Guides

Process Authorisation

This endpoint processes an authorisation to finalise the transaction.

Method: ProcessAuthorisation

Request

ParameterTypeLengthDescription
x_pos_transaction_refUnicode string64This must be the same reference that would get passed through on future ProcessSalesAdjustment requests. This field is mandatory - if the POS system does not have this information at the time of the request, it should pass through a temporary unique value (e.g. a GUID) so that humm has the information it needs to process retry attempts. If a temporary value is used; a subsequent request to SendReceipt must be made when the actual transaction reference is known by the POS system, so that humm can successfully reconcile future ProcessSalesAdjustment requests.
x_merchant_idUnicode string10Merchant identifier as defined by humm
x_purchase_amountint12Total purchase amount (in cents)
x_finance_amountint12Amount that the customer wants the finance for from humm (in cents)
x_pre_approval_codeUnicode string6, optionally 10 digits when including 6199 prefixThe pre-approval code obtained from barcode that the customer is presented
purchase_items optionalString200A JSON formatted string containing information about the purchase items e.g. { "PurchaseItems": [ "Item1", "Item2" ] }
Note: the purchase item array is assigned to a field named "PurchaseItems".
x_device_idUnicode string64Unique device identifier for the POS terminal
x_operator_idUnicode string64ID of POS/terminal operator
x_firmware_versionUnicode string64Current firmware version of POS device
tracking_data optionalAssociative arrayMax 1000000A map that can be populated with additional tracking/state information that will get passed back in the response
buyer_confirms optionalBoolean (true/false)5New field to indicate that the POS Vendor supports the Buyer Confirms flow. If not specified, it is assumed to be ‘false’
signatureHex string case-insensitive200Payload that is signed using HMAC-SHA256 using a device specific key

Response

ParameterTypeDescription
x_statusUnicode stringSuccess/Failure/Error
x_codeUnicode stringA code that maps to a specific reason
x_messageUnicode stringA string explaining the status/code above. Example: For an Approval, what will be customer’s first direct debit date. For an Error: Bank declined – Insufficient Funds
x_purchase_numberUnicode stringUnique transaction identifier generated by humm
tracking_dataAssociative arrayEchoes tracking_data sent on the request
retry_durationintSet to 5 seconds by default. When the status returned is ‘Pending’ the POS Response will include a new ‘retry_duration’. The intent is for the calling POS Vendor to wait the specified retry duration in seconds

(Only if buyer_confirms passed in initial request)
signatureHex string case-insensitivePayload that is signed using HMAC-SHA256 using a device specific key

Testing

The following describes dummy API requests that return a predictable response. Please contact [email protected] to get access to the test/dummy APIs.

Request -> x_pre_approval_codeResponse -> x_statusResponse -> x_code
01######SuccessSPRA01
PendingSPND01ProcessAuthorisation
CancelledFCNL01ProcessAuthorisation
10######FailedFPRA01
11######FailedFPRA02
12######FailedFPRA03
13######FailedFPRA04
14######FailedFPRA05
15######FailedFPRA06
16######FailedFPRA07
17######FailedFPRA08
18######FailedFPRA21
19######FailedFPRA22
20######FailedFPRA23
21######FailedFPRA24
22######FailedFPRA99
23######FailedFPRA09
30######ErrorEVAL01
31######ErrorEAUT01
32######ErrorEVAL02
any other valueErrorEISE01

📘

Info

"#" signifies an alphanumeric digit

Testing Assumptions To generate the signature, use a device-signing-key of "1234567890". A invalid signature will cause an ESIG01 Error.

Updated 26 days ago