Build an authorization integration

Implement authorization and capture flows using the Onerway Direct API. Reserve funds first, then capture or void later for delayed fulfillment scenarios.

Overview

Use the Onerway Direct API to implement authorization and capture flows where you reserve funds on a customer's card first, then decide whether to capture or void the authorization later. This is ideal for delayed fulfillment scenarios such as hotel bookings, car rentals, or ship-on-order workflows.

Because you directly handle cardholder data (CHD), this integration requires PCI DSS compliance.

Constraints

Constraint	Detail
Supported card types	Credit Card, Debit Card
Capture window	Capture within 3 days after authorization; uncaptured authorizations auto-expire
Void eligibility	Only before capture, void, or expiration

How authorization works

Authorize — Send an AUTH request. Onerway places a hold on the customer's card without transferring funds.
3DS (if required) — If the sync response returns status=R, redirect the customer to redirectUrl. The final result arrives via webhook.
Capture or void — Capture to transfer funds, or void to release the hold.

Use signature-verified webhook events as the source of truth for final transaction status. Synchronous responses are only for immediate UI feedback.

Integration steps

1. Create an authorization

Send a payment request with txnType set to AUTH. All other parameters are the same as a standard Direct Card PaymentPayments API.

Key differences from a standard payment

Parameter	Standard payment	Authorization
`txnType`	`SALE`	`AUTH`
`subProductType`	`DIRECT`	`DIRECT` (unchanged)
`productType`	`CARD`	`CARD` (unchanged)

Response handling

`status`	Meaning	Action
`S`	Authorization succeeded	Store `transactionId` for capture or void
`R`	3DS required	Redirect customer to `redirectUrl`; await webhook for final result
`F`	Authorization failed	Check `reason` field for details

For the complete request/response field reference, see the API Reference — AuthorizationPayments API.

2. Capture the authorization

Send a CAPTURE request to transfer the reserved funds. Reference the original authorization via originTransactionId.

Request parameters

Parameter	Required	Description
`merchantNo`	Yes	Your merchant number
`merchantTxnId`	Yes	A new unique transaction ID for this capture
`originTransactionId`	Yes	`transactionId` from the original AUTH webhook
`txnType`	Yes	`CAPTURE`
`sign`	Yes	Request signature

Example

{
  "merchantNo": "800209",
  "merchantTxnId": "capture_1721288823000",
  "originTransactionId": "1815983598810308608",
  "txnType": "CAPTURE",
  "sign": "your_calculated_signature"
}

{
  "respCode": "20000",
  "respMsg": "Success",
  "data": {
    "transactionId": "1813842908840075264",
    "orderAmount": "200.00",
    "orderCurrency": "USD",
    "status": "P"
  }
}

The sync response returns status=P (pending). The final result arrives via webhook notification.

For the complete field reference, see the API Reference — CapturePayments API.

3. Void an authorization (optional)

If you no longer need to capture the funds, send a VOID request to release the hold immediately. Common scenarios:

Customer cancels the order before capture
Item is out of stock after authorization
Authorization was created in error

Request parameters

Parameter	Required	Description
`merchantNo`	Yes	Your merchant number
`merchantTxnId`	Yes	A new unique transaction ID for this void
`originTransactionId`	Yes	`transactionId` from the original AUTH webhook
`txnType`	Yes	`VOID`
`sign`	Yes	Request signature

Example

{
  "merchantNo": "800209",
  "merchantTxnId": "void_1721288823000",
  "originTransactionId": "1815983598810308608",
  "txnType": "VOID",
  "sign": "your_calculated_signature"
}

{
  "respCode": "20000",
  "respMsg": "Success",
  "data": {
    "transactionId": "1921498535157956608",
    "orderAmount": "200.00",
    "orderCurrency": "USD",
    "status": "P"
  }
}

The sync response returns status=P (pending). The final result arrives via webhook notification.

For the complete field reference, see the API Reference — ReversalPayments API.

Error handling

Error Code	Description	Solution
`13032`	Capture or void already carried out	Verify transaction status before retrying. If already captured, use refund instead.
`70002`	Unknown decline	Contact Onerway support

Best practices

Store transactionId from the AUTH webhook — you need it for both capture and void
Track expiration — set up alerts for uncaptured authorizations approaching the validity window
Webhook as source of truth — never rely on sync responses for final business decisions
Idempotent processing — track transaction status to prevent duplicate capture or void attempts
Timely action — capture promptly after fulfillment; void promptly on cancellation

Next steps

API Reference — AuthorizationPayments API — Full request/response field reference
API Reference — CapturePayments API — Capture endpoint details
API Reference — ReversalPayments API — Void endpoint details
Build a subscriptions integration — Recurring billing with Direct API

Build a subscriptions integration

Implement recurring billing with managed or self-managed subscriptions using the Onerway Direct API. Requires PCI DSS compliance.

Card payments

Accept payments from Visa, Mastercard, American Express, and other major card brands globally.