Creating an authenticated payment

ℹ️
Check the complete request and response examples for each payment method:

Create a credit card payment;

Create a debit card payment.

After the cardholder authentication is completed, the store must submit the transaction for authorization, sending the authentication data using the 'external authentication' model (ExternalAuthentication node), both for internal and external 3DS Server.

Below is an example of an authorization request to the API E-commerce Cielo:

Authorization request with the authentication node

Below is an example of a credit card authorization with the authentication node.

Environment	Method	Endpoint
Sandbox	post	`https://apisandbox.cieloecommerce.cielo.com.br/1/sales`
Production	post	`https://api.cieloecommerce.cielo.com.br/1/sales`

{
   "MerchantOrderId":"2017051002",
   "Customer":
   {
     (...)
   },
   "Payment":
   {
     (...)
     "Authenticate":true,
     "CreditCard":{
         "CardNumber":"4000000000001000",
         "Holder":"Nome do Portador",
         "ExpirationDate":"12/2021",
         "SecurityCode":"123",
         "Brand":"Visa",
         "SaveCard":"false"
     },
     "ExternalAuthentication":{
       "Cavv":"AAABB2gHA1B5EFNjWQcDAAAAAAB=",
       "Xid":"Uk5ZanBHcWw2RjRCbEN5dGtiMTB=",
       "Eci":"5",
       "Version":"2",
       "ReferenceID":"a24a5d87-b1a1-4aef-a37b-2f30b91274e6"
     }
   }
}

curl
--request POST "https://apisandbox.cieloecommerce.cielo.com.br/1/sales"
--header "Content-Type: application/json"
--header "MerchantId: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
--header "MerchantKey: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
--data-binary
--verbose
{
   "MerchantOrderId":"2017051002",
   "Customer":
   {
     (...)
   },
   "Payment":
   {
     (...)
     "Authenticate":true,
     "CreditCard":{
         "CardNumber":"4000000000001000",
         "Holder":"Nome do Portador",
         "ExpirationDate":"12/2021",
         "SecurityCode":"123",
         "Brand":"Visa",
         "SaveCard":"false"
     },
     "ExternalAuthentication":{
       "Cavv":"AAABB2gHA1B5EFNjWQcDAAAAAAB=",
       "Xid":"Uk5ZanBHcWw2RjRCbEN5dGtiMTB=",
       "Eci":"5",
       "Version":"2",
       "ReferenceId":"a24a5d87-b1a1-4aef-a37b-2f30b91274e6"
     }
   }
}

Field	Description	Type	Size	Required
`Payment.Provider`	Payment method provider name (Cielo30).	text	15 positions	Yes
`Payment.Authenticate`	Defines whether the shopper will be redirected to the issuer for card authentication.	booleano ("true" / "false")		Yes, if authentication is validated.
`Payment.ExternalAuthentication.Cavv`	Signature returned in successful authentication scenarios.	text		⚠️This field is mandatory for transactions that have been authenticated by the issuer or the card brand and in authorization requests with Data Only.
`Payment.ExternalAuthentication.Xid`	XID returned in the authentication process. - The `Xid` is not returned in all authentications. - Sending is recommended if the `Xid` has been returned in the script.	text		No
`Payment.ExternalAuthentication.Eci`	Electronic Commerce Indicator_ returned in the authentication process.	number	1 position	Yes
`Payment.ExternalAuthentication.Version`	3DS version applied in the authentication process. Possible values: Visa and Mastercard: "2.2.0" Elo and Amex: "2.1.0"	alphanumeric	5 positions	Required field for transactions with 3DS authentication.
`Payment.ExternalAuthentication.ReferenceID`	RequestID returned in the authentication process. - The `ReferenceId` is not returned in all authentications. - Submission is recommended if the `ReferenceId` has been returned in the script.	GUID	36 positions	Conditional

The response will follow the standard format of a credit or debit transaction response. See the details in the API Reference.