tokenDigitizeDecisionAlipay+ → MPP
Alipay+ calls the tokenDigitizeDecision API to provide the Mobile Payment Provider (MPP) with provisioning and risk data to support its decision-making and to retrieve applicable activation method details when additional authentication is required.
Structure
A message consists of a header and body. The following sections are focused on the body structure. For the header structure, see:
Note:
- Set the data type of each parameter (except array) as String. This means that you must use double quotation marks (" ") to enclose the parameter value. Examples:
- If the data type of a parameter is Integer and its value is 20, set it as "20".
- If the data type of a parameter is Boolean and its value is
true, set it as "true".
- For optional parameters that are not required in your case, you can take one of the following actions:
- Exclude the parameters from the request body.
- Set the parameter values as
null(without the double quotation marks).
Do NOT leave the optional parameters empty by setting their values as ""; otherwise, an error might occur.
Request parameters
tokenReferenceId String REQUIRED
The unique ID assigned by Alipay+ to identify a token when it is created.
More information:
- Maximum length: 64 characters
customerId String
The unique ID that is assigned by the MPP to identify a user.
More information:
- Maximum length: 64 characters
tokenType String REQUIRED
The token type.
Valid values are:
EMBEDDED_SE: embedded secure elementCLOUD: Mastercard cloud-based paymentsSTATIC: static token
walletId String
The unique ID used to identify the wallet provider requesting the token digitization.
More information:
- Maximum length: 16 characters
tokenRequestorId String
The unique ID used to identify the token requestor requesting the token digitization.
More information:
- Maximum length: 16 characters
consumerFacingEntityName String
The name of the entity where the user stores their tokens (e.g., a specific wallet, merchant, or platform).
More information:
- Maximum length: 128 characters
paymentAppInstanceId String
The unique ID of the payment app instance on the device. This parameter is provided when supplied by a wallet provider.
More information:
- Maximum length: 64 characters
accountSource String
The source of this account information.
Valid values are:
ACCOUNT_ON_FILE: Pre-stored account.ACCOUNT_ADDED_MANUALLY: Manually entered by the user.ACCOUNT_ADDED_VIA_APPLICATION: Added via another app (e.g., banking app).EXISTING_TOKEN_CREDENTIAL: Derived from an existing token.ACCOUNT_ADDED_VIA_BROWSER: Added via a web browser.ACCOUNT_ADDED_VIA_CHIP_DATA: Added via chip data, including contactless Mastercard chip data.
accountHolder AccountHolder
Additional information used to identify the account holder.
accountIdHash String
The SHA-256 hash of the account holder's ID. The ID is provided by the MPP and typically is an email address.
More information:
- Maximum length: 64 characters
mobileNumberSuffix String
The last digits of the device's mobile phone number, typically the last 4 digits.
More information:
- Maximum length: 32 characters
walletProviderDecisioningInfo WalletProviderDecisioningInfo
Risk recommendations from the wallet provider to support the MPP's decision.
deviceInfo DeviceInfo
Information about the device where the account has been digitized.
associatedToken AssociatedToken
Information about an existing token associated with the current digitization request.
aplusDecisioningInfo AplusDecisioningInfo
Risk recommendations from Alipay+ to support the MPP's decision.
Response parameters
result Result REQUIRED
The result of the business processing, including the result code, result status, and result message. For more information about how to return the result in different payment scenarios, see How to return the result in the More information section of this topic.
activationMethods Array<ActivationMethod>
The set of activation methods to be used for this digitization.
decision String
The authorization decision for the service request.
This parameter is returned if the value of result.resultCode is SUCCESS.
Valid values are:
APPROVED: The service request is approved.REQUIRE_ADDITIONAL_AUTHENTICATION: The service request requires additional authentication to be approved. One or more activation methods should be provided.DECLINED: The service request is declined.
Request
Response
More information
How to return the result
According to the request processing result, the MPP needs to return the corresponding result (specified by the result parameter):
- If the business processing succeeds, set the value of result.resultStatus to
Sand the value of result.resultCode toSUCCESS. - If the business processing fails, set the value of result.resultStatus to
Fand the value of result.resultCode accordingly. - If the business processing result is unknown, set the value of result.resultStatus to
Uand the value of result.resultCode accordingly.
For more information about how to define your result codes, see the Result codes section below.
Result/Error codes
| Code | Value | Message | Further action |
|---|---|---|---|
| SUCCESS | S | Success | |
| ACCESS_DENIED | F | Access is denied. | |
| INVALID_SIGNATURE | F | The signature is invalid. | |
| INVALID_CLIENT | F | The client is invalid. | |
| KEY_NOT_FOUND | F | The key is not found. | |
| MEDIA_TYPE_NOT_ACCEPTABLE | F | The server does not implement the media type that is acceptable to the client. | |
| METHOD_NOT_SUPPORTED | F | The server does not implement the requested HTTP method. | |
| NO_INTERFACE_DEF | F | API is not defined. | |
| PARAM_ILLEGAL | F | Illegal parameters exist. For example, a non-numeric input, or an invalid date. | |
| USER_NO_ACTIVATE_METHOD | F | User has no available activation method. | |
| PROCESS_FAIL | F | A general business failure occurred. Don't retry. | |
| USER_NOT_EXIST | F | The user does not exist. | |
| USER_STATUS_ABNORMAL | F | The user status is abnormal. | |
| REQUEST_TRAFFIC_EXCEED_LIMIT | U | The request traffic exceeds the limit. | |
| UNKNOWN_EXCEPTION | U | An API calling is failed, which is caused by unknown reasons. |