Skip to main content

Method Url Populated

You are here because the Authentication Response contained MethodUrl and MethodData fields. This step is required only if these fields are populated.

Requirement
  1. Render a hidden iFrame
  2. Send an HTTP form POST to the MethodUrl from the Authentication Response, containing the MethodData also supplied.
  3. Interpret the results sent back to your supplied MethodNoticiationUrl as an HTTP form POST

Your expected output is to be able to resend the Authentication Request, this time with the field MethodCompletionIndicator set to either Y or N.

Render a hidden iFrame and send POST

Although separate steps, these are effectively completed in a single block of code.

An HTTPS form POST request should be sent to the MethodUrl with the following parameters:

POST MethodUrl
Field NameStateData TypeDescription
threeDSMethodDataMandatoryStringThis is the value as provided in the Authentication Response.

It is a Base64-encoded string containing the Transaction ID and your NotificationUrl, previosuly supplied. You should simply pass it in 'as is'.

POST example code

<form name="frm" method="POST" action="Rendering URL">
  <input
    type="hidden"
    name="threeDSMethodData"
    value="eyJ0aHJlZURTU2VydmVyVHJhbnNJRCI6IjNhYzdjYWE3LWFhNDItMjY2My03OTFiLTJhYzA1YTU0MmM0YSIsInRocmVlRFNNZXRob2ROb3RpZmljYXRpb25VUkwiOiJ0aHJlZURTTWV0aG9kTm90aWZpY2F0aW9uVVJMIn0"
  />
</form>

Decoded threeDSMethodData (for information only, this step is NOT required):

{
    "threeDSServerTransID":"3ac7caa7-aa42-2663-791b-2ac05a542c4a",
    "threeDSMethodNotificationURL":"threeDSMethodNotificationURL"
}

Interpret the Results sent back

Once the ACS has completed their Cardholder interaction, the ACS will send a form back to your MethodNotificationUrl via an HTTP POST. You should then send a new Authentication Request containing the ThreeDsServerTransactionId from the initial Authentication Response and MethodCompletionIndicator set to Y.

Example Response

<form name="frm" method="POST" action="threeDSMethodNotificationURL">
  <input
    type="hidden"
    name="threeDSMethodData"
    value="eyJ0aHJlZURTU2VydmVyVHJhbnNJRCI6IjNhYzdjYWE3LWFhNDItMjY2My03OTFiLTJhYzA1YTU0MmM0YSJ9"
  />
  </form>

Decoded threeDSMethodData

{
"threeDSServerTransID":"3ac7caa7-aa42-2663-791b-2ac05a542c4a"
}
note

If there is a timeout where the ACS has not responded within 10 seconds then the MethodCompletionIndicator should be set to N in the Authentication Request

Next Steps

You should now complete a second Authentication Request, completing the two additional fields;

  • MethodCompletionIndicator
  • ThreeDsServerTransactionId (if applicable)

This second Authentication Response will confirm whether to proceed to the Challenge Flow, or if this is Frictionless and you can proceed to Using your Results.