Void Pre-Auth

Overview

The Void Pre-Auth API is only required if the merchant wants to Void a Pre-Auth. Voiding a Pre-Auth cancels the frozen funds from a "Pending" state and releases the funds back into the consumers bank account.

Void Pre-Auth Process

The process of the Void Pre-Auth API is real simple and straight forward. Below demonstrates the steps required in order to successfully make the request.

  1. The transaction information is submitted to our API.
  2. The merchant will receive a response of "0050 - Void Pre-Authorisation Received" which indicates a confirmation notification will be sent to the merchants Notification URL with the overall result. The confirmation notification may contain the response: "0000 - Successful" indicating that the transaction in question is now voided.

Making The Request

HTTP is used as the request-response protocol between a merchants site and the eCOMM API. In the back end, a merchant submits a HTTP POST request to the eCOMM server, the server will then return an XML document where the merchant must parse the data inside and act accordingly. The response contains key information about the request and also contains the requested content.

The request string that is sent for the `Void Pre-Auth` call must be composed of the following information:
  1. Username = SomeName
  2. Password = SomePassword
  3. MessageID = *GUID (e.g. 30dd879c-ee2f-11db-8314-0800200c9a66)
  4. APISignature = Reversalauth
  5. Data = Form data in XML format (See sample here)

The above parameters are required when sending HTTP POST data to our API in order to receive a successful response. The data parameter must be composed using our Available Form Data fields.

A fully formatted HTTP POST request should look identical to the below sample URL: 
https://staging.ecomm365.com/acqapi/service.ashx?Username=SomeName&Password=SomePassword&MessageID=30dd879c-ee2f-11db-8314-0800200c9a66&APISignature=reversalauth&Data=<R>...</R>

Sample `Void Pre-Auth` Request
<?php
function httpPost($url, $params) //Post method
{
	$params = urldecode(http_build_query($params)); //Convert our array of params into query string, URL decode the result to prevent data corruption
	
	$ch = curl_init($url); //create a new cURL resource
	
	//set appropriate options
	curl_setopt($ch, CURLOPT_POST, 1);
	curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
	curl_setopt($ch, CURLOPT_HEADER, 0);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	
	$response = curl_exec($ch); //grab URL and pass it to the browser while assigning the response to `$response`
	
	curl_close($ch); //close cURL resource, and free up system resources
	
    return $response;
}

$APIURL = "https://staging.ecomm365.com/acqapi/service.ashx"; //Set API URL to eComm staging environment
$params = array(
"APISignature" => "Reversalauth", //API Signature - Please notice the `Reversalauth` signature here for the Void Pre-Auth request
"MessageID" => GUID(), //A new GUID is required for every new API Call
"Username" => "SomeName", //API Username
"Password" => "SomePassword", //API Password
"Data" => "<R>...</R>" //Data fields required for request
);

$Response = httpPost($APIURL, $params); //User defined function used to POST data to API and assign the response to `$Response` variable
$XMLDataArray = simplexml_load_string($Response); //Used to parse XML at ease
//...

/* Obtain information from response fields */
$ResponseR1 = (string)$XMLDataArray->R1;
$ResponseR2 = (string)$XMLDataArray->R2;
//... etc

//Or loop through the elements
/* END */

//More Code...
?>

// Location: /TermURL/
[HttpPost]
public IActionResult index(string PaRes)
{
	HttpWebRequest httpWReq = (HttpWebRequest)WebRequest.Create("https://staging.ecomm365.com/acqapi/service.ashx"); //Create webrequest while setting the API URL to eComm staging environment
	UTF8Encoding encoding = new UTF8Encoding(); //Represents a UTF-8 encoding of Unicode characters.

	string pData = "username=SomeName"; //API Username
	pData += "&password=SomePassword"; //API Password
	pData += "&messageId=" + System.Guid.NewGuid().ToString();  //A new GUID is required for every new API Call
	pData += "&ApiSignature=Reversalauth"; //API Signature - Please notice the `Reversalauth` signature here for the Void Pre-Auth request
	
	pData += "&Data=" + WebUtility.UrlEncode(@"<R>...</R>"); //Data fields required for request

	byte[] data = encoding.GetBytes(pData); //Getting Bytes for data

	httpWReq.Method = "POST"; //HTTP Method - POST
	httpWReq.ContentType = "application/x-www-form-urlencoded"; //Setting the correct Content Type
	httpWReq.ContentLength = data.Length; //Getting Content Length

	//Create POST data and convert it to a byte array.
	byte[] byteArray = Encoding.UTF8.GetBytes(pData);

	// Get the request stream.
	Stream dataStream = httpWReq.GetRequestStream();

	// Write the data to the request stream.
	dataStream.Write(byteArray, 0, byteArray.Length);

	// Close the Stream object.
	dataStream.Close();

	HttpWebResponse response = (HttpWebResponse)httpWReq.GetResponse(); //Assign response to `response` variable
	string responseString = new StreamReader(response.GetResponseStream()).ReadToEnd(); //Obtain response from post

	/* Parse XML from response */
	XmlDocument xDoc = new XmlDocument();
	xDoc.LoadXml(responseString);
	/* END */

	/* Obtain information from response fields */
	XmlNodeList ResponseR1 = xDoc.GetElementsByTagName("R1");
	XmlNodeList ResponseR2 = xDoc.GetElementsByTagName("R2");
	//... etc

	//Or loop through the elements
	/* END */

	//More code...
	
	return View();
}

Available Form Data Fields

Below is a table containing all the available fields for passing POST data into the data parameter within the `Void Pre-Auth` request. The value you enter for the Amount field must not exceed the total used in the sale request as the request will fail.

FieldName Description Required FieldDefinition
R1 Transaction Code.

The Transaction Code used in the Sale request. 		Y AN(40)
R2 Vendor ID Y AN(50)
R3 Reason for Void-Pre Auth.

Please choose from the reasons below and use the number associated with the reason:

Visa:
  • 1 - Transaction Voided By Customer
  • 2 - Transaction Not Completed
  • 3 - No confirmation From Point Of Service
Mastercard:
  • 1 - Customer Cancellation
  • 2 - Error
  • 3 - Response Received Late
  • 4 - Suspect Fraud
 Y AN(50)

Available Form Data Fields - Validation

Below is a table containing all the available fields for the data parameter within the `Void Pre-Auth` request including its validation. These are used when constructing your data.

FieldName Description Validation
R1 Transaction Code ^[-_0-9A-Za-z]{0,40}$
R2 Vendor ID ^[a-zA-Z0-9 ,'._-]{0,50}$
R3 Reason For Void Pre-Auth ^[0-9]{1}$

Sample `Void Pre-Auth` XML Document

The below sample demonstrates what is expected when passing POST data into the data parameter.
When forming the data parameter, please refer to our guidelines above. 

<!-- Void Pre-Auth Request Demonstration -->
<R>
	<R1>43DAAL4B-78CF-4000-AC6B-EBA1F1116229</R1>
	<R2>1000596</R2>
	<R3>1</R3>
</R>

Data Returned

Below are the expected XML fields returned from your request.

FieldName Description FieldDefinition
R1 Error Code

Please see Appendix A for a list of available error codes. 		N(4)
R2 Description

Please see Appendix A for a list of descriptions. 		AN(250)

Expected XML Documents

This section demonstrates the expected XML document responses returned from the HTTP POST once the request has passed validations.

Expected error code responses:
  1. 0050 - Indicates the confirmation notification will be sent to the Notification URL.

Sample XML Response (0050):
<!-- Sample Server Response, XML Document -->
<?xml version="1.0"?>
<R>
	<R1>0050</R1>
	<R2>Void pre-authorisation received</R2>
</R>