> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/d1-v1-api/d1-v1-api-references/card-operations/inbound/3-d-secure-operations.md).
# 3 D Secure Operations
Different operations linked to 3-D secure.
## Get all 3-D Secure operations
> This request is used by the issuer backend to retrieve all operations related to a card. The API specifies the starting point (offset) and the number of operations (limit) to be retrieved. Offset 0 (the default) corresponds to the most recent operation. For example a limit of 5 and an offset of 2 would return the five most recent operations before the most recent two”.\
> \
> If no operations are available for the given cardId, an empty list is returned.\
> \
> Operations that are older than one year are removed.
```json
{"openapi":"3.0.0","info":{"title":"Inbound Card API","version":"1.0"},"tags":[{"name":"3-D Secure Operations","description":"Different operations linked to 3-D secure."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking/v1","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking/v1","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"3dsCardOperation":{"title":"3-D Secure Operation","type":"object","description":"Details about a 3-D Secure operation.","required":["operationId","operation","status","startTime"],"properties":{"operationId":{"$ref":"#/components/schemas/operationId"},"operation":{"type":"string","description":"The operation type.","enum":["3DS_FRICTIONLESS","3DS_CHALLENGE_OOB","3DS_CHALLENGE_OOB_ISSUER","3DS_CHALLENGE_OTP_SMS"]},"status":{"$ref":"#/components/schemas/operationStatusSuccessfulFailed"},"startTime":{"$ref":"#/components/schemas/operationStartTime"},"consumerId":{"$ref":"#/components/schemas/consumerId"},"details":{"oneOf":[{"title":"3DS_FRICTIONLESS, 3DS_CHALLENGE_OOB, 3DS_CHALLENGE_OTP_SMS operations","properties":{"acsTransactionId":{"description":"The ACS transaction identifier.","type":"string"},"threeDSServerTransId":{"description":"The authentication session identifier from the 3DS server.","type":"string"},"dsTransId":{"description":"The authentication session identifier from the directory server.","type":"string"},"purchase":{"type":"object","properties":{"merchantName":{"description":"The merchant name.","type":"string"},"merchantType":{"description":"The merchant category code.","type":"string","minLength":4,"maxLength":4},"amount":{"description":"The nominal transaction amount value. Value without the decimal operator. Use the currency exponent to display amount with decimal. For example, an display amount of 789.99€ Euro is sent as 78999.","type":"string"},"currencyCode":{"description":"The transaction currency code. Currency code in ISO 4217 alpha code format.","type":"string","minLength":3,"maxLength":3},"merchantId":{"description":"The acquirer merchantId.","type":"string"},"countryCode":{"description":"The merchant country code.","type":"string","minLength":2,"maxLength":2},"merchantUrl":{"description":"The merchant URL.","type":"string","format":"uri"}}},"acquirer":{"type":"object","properties":{"bin":{"type":"string","maxLength":16},"countryCode":{"description":"The merchant country code.","type":"string","minLength":2,"maxLength":2}}},"device":{"type":"object","properties":{"deviceChannel":{"description":"The device channel. '01' is App-based, '02' is Browser, '03' is 3DS Requestor Initiated.","enum":["01","02","03"],"type":"string"},"appInstanceId":{"$ref":"#/components/schemas/appInstanceId"},"authnType":{"$ref":"#/components/schemas/authnType"}}},"eci":{"description":"The Electronic Commerce Indicator.","type":"string"},"authenticationMethod":{"description":"The Authentication method used in case of challenge flow. '02' is SMS OTP, '07' is OOB Biometrics, '09' is OOB Other.'","type":"string","enum":["02","07","09"]},"transStatus":{"description":"Indicates whether a transaction qualifies as an authenticated transaction or account verification.\r\n\r\n|Operation Status|TransStatus Possible Values|TransStatus Description|\r\n|----|----|----|\r\n|SUCCESSFUL|Y|Authentication/account verification is successful|\r\n|FAILED|N|Not authenticated/account not verified; transaction denied|\r\n|FAILED|U|Authentication/account verification could not be performed; technical or other problem|\r\n|FAILED|R|Authentication/account verification rejected|\r\n","type":"string","enum":["Y","N","U","R"]},"transStatusReason":{"description":"Provides information on why the Transaction Status field has the specified value.","type":"string","minLength":2,"maxLength":2},"rba":{"type":"object","properties":{"evaluatedRule":{"type":"array","items":{}},"selectedRule":{"type":"array","items":{}},"appliedExemption":{"type":"array","items":{}}}},"protocolVersion":{"type":"string","description":"Version of the 3DS protocol used for the transaction."}}}],"type":"object"},"error":{"$ref":"#/components/schemas/operationError"}}},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"[A-Za-z0-9_-]{1,64}"},"operationStatusSuccessfulFailed":{"type":"string","description":"Status of the operation","enum":["SUCCESSFUL","FAILED"]},"operationStartTime":{"type":"string","title":"Operation Start Time","description":"The time the request has been processed.\nFormat ISO 8601 YYYY-MM-DDThh:mm:ssTZD","minLength":1,"maxLength":64},"consumerId":{"type":"string","description":"Unique identifier of the end user. ","minLength":1,"maxLength":64,"pattern":"[A-Za-z0-9_-]{1,64}"},"appInstanceId":{"description":"Unique identifier of the issuer application instance.","type":"string"},"authnType":{"type":"string","enum":["BIOMETRIC","PLATFORM"]},"operationError":{"type":"string","description":"Human readable string representing the error, only present in case of operation failure"},"errorGeneric":{"type":"object","description":"Generic error returned by the APIs.","properties":{"error":{"type":"string","description":"Description of the error.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"BadRequest":{"description":"Bad Request, Invalid request URI or header, or unsupported non-standard parameter","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"Unauthorized":{"description":"The provided Authorization header is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"NotFound":{"description":"Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}}},"parameters":{"offset-query-no-max":{"name":"offset","in":"query","schema":{"type":"integer","minimum":0},"description":"Index from which the query starts returning operations – Offset 0 (the default) corresponds to the most recent operation."},"limit-query":{"name":"limit","in":"query","schema":{"type":"integer","minimum":1,"maximum":50,"default":10},"description":"Number of operations to be returned"}}},"paths":{"/issuers/{issuerId}/cards/{cardId}/3ds/operations":{"get":{"summary":"Get all 3-D Secure operations","responses":{"200":{"description":"Successful","content":{"application/json":{"schema":{"type":"object","properties":{"operations":{"type":"array","items":{"$ref":"#/components/schemas/3dsCardOperation"}},"remainingOperations":{"type":"integer"}}}}}},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"404":{"$ref":"#/components/responses/NotFound"},"500":{"$ref":"#/components/responses/InternalServerError"}},"tags":["3-D Secure Operations"],"operationId":"get-all-card-3ds-operations-by-cardId","parameters":[{"$ref":"#/components/parameters/offset-query-no-max"},{"$ref":"#/components/parameters/limit-query"}],"description":"This request is used by the issuer backend to retrieve all operations related to a card. The API specifies the starting point (offset) and the number of operations (limit) to be retrieved. Offset 0 (the default) corresponds to the most recent operation. For example a limit of 5 and an offset of 2 would return the five most recent operations before the most recent two”.\n\nIf no operations are available for the given cardId, an empty list is returned.\n\nOperations that are older than one year are removed."}}}}
```
## Get 3-D Secure operation
> This request is used by the issuer backend to retrieve the information related to a 3-D Secure operation on a card.\
> \
> Getting an operation older than one year will return an error.
```json
{"openapi":"3.0.0","info":{"title":"Inbound Card API","version":"1.0"},"tags":[{"name":"3-D Secure Operations","description":"Different operations linked to 3-D secure."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking/v1","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking/v1","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"3dsCardOperation":{"title":"3-D Secure Operation","type":"object","description":"Details about a 3-D Secure operation.","required":["operationId","operation","status","startTime"],"properties":{"operationId":{"$ref":"#/components/schemas/operationId"},"operation":{"type":"string","description":"The operation type.","enum":["3DS_FRICTIONLESS","3DS_CHALLENGE_OOB","3DS_CHALLENGE_OOB_ISSUER","3DS_CHALLENGE_OTP_SMS"]},"status":{"$ref":"#/components/schemas/operationStatusSuccessfulFailed"},"startTime":{"$ref":"#/components/schemas/operationStartTime"},"consumerId":{"$ref":"#/components/schemas/consumerId"},"details":{"oneOf":[{"title":"3DS_FRICTIONLESS, 3DS_CHALLENGE_OOB, 3DS_CHALLENGE_OTP_SMS operations","properties":{"acsTransactionId":{"description":"The ACS transaction identifier.","type":"string"},"threeDSServerTransId":{"description":"The authentication session identifier from the 3DS server.","type":"string"},"dsTransId":{"description":"The authentication session identifier from the directory server.","type":"string"},"purchase":{"type":"object","properties":{"merchantName":{"description":"The merchant name.","type":"string"},"merchantType":{"description":"The merchant category code.","type":"string","minLength":4,"maxLength":4},"amount":{"description":"The nominal transaction amount value. Value without the decimal operator. Use the currency exponent to display amount with decimal. For example, an display amount of 789.99€ Euro is sent as 78999.","type":"string"},"currencyCode":{"description":"The transaction currency code. Currency code in ISO 4217 alpha code format.","type":"string","minLength":3,"maxLength":3},"merchantId":{"description":"The acquirer merchantId.","type":"string"},"countryCode":{"description":"The merchant country code.","type":"string","minLength":2,"maxLength":2},"merchantUrl":{"description":"The merchant URL.","type":"string","format":"uri"}}},"acquirer":{"type":"object","properties":{"bin":{"type":"string","maxLength":16},"countryCode":{"description":"The merchant country code.","type":"string","minLength":2,"maxLength":2}}},"device":{"type":"object","properties":{"deviceChannel":{"description":"The device channel. '01' is App-based, '02' is Browser, '03' is 3DS Requestor Initiated.","enum":["01","02","03"],"type":"string"},"appInstanceId":{"$ref":"#/components/schemas/appInstanceId"},"authnType":{"$ref":"#/components/schemas/authnType"}}},"eci":{"description":"The Electronic Commerce Indicator.","type":"string"},"authenticationMethod":{"description":"The Authentication method used in case of challenge flow. '02' is SMS OTP, '07' is OOB Biometrics, '09' is OOB Other.'","type":"string","enum":["02","07","09"]},"transStatus":{"description":"Indicates whether a transaction qualifies as an authenticated transaction or account verification.\r\n\r\n|Operation Status|TransStatus Possible Values|TransStatus Description|\r\n|----|----|----|\r\n|SUCCESSFUL|Y|Authentication/account verification is successful|\r\n|FAILED|N|Not authenticated/account not verified; transaction denied|\r\n|FAILED|U|Authentication/account verification could not be performed; technical or other problem|\r\n|FAILED|R|Authentication/account verification rejected|\r\n","type":"string","enum":["Y","N","U","R"]},"transStatusReason":{"description":"Provides information on why the Transaction Status field has the specified value.","type":"string","minLength":2,"maxLength":2},"rba":{"type":"object","properties":{"evaluatedRule":{"type":"array","items":{}},"selectedRule":{"type":"array","items":{}},"appliedExemption":{"type":"array","items":{}}}},"protocolVersion":{"type":"string","description":"Version of the 3DS protocol used for the transaction."}}}],"type":"object"},"error":{"$ref":"#/components/schemas/operationError"}}},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"[A-Za-z0-9_-]{1,64}"},"operationStatusSuccessfulFailed":{"type":"string","description":"Status of the operation","enum":["SUCCESSFUL","FAILED"]},"operationStartTime":{"type":"string","title":"Operation Start Time","description":"The time the request has been processed.\nFormat ISO 8601 YYYY-MM-DDThh:mm:ssTZD","minLength":1,"maxLength":64},"consumerId":{"type":"string","description":"Unique identifier of the end user. ","minLength":1,"maxLength":64,"pattern":"[A-Za-z0-9_-]{1,64}"},"appInstanceId":{"description":"Unique identifier of the issuer application instance.","type":"string"},"authnType":{"type":"string","enum":["BIOMETRIC","PLATFORM"]},"operationError":{"type":"string","description":"Human readable string representing the error, only present in case of operation failure"},"errorGeneric":{"type":"object","description":"Generic error returned by the APIs.","properties":{"error":{"type":"string","description":"Description of the error.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"BadRequest":{"description":"Bad Request, Invalid request URI or header, or unsupported non-standard parameter","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"Unauthorized":{"description":"The provided Authorization header is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"NotFound":{"description":"Resource not found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}}}},"paths":{"/issuers/{issuerId}/cards/{cardId}/3ds/operations/{operationId}":{"get":{"summary":"Get 3-D Secure operation","tags":["3-D Secure Operations"],"operationId":"get-card-3ds-operation-operationId","description":"This request is used by the issuer backend to retrieve the information related to a 3-D Secure operation on a card.\n\nGetting an operation older than one year will return an error.\n","responses":{"200":{"description":"Successful","content":{"application/json":{"schema":{"$ref":"#/components/schemas/3dsCardOperation"}}}},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"404":{"$ref":"#/components/responses/NotFound"},"500":{"$ref":"#/components/responses/InternalServerError"}}}}}}
```
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://docs.payments.thalescloud.io/d1-v1-api/d1-v1-api-references/card-operations/inbound/3-d-secure-operations.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.