When successful, returns a paymentToken value.

Path parameters

application/vnd.api+json

Body Required

  • data object
    Hide data attributes Show data attributes object
    • type string Required

      Value is paymentToken.

    • id string(uuid)

      Unique ID of the new paymentToken.

    • attributes object Required
      Hide attributes attributes Show attributes attributes object
      • currency string Required

        Currency as specified in ISO-4217.

        Format should match the following pattern: ^[A-Z]{3}$.

      • amount number(decimal) Required
      • Set this flag to true if you accept the authorized amount to be lower than the requested amount.

      • purposePRNs array[string] Required

        PACE resource name(s) of one or multiple resources, for which the payment should be authorized.

      • discountTokens array[string]

        Discount token that should be applied when authorizing this token. (Obtained by querying fueling service gasStation->pump->discount)

      • The code and method for two factor authentication, if required by the payment method

        Hide twoFactor attributes Show twoFactor attributes object
        • otp string

          OTP (One time password) for the authorization.

        • method string

          A single name for the 2fa e.g. face-id, fingerprint, biometry, password, pin

      • billingEmail string(email)

        The billing e-mail address

Responses

  • 201 application/vnd.api+json

    Created

    Hide response attribute Show response attribute object
    • data object
      Hide data attributes Show data attributes object
      • type string

        Value is paymentToken.

      • id string

        Payment Token ID

      • Hide attributes attributes Show attributes attributes object
        • amount number(decimal)

          The amount that this token represents.

        • currency string

          Currency as specified in ISO-4217.

          Format should match the following pattern: ^[A-Z]{3}$.

        • value string

          paymentToken value. Format might change (externally provided - by payment provider)

        • validUntil string(date-time)

          The datetime (iso8601) after which the token is no longer valid. May not be provided.

        • PACE resource name of the accountPRN that this is being charged to.

        • purposePRNs array[string]

          PACE resource name(s) of one or multiple resources, for which the payment was authorized.

      • Hide relationships attribute Show relationships attribute object
        • Hide paymentMethod attribute Show paymentMethod attribute object
          • data object
            Hide data attributes Show data attributes object
            • type string

              Value is paymentMethod.

            • id string(uuid)
  • 400 application/vnd.api+json

    Bad request

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 401 application/vnd.api+json

    OAuth token missing or invalid or a linked identity is missing.

    Linked identity missing is a special case where you need to make sure that the user has additionally logged in / authorized with a third-party.

    This is not relevant for most use-cases.

    The specific error code that identifies a missing linked identity is missing-linked-identity

    Example:

      {
          "errors": [
              {
                  "id": "cbgmhslmp1o9or9kh1p0",
                  "title": "Missing linked identity for authorized access",
                  "detail": "Linked identity is needed to access this resource, please check why the user does not have a linked identity",
                  "status": "401",
                  "code": "missing-linked-identity"
              }
          ]
      }
    
    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 403 application/vnd.api+json

    Amount cannot be authorized. The following codes may be seen:

    • provider:payment-method-rejected: The method was rejected by the payment provider
    • provider:authorization-denied: The authorization was rejected by the payment provider
    • fuelcard:ondemand:activation-required: On-Demand fuelcards require activation before usage. This error is returned if an attempt is being made without prior activation of the fuelcard.
    • rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.
    • otp:invalid: The provided two factor token is missing or has been rejected.
    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 404 application/vnd.api+json

    Payment method is unknown

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 405 application/vnd.api+json

    Cannot authorize with this method. This usually means that you are trying to use an implicit method for authorization. Implicit payment methods do not use the regular authorization endpoint, e.g., Apple Pay.

    If this is the case the returned error code (in the response body) is: method:implicit-method-not-supported

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 406 application/vnd.api+json

    The specified accept header is invalid

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 409 application/vnd.api+json

    Resource conflicts

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 410 application/vnd.api+json

    Resource is gone

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 415 application/vnd.api+json

    The specified content type header is invalid

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 422 application/vnd.api+json

    Available amount exceeded

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 500 application/vnd.api+json

    Internal server error

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

  • 502 application/vnd.api+json

    Error occurred while communicating with upstream services

    Hide response attribute Show response attribute object
    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes object
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

POST /payment-methods/{paymentMethodId}/authorize
curl \
 -X POST https://api.pace.cloud/pay/2024-3/payment-methods/93db55b6-a9ab-4597-a253-49a1718cea0a/authorize \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/vnd.api+json"
Request examples
{
  "data": {
    "type": "paymentToken",
    "id": "f4267aea-2567-4a3c-934d-b8355a76abe9",
    "attributes": {
      "currency": "EUR",
      "amount": 65.49,
      "allowPartialAmount": false,
      "purposePRNs": [
        "prn:poi:gas-stations:124e522d-65ef-4386-b7e0-00d2eceeadc6",
        "prn:cms:fuels:ron95"
      ],
      "discountTokens": [
        "prn:discount:tokens:f7aa2664-bcfa-4e23-967d-ecd6596b73a9"
      ],
      "twoFactor": {
        "otp": "366382",
        "method": "string"
      },
      "billingEmail": "jon.smith@example.com"
    }
  }
}
Response examples (201)
{
  "data": {
    "type": "paymentToken",
    "id": "33331f72-a672-453c-9d36-d5809ef0ded6",
    "attributes": {
      "amount": 23,
      "currency": "EUR",
      "value": "12c52345c1x34",
      "validUntil": "2024-05-04T09:42:00+00:00",
      "accountPRN": [
        "prn:pay:accounts:pace"
      ],
      "purposePRNs": [
        "prn:poi:gas-stations:124e522d-65ef-4386-b7e0-00d2eceeadc6",
        "prn:cms:fuels:ron95"
      ]
    },
    "relationships": {
      "paymentMethod": {
        "data": {
          "type": "paymentMethod",
          "id": "33331f72-a672-453c-9d36-d5809ef0ded6"
        }
      }
    }
  }
}
Response examples (400)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (401)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (403)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (404)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (405)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (406)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (409)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (410)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (415)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (422)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (500)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (502)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}