3DS Authentication

3D Secure adds an authentication layer for card payments. When the issuer requires it, the customer must complete a verification, usually on the bank's page or in a modal within your site.

In 100% API integrations, you identify this case when payment intent confirmation returns requires_action and a nextAction object.

Related API reference

• Confirm a payment intent
• Retrieve a payment intent
• Create a payment method

Redirect

Send returnUrl when confirming the payment intent.

{
  "paymentMethodId": "cl502zv0d0127ebdp3zt27651",
  "returnUrl": "https://www.example.com/return"
}

If 3DS is required, the response includes the URL where you should redirect the customer.

{
  "status": "requires_action",
  "nextAction": {
    "type": "redirect_to_url",
    "redirectToUrl": {
      "url": "https://checkout.onvopay.com/authorize/test_clv...",
      "returnUrl": "https://www.example.com/return"
    }
  }
}

After authentication is completed, ONVO redirects the customer to your returnUrl with the payment_intent_id parameter.

https://www.example.com/return?payment_intent_id=cl502zv0d0127ebdp3zt27651

Retrieve the payment intent to confirm the final status before marking the order as paid.

Modal

You can also handle 3DS with the ONVO web library.

<script src="https://js.onvopay.com/v1/"></script>

Initialize the library with your publishable key and call handleNextAction when the intent requires action.

<script>
  const onvo = ONVO("onvo_live_publishable_key_H4PG...");

  onvo.handleNextAction({
    paymentIntentId: "clrr934wl001mdpkhw2g82rlt",
  }).then(function (result) {
    if (result.error) {
      console.error(result.error);
    } else {
      console.log(result.paymentIntent);
    }
  });
</script>

Even if 3DS authentication succeeds, validate the final payment intent status. The transaction can still be declined for other reasons.

You can test this flow with card 4000000000003220 in test mode.