(POST /all-in-one)
Authentication with SCA. This allows sales authorized by the card issuer, performing an authentication process of the cardholder. This process varies depending on the entity.
Payload
-
amount (string, required): Amount of the operation
1000 -
currency (string, required): Any currency defined according to ISO_4217 will be valid
EUR -
order (string): Ticket for the operation
sipay-order-001 -
pan (string): Card number
6712009000000458 -
month (string): Expiration month of the card
12 -
year (string): Expiration year of the card
2017 -
reconciliation (string): Identifier for bank reconciliation (p37)
1234sipay -
operation (enum[string], required): Operation to be performed
authorization: Salepreauthorization: Preauthorizationall-in-one: PSD2
-
token(string): Alphanumeric code associated with the card data. This serves to store the card data in the secure vault and facilitate future transactions with that card without the data having to travel over the network again, thereby securing the purchase process.
sipay-token-prueba-359ef8ce5c5f4003b71692e446908c27- It will not be possible to tokenize a card without completing an SCA (Strong Customer Authentication) protocol such as the 3DS 2.X protocol. Therefore, it is not possible to tokenize through operations processed as an exemption.
-
fastpay(object):
- request_id(string): Card identifier returned by FastPay
- format: [0-9a-fA-F]
- length: 32
- request_id(string): Card identifier returned by FastPay
-
catcher (object):
{"token": "1b5925567684485eb1590c105cf8c9ba"} -
custom_01 (string): Customizable field
custom_001 -
custom_02 (string): Customizable field
custom_002 -
url_ok(string, required): URL to which the user will be redirected if the operation is successful. This URL will have a query parameter called request_id added, which will be necessary for confirming the sale
https://example_url.com/?request_id=12346598 -
url_ko(string, required): URL to which the user will be redirected if the operation was not successful. This URL will have a query parameter called request_id
https://example_url.com/?request_id=12346598and another called error that will contain a literal defining the possible cause of the errorunavailable_service -
url_allow_fragments(bool): This field indicates how the redirect URLs should be treated. If the URL has a defined fragment/section in the URL path i.e. https://example.es/#/path?param1=value1, this field should have a value of
false.- default value: true
-
moto (enum[string]): This field allows operations subject to the Mail Order (mail) & Telephone Order (phone) exemption, allowing charges to be made only with the card number and without double authentication:
mail: mail orderphone: telephone order
-
sca_exemptions (enum[string]): available exemptions:
| Parameter | Exemption | Description |
|---|---|---|
LWV | Low Value Exemption | Transactions under 30 euros do not require SCA, but the issuing bank will keep a record of certain counters, such as the number of transactions or the total amounts of them. If the buyer's card transactions exceed the counter, for example, after five consecutive transactions or if the sum exceeds 100 euros, the issuing bank will require SCA. |
TRA | Low Risk / Transaction Risk Analysis | Issuing banks may consider transactions to be low risk based on average fraud levels of the card issuer, or the acquirer processing the transaction, or both. |
COR | Secure Corporate Payments | These are payments made through dedicated corporate processes initiated by companies and not available to consumers. Examples include payments made through central travel accounts, accommodation cards, virtual cards, and secure corporate cards used in corporate travel management systems. |
MIT | Merchant Initiated Transactions | Payments made with stored cards when the customer is not present in the checkout flow (sometimes called "out-of-session") may qualify as merchant-initiated transactions. These payments are technically outside the scope of SCA. In practice, marking a payment as a "Merchant Initiated Transaction" will be similar to requesting an exemption. And like any other exemption, it will still be up to the bank to decide if authentication is needed for the transaction. To use merchant-initiated transactions, the card must be authenticated when saved or on the first payment. Lastly, the customer's agreement (also known as "mandate") will be necessary to charge their card later. |
- reason (enum[string]): available reasons for MIT:
| Parameter | Reason/Motive | Description |
|---|---|---|
R | Recurring | Transactions processed at fixed and regular intervals not exceeding one year between transactions, representing an agreement between the cardholder and a merchant to acquire goods or services provided over a period of time. |
I | Installments | Installment payments describe the one-time purchase of goods or services billed to the cardholder in multiple transactions over an agreed period of time by the cardholder and the merchant. |
C | One-time purchase | This is a transaction that uses a stored credential for a fixed or variable amount not occurring on a scheduled or regular transaction date, in which the cardholder has consented for the merchant to initiate one or more future transactions not initiated by the cardholder. |
D | Delayed charge | A delayed charge is commonly used in hotels, cruise lines, and vehicle rental environments to make an additional charge to the account after the original services have been provided. |
E | Resubmission | This is an event that occurs when the original purchase occurs, but the merchant could not obtain authorization at the time the goods or services were provided. |
H | Reauthorization | A reauthorization is a purchase made after the original purchase and may reflect a series of specific conditions. The most common scenarios include delayed or split shipments and extended stays or rentals. |
M | Incremental | In hotel and vehicle rental environments, there is often an incremental authorization, where the cardholder has agreed to pay for any service provided during the duration of the contract. |
N | No show | A "No-show" is a transaction in which the merchant is enabled to charge for services that the cardholder entered into a purchase agreement but did not fulfill the terms of the agreement. |
Request Example - API Integration
{
"key": "589365da65c48cff87d0874a",
"resource": "359ef8ce5c5f4003b71692e446908c27",
"nonce": "1234567890",
"mode": "sha256",
"payload": {
"amount": "100",
"currency": "EUR",
"pan": "6712009000000458",
"month": "12",
"year": "2020",
"cvv": "123",
"reconciliation": "1234sipay",
"operation": "all-in-one",
"url_ok": "https://en9vkyegnzvfb.x.pipedream.net/",
"url_ko": "https://en9vkyegnzvfb.x.pipedream.net/",
"order": "Psd2-1",
"custom_01": "custom-001",
"custom_02": "custom-002"
}
}
Request Example - Fast Pay Integration
{
"key": "589365da65c48cff87d0874a",
"resource": "359ef8ce5c5f4003b71692e446908c27",
"nonce": "1234567890",
"mode": "sha256",
"payload": {
"amount": "100",
"currency": "EUR",
"reconciliation": "1234sipay",
"operation": "all-in-one",
"url_ok": "https://en9vkyegnzvfb.x.pipedream.net/",
"url_ko": "https://en9vkyegnzvfb.x.pipedream.net/",
"order": "Psd2-1",
"custom_01": "custom-001",
"custom_02": "custom-002",
"fastpay": {
"request_id": "c29ba33a0fc7492985e8d0ecc42be8bf"
}
}
}
If the card used in the transaction supports DCC operations, refer to the section Payment Flow Examples, section 4, DCC Sale.
NOTE: It is important to highlight that sending requests attempting to apply for an exemption does not guarantee that it will be effective. This decision is formalized by the entities. To minimize the chances of an exemption not being accepted, it is possible to send additional data, documented in the section Additional Fields.
Success - 0
- url (string): URL for redirecting to the authentication entity
https://sandbox.sipay.es/mdwr/v1/redsys/5901ba6d77170014a2c89/
Response Example
{
"type": "success",
"detail": "authentication",
"uuid": "2df61337-c0c5-4b90-ab8c-6098c8b118ce",
"payload": {
"url": "https://sandbox.sipay.es/mdwr/v1/redsys/5901ba6d77170014a2c89/"
},
"request_id": "5901ba6d7710014a2c89",
"code": "0",
"description": "Authentication processed successfully"
}
Additional Data PSD2 EMV3DS
The following additional fields can be added to the calls outlined in this documentation. This information will be used by the entities to analyze exemptions, among other things. Sending this data is highly recommended to enable risk-based authentication (Risk Based Analysis) and to facilitate a frictionless shopping experience. It is also advisable when requesting the application of SCA-PSD2 exemptions (e.g., MIT-R).
Example
{
. . .
"payload": {
"emv3ds": {
"account_additional_info": "more info",
"account_info": {
"account_age_indicator": "02",
"account_modification_date": "03032022",
"account_modification_indicator": "02",
"account_creation_date": "01012022",
"account_pw_change_date": "02022022",
"account_pw_change_indicator": "01",
"account_purchase_number": "20",
"transactions_day": "1",
"transactions_year": "4",
"account_age_date": "01022022",
"pay_account_creation_date": "03012022",
"pay_account_indicator": "01",
"address_first_use_date": "01012022",
"address_first_use_indicator": "01",
"shipment_name_indicator": "01",
"suspicious_activity_indicator": "02"
},
"addresses_match": "N",
"billing_city": "Mississippi",
"billing_country": "020",
"billing_address_1": "calle cualquiera",
"billing_address_2": "piso cualquiera",
"billing_address_3": "puerta cualquiera",
"billing_postcode": "28080",
"cardholder_mobile_phone": {
"prefix": "1",
"number": "666778899"
},
"cardholder_home_phone": {
"prefix": "11",
"number": "666778899"
},
"cardholder_work_phone": {
"prefix": "111",
"number": "666778899"
},
"merchant_risk_indicator": {
"delivery_email_address": "paco@paco.com",
"delivery_timeframe": "02",
"amount_in_giftcards": "10",
"amount_of_giftcards": "01",
"preorder_date": "20211220",
"preorder_availability_indicator": "01",
"reorder_indicator": "02",
"shipping_indicator": "01"
},
"shipping_city": "trololo",
"shipping_country": "100",
"shipping_address_1": "mi calle 4",
"shipping_address_2": "mi casa 3",
"shipping_address_3": "mi piso 2",
"shipping_postcode": "02"
}
}
. . .
}
Reference of Additional Fields
| JSON Attribute (string) | String Length | Description |
|---|---|---|
| account_additional_info | Additional information about the user | |
| account_info | Account information | |
| account_age_indicator | 2/A-N | Period of time that the cardholder has had the account with the merchant: 01=No account (guest check-out); 02=Created during the transaction; 03=Less than 30 days; 04=30-60 days; 05=More than 60 days |
| account_modification_date | 8/N | Date when the cardholder's account was last modified with the merchant, including billing or shipping address, new payment account, or new users added. Format: YYYYMMDD |
| account_modification_indicator | 2/A-N | Period of time since the cardholder's account information was last modified with the merchant, including billing or shipping address, new payment account, or new users added: 01=Modified in this transaction; 02=Less than 30 days; 03=30-60 days; 04=More than 60 days |
| account_creation_date | 9/N | Date when the cardholder opened the account with the merchant. Format: YYYYMMDD |
| account_pw_change_date | 8/N | Date when the cardholder changed their password on the merchant account or reset the account. Format: YYYYMMDD |
| account_pw_change_indicator | 2/A-N | Password change indicator: 01=No changes; 02=Changed during this operation; 03=Less than 30 days; 04=30-60 days; 05=More than 60 days |
| account_purchase_number | 4/N | Number of purchases with this account during the last six months |
| transactions_day | 3/N | Number of transactions (successful and abandoned) for this cardholder's account with the merchant across all payment accounts in the last 24 hours |
| transactions_year | 3/N | Number of transactions (successful and abandoned) for this cardholder's account with the merchant across all payment accounts in the previous year |
| account_age_date | 8/N | Date when the payment account was registered in the cardholder's account with the merchant. Format: YYYYMMDD |
| pay_account_creation_date | 8/N | Date when the payment account was registered in the cardholder's account with the merchant. Format: YYYYMMDD |
| pay_account_indicator | 2/A-N | Indicates the period of time the payment account has been registered in the cardholder's account with the merchant: 01=No account (guest check-out); 02=During the transaction; 03=Less than 30 days; 04=30-60 days; 05=More than 60 days |
| address_first_use_date | 8/N | Date when the shipping address used for this transaction was first used with the merchant. Format: YYYYMMDD |
| address_first_use_indicator | 2/A-N | Indicates when the shipping address used for this transaction was first used with the merchant: 01=This transaction; 02=Less than 30 days; 03=30-60 days; 04=More than 60 days |
| shipment_name_indicator | 2/A-N | Indicates whether the cardholder's name on the account matches the shipping name used for this transaction: 01=Account name matches shipping name; 02=Account name differs from shipping name |
| suspicious_activity_indicator | 2/A-N | Indicates whether the merchant has experienced suspicious activity (including previous fraud) on the cardholder's account: 01=No suspicious activity observed; 02=Suspicious activity observed |
| addresses_match | 1/A-N | Address match indicator |
| billing_city | 50/A-N | City of the billing address |
| billing_country | 3/N | Country of the billing address |
| billing_address_1 | 50/A-N | Billing address (line 1) |
| billing_address_2 | 50/A-N | Billing address (line 2) |
| billing_address_3 | 50/A-N | Billing address (line 3) |
| billing_postcode | 16/A-N | Postal code of the billing address |
| cardholder_mobile_phone | Cardholder's mobile phone | |
| prefix | 1-3/N | Country code corresponding to the phone number, according to |
| number | 15/N | Number corresponding to the phone number |
| cardholder_home_phone* | Cardholder's home phone | |
| prefix | 1-3/N | Country code corresponding to the phone number, according to |
| number | 15/N | Number corresponding to the phone number |
| cardholder_work_phone | Cardholder's work phone | |
| prefix | 1-3/N | Country code corresponding to the phone number, according to |
| number | 15/N | Number corresponding to the phone number |
| merchant_risk_indicator | JSON object | Merchant risk indicator |
| delivery_email_address | 254/A-N | For electronic delivery, the email address to which the goods were delivered |
| delivery_timeframe | 2/A-N | Indicates the delivery timeframe of the goods: 01=Electronic delivery; 02=Same day delivery; 03=Next day delivery; 04=Two or more days for delivery |
| amount_in_giftcards | 15/A-N | For prepaid card or gift card purchases, the total purchase amount in whole units (e.g., USD 123.45 is 123) |
| amount_of_giftcards | 2/N | For prepaid card or gift card purchases, total count of prepaid cards or gift codes purchased |
| preorder_date | 8/N | For a preordered purchase, the expected availability date of the goods. Format: YYYYMMDD |
| preorder_availability_indicator | 2/A-N | Indicates whether the cardholder is placing an order with future availability or release date. Accepted values: 01=Order available; 02=Coming soon |
| reorder_indicator | 2/A-N | Indicates whether the cardholder is reordering goods previously purchased: 01=Order created for the first time; 02=Reordered |
| shipping_indicator | 2/A-N | Indicates the shipping method chosen for the transaction. Merchants should choose the shipping indicator code that most accurately describes the specific transaction of the cardholder, not their overall business activity. If one or more items are included in the sale, use the shipping indicator code for physical goods, or if all products are digital, use the shipping indicator code that describes the most expensive item: 01=Shipped to cardholder's address; 02=Shipped to another address verified in merchant's files; 03=Shipped to an address different from cardholder's; 04=“Ship to Store” / Pick-up at store (store address will be filled in shipping address fields); 05=Digital goods (includes online services, electronic gift cards, and redeemable codes); 06=Travel and event tickets, not shipped; 07=Other (e.g., video games, unshipped digital services, e-media subscriptions, etc.) |
| shipping_city | 50/A-N | City of the shipping address |
| shipping_country | 3/N | Country of the shipping address |
| shipping_address_1 | 50/A-N | Shipping address (line 1) |
| shipping_address_2 | 50/A-N | Shipping address (line 2) |
| shipping_address_3 | 50/A-N | Shipping address (line 3) |
| shipping_postcode | 16/A-N | Postal code of the shipping address |
Examples
1. Authorization with Authentication
The following example shows the flow necessary to achieve a simple sale through the 3DS protocol and PSD2 compliance.
1.1. Obtain URL Authentication
| POST /all-in-one request |
|---|
|
| POST /all-in-one response |
|
Success - 0
- payload.url (string): Redirect URL to the authentication entity
https://sandbox.sipay.es/mdwr/v1/redsys/5901ba6d77170014a2c89/
1.2. Confirmation and Capture of Funds
| POST /all-in-one/confirm request |
|---|
|
| POST /all-in-one/confirm response |
|
Success - 0 - authentication
- code (string, required): Internal operation code. Refer to Response Codes
0 - amount (string, required): Amount of the operation
1000 - currency (string, required): Currency used in the operation
EUR - order (string, required): Ticket for the operation
sipay-order-001 - reconciliation (string, required): Identifier for bank reconciliation
1234-sipay - card_trade (string, required): Issuer of the card. Request more information.
undefined - card_type (string, required): Type of card. Request more information.
undefined - masked_card (string, required): Masked card number
6712 00** ****0205 - transaction_id (string, required): Transaction identifier.
000024899463550243139 - sequence (string, required):
1131238 - authorizator (string, required): Authorizing entity of the operation
BANCO SANTANDER, S.A. - approval (string, required): Approval code from the entity
346179
2. Authorization with Authentication and Card Storage (Tokenization)
The following shows the necessary flow to complete a sale with 3DS PSD2 compliance and card storage in a vault (tokenization).
| POST /all-in-one request |
|---|
|
| POST /all-in-one response |
|
Success - 0
- url (string): Redirect URL to the authenticating entity
https://sandbox.sipay.es/mdwr/v1/redsys/5901ba6d77170014a2c89/
2.2. Authentication Confirmation
| POST /all-in-one/confirm request |
|---|
|
| POST /all-in-one/confirm response |
|
Success - 0 - authentication
- token: Name of the token associated with the card stored in the vault.
3. Authorization with Authentication from a Stored Card (Tokenized)
The following flow shows the necessary operations to complete a sale 3DS PSD2 compliance through a card previously stored in the vault (tokenized), which is a CIT (Customer Initiated Transaction).
3.1. Authentication with Tokenization PSD2 compliance
| POST /all-in-one/confirm request |
|---|
|
| POST /all-in-one/confirm response |
|
Success - 0
- url (string): URL for redirecting to the authentication entity
https://sandbox.sipay.es/mdwr/v1/redsys/5901ba6d77170014a2c89/
3.2. Confirmation and Fund Capture
| POST /all-in-one/confirm request |
|---|
|
| POST /all-in-one/confirm response |
|
Success - 0 - authentication
- token: Name of the token associated with the card stored in the vault.
4. Authorization with MIT R Exemption
The following flow outlines the steps necessary to complete a card sale in compliance with PSD2 while applying an "MIT" (Merchant Initiated Transaction) exemption for a recurring sale (R). With this exemption, it is possible to complete payment flows initiated by the merchant without performing 3DS authentication, as long as the entity allows it.
The card must have been previously tokenized and authenticated through a separate process.
You must specify "sca_exemptions": "MIT" and "reason": "R", allowing the call to /all-in-one/confirm without consuming the url (string) generally provided by the /all-in-one call since it should not be returned.
4.1. Obtain Request ID: request_id
| POST /all-in-one request |
|---|
|
| POST /all-in-one response |
|
Success - 0
- request_id (string): Request ID necessary for the confirmation operation.
4.2. Confirmation and capture of funds
| POST /all-in-one/confirm request |
|---|
|
| POST /all-in-one/confirm response |
|
Success - 0 - authentication
- code (string, required): Internal operation code. Refer to Response Codes
0 - amount (string, required): Amount of the operation
1000 - currency (string, required): Currency used in the operation
EUR - order (string, required): Operation ticket
sipay-order-001 - reconciliation (string, required): Identifier for bank reconciliation
1234-sipay - card_trade (string, required): Card issuer. Request more information.
undefined - card_type (string, required): Type of card. Request more information.
undefined - masked_card (string, required): Masked card number
6712 00** ****0205 - transaction_id (string, required): Transaction identifier.
000024899463550243139 - sequence (string, required):
1131238 - authorizator (string, required): Authorizing entity of the operation
BANCO SANTANDER, S.A. - approval (string, required): Approval code from the entity
346179
OTA - Online Travel Agency
This API will allow travel agencies, airlines, and hotels to process their operations without the customer being present, with the guarantees of delegated authentication.
The call to be made will be the same as an authentication with "previously_authenticated": true and with the token identifier, and then perform its confirmation.
With authentication data
When the data from the prior authentication is available, the object "authentication_data" must be added to the call.
The object "authentication_data" must contain the following fields:
-
cryptogram[string]: Cryptogram of the authentication.
-
cryptogram_type[enum[string]]: Possible values:
- CAVV
- AEVV
- UCAF
-
ds_transaction_id[string]: Transaction identifier.
-
eci[string]: The e-commerce indicator is a value returned by Visa, MasterCard, JCB, and American Express that indicates the result of the authentication attempt in transactions applied by 3DS.
-
Possible values for Visa, American Express, and JCB:
- 05: 3DS authentication has been successfully completed; transactions are protected by 3DS.
- 06: 3DS authentication has been attempted but not completed or could not be completed; possible reasons are that the card or its Issuer Bank are not yet enrolled in 3DS.
- 07: 3DS authentication has failed or could not be attempted; possible reasons are that both the card and the Issuer Bank are not protected by 3DS, technical errors, or incorrect configuration.
-
Possible values for MasterCard:
- 02: 3DS authentication has been successfully completed; both the card and the Issuer Bank are protected by 3DS.
- 01: 3DS authentication has been attempted but not completed or could not be completed; possible reasons are that the card or its Issuer Bank are not yet enrolled in 3DS, or that the cardholder ran out of time to authorize.
- 00: 3DS authentication has failed or could not be attempted; possible reasons are that both the card and the Issuer Bank are not protected by 3DS, technical errors, or incorrect configuration.
-
Initial request example
{
"key": "key_value",
"resource": "resource_value",
"nonce": "1234567890",
"mode": "sha256",
"payload": {
"amount": "0",
"currency": "EUR",
"pan": "4242424242424242",
"month": "12",
"year": "25",
"cvv": "123",
"operation": "all-in-one",
"url_ok": "https://httpbin.org/anything?what=ok",
"url_ko": "https://httpbin.org/anything?what=ko",
"order": "OTAS_ejemplo",
"token": "Mi_token_ejemplo_otas",
"previously_authenticated": "true",
"authentication_data": {
"cryptogram": "ALnt+yWSJdXBACMLLWMNGgADFA==",
"cryptogram_type": "CAVV",
"ds_transaction_id": "222225555",
"eci": "2"
}
}
}
Response for initial request example
{
"type": "success",
"code": "0",
"detail": "authentication",
"description": "Authentication processed successfully",
"payload": {
"request_id": "61c996fc7b3f710001d24227"
},
"uuid": "787e7e33-27ee-47bd-b0ae-1fc2243a8356"
}
Confirmation request example
{
"key": "key_value",
"resource": "resource_value",
"nonce": "1234567890",
"mode": "sha256",
"payload": {
"request_id": "61c996fc7b3f710001d24227",
"previously_authenticated": "true"
}
}
Confirmation response example
{
"type": "success",
"code": "0",
"detail": "authorization",
"description": "Authorization processed successfully",
"payload": {
"code": "0",
"amount": "1",
"currency": "EUR",
"order": "OTAS_ejemplo",
"card_trade": "consumer",
"card_type": "mixed",
"masked_card": "4242 42** ****4242",
"reconciliation": "",
"transaction_id": "000027346264324635666",
"cof_id": "792021361451350",
"authorizator": "CAIXABANK, S.A.",
"approval": "227334",
"card_country": 724,
"card_brand": "VISA",
"token": "Mi_token_ejemplo_otas"
},
"uuid": "f871037d-c68c-43cf-948e-cdd78105c5c5",
"request_id": "61c9983c7b3f710001d24228"
}
Without authentication data
If the previous authentication data for the card is not available, you should add the field "moto" = "phone" and the field "amount" = 0.
Initial request example
{
"key": "key_value",
"resource": "resource_value",
"nonce": "1234567890",
"mode": "sha256",
"payload": {
"amount": "0",
"currency": "EUR",
"pan": "4242424242424242",
"month": "12",
"year": "25",
"cvv": "1223",
"operation": "all-in-one",
"token": "Mi_token_ejemplo2_otas",
"url_ok": "https://httpbin.org/anything?what=ok",
"url_ko": "https://httpbin.org/anything?what=ko",
"order": "OTAS_ejemplo2",
"previously_authenticated": "true",
"moto": "phone"
}
}
Initial request response example
{
"type": "success",
"code": "0",
"detail": "authentication",
"description": "Authentication processed successfully",
"payload": {
"request_id": "61c996fc7b3f710001d24227"
},
"uuid": "787e7e33-27ee-47bd-b0ae-1fc2243a8356"
}
Confirmation request example
{
"key": "key_value",
"resource": "resource_value",
"nonce": "1234567890",
"mode": "sha256",
"payload": {
"request_id": "61c996fc7b3f710001d24227",
"previously_authenticated": "true"
}
}
Confirmation response example
{
"type": "success",
"code": "0",
"detail": "authorization",
"description": "Authorization processed successfully",
"payload": {
"code": "0",
"amount": "0",
"currency": "EUR",
"order": "OTAS_ejemplo2",
"card_trade": "consumer",
"card_type": "mixed",
"masked_card": "4242 42** ****4242",
"reconciliation": "",
"transaction_id": "000027346264324635666",
"cof_id": "792021361451350",
"authorizator": "CAIXABANK, S.A.",
"approval": "227334",
"card_country": 724,
"card_brand": "VISA",
"token": "Mi_token_ejemplo2_otas"
},
"uuid": "f871037d-c68c-43cf-948e-cdd78105c5c5",
"request_id": "61c9983c7b3f710001d24227"
}