# Authorisation Forwarding Receive purchase authorisation events and choose if to approve or decline them by replying to the event. Switch on Authorisation Forwarding in your Sandbox Innovator Portal and configure the Authorisation Forwarding URL to start receiving these events. Weavr will send webhook events on the following URL {Authorisation Forwarding URL}/managed_cards_authorisation_forwarding. A response is expected in 1.5s, after which the Default Timeout Response configured in the card profile or the card authForwardingDefaultTimeoutDecision parameter will be used. Endpoint: POST /managed_cards/authorisation_request Version: 3.63.5 Security: webhooks_key ## Header parameters: - `call-ref` (string) A call reference generated by the caller and unique to the caller to provide correlation between the caller and system with a maximum length of 255 - `published-timestamp` (integer, required) The timestamp, expressed in Epoch timestamp using millisecond precision, when this event was published. - `signature-v2` (string, required) The signature to verify the authenticity of this request. This is the base64 hash (HmacSHA256) of the call-ref + payload + published-timestamp using your API key. - `signature` (string, required) The signature to verify the authenticity of this request. This is the base64 hash (HmacSHA256) of the published-timestamp using your API key. ## Request fields (application/json): - `cardId` (string, required) The unique identifier of the card on which an authorisation is being performed - `transactionId` (string, required) The id of this transaction, for reference. - `authorisationType` (string, required) The type of authorisation (Debit or Credit) Enum: "AUTHORISED", "AUTHORISED_CREDIT" - `sourceAmount` (object, required) The amount in the currency of the merchant. - `sourceAmount.currency` (string, required) The currency expressed in ISO-4217 code. Example: GBP, EUR, USD. - `sourceAmount.amount` (integer, required) The monetary amount, scaled to the lowest denomination of the currency. Example, an amount of 1000 for a EUR currency is actually 1000 Euro cents or EUR 10.00. - `transactionAmount` (object, required) The amount in the currency of the card. - `totalTransactionCost` (object, required) The total amount to be deducted in the currency of the card. This is the summation of the transaction amount, forex padding and forex fees. - `transactionTimestamp` (integer, required) The timestamp of the transaction, using epoch timestamp with millisecond precision. - `merchantData` (object, required) Merchant related information - `merchantData.merchantName` (string, required) The name of the merchant where the authorisation has been made. - `merchantData.merchantCategoryCode` (string, required) The merchant category code. - `merchantData.merchantId` (string, required) The merchant ID. - `merchantData.merchantDescription` (string) The merchant description - `merchantData.merchantStreet` (string) The merchant street address (if available) - `merchantData.merchantCity` (string) The merchant city (if available) - `merchantData.merchantState` (string) The merchant state address (if available) - `merchantData.merchantPostalCode` (string) The merchant postal code (if available) - `merchantData.merchantCountry` (string) The merchant country address - `merchantData.merchantTelephone` (string) The merchant telephone number - `merchantData.merchantURL` (string) The merchant URL - `merchantData.merchantNameOther` (string) The alternative merchant name - `merchantData.merchantNetworkId` (string) The merchant's network id - `merchantData.merchantContact` (string) The merchant's contact (if available) - `owner` (object, required) The owner of the card - `owner.type` (string, required) Indicates the identity type. Enum: "CONSUMER", "CORPORATE" - `owner.id` (string, required) The identifier for the identity. - `cardholderPresent` (string) Optional detail indicating if the card holder was present when the authorisation occurred. Enum: "PRESENT", "NOT_PRESENT", "PRESENCE_UNKNOWN" - `cardPresent` (boolean) Optional detail indicating if the card was present when the authorisation occurred. - `authCode` (string) The authorisation code associated with this authorisation. - `forexPadding` (object) The forex padding amount, if any, that has been included in the transactionAmount. Forex padding is extra amount blocked to cater for currency fluctuation. - `forexFee` (object) The forex fee, if set, that is included in the transactionAmount. - `mode` (string) The card can be created in prepaid mode or debit mode. - A prepaid mode card has its own balance and can have funds transferred to or from it. - A debit mode card does not have its own balance but will be able to spend funds belonging to its parent managed account, subject to a configurable spend limit. ## Response 200 fields (application/json): - `result` (string) Enum: "APPROVED", "DENIED" ## Response 404 fields (application/json): - `code` (string) - `message` (string) ## Response default fields (application/json): - `code` (string) - `message` (string)