Event Code 106 - Tokenisation Authorisation Request (TAR)
Use Webhook event 106 to receive Tokenisation Authorisation Request (TAR) notifications, including token provisioning outcomes and scheme-specific risk assessment details.
The 106 event code is used to send out a Tokenisation Authorisation Request (TAR).
{
"productId": 12345,
"events": [106],
"webhookStatus": "active",
"config": {
"url": "https://client_domain.com/webhook",
"customHeaders": {
"header1": "value_1",
"header2": "value_2"
}
}
}After the webhook has been successfully set up, when a Tokenisation Authorisation Request (TAR) is received, a notification response is sent asynchronously from the Event Delivery Service to the URL specified in the webhook. See the below example of a response.
{
"context": {
"notificationId": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"eventCode": 106,
"eventVersion": "v1",
"notificationTime": "2024-01-24T23:20:28Z"
},
"payload": {
"publicToken": "123456789",
"productId": "124",
"paymentToken": "987654321",
"dpan": "5168563000002547",
"networkTokenReference": "67024958022",
"provisioningTraceId": "VIS1-20210318-381077544887139",
"tokenisationServiceDateTime": "2024-10-29T15:16:30Z",
"processorDateTime": "2024-10-29T15:16:50Z",
"responseCode": "85",
"requestSource": "MOBILE_BANKING_APP",
"tokenRequestorId": "1234",
"orangeFlowIndicator": true,
"provisioningFlow": "Yellow",
"tokenisationReasonCodes": [
"02",
"04"
]
}
}The below table describes each of the fields included in the notification response.
| Field | Description |
|---|---|
| context | Object that contains the context of the notification, such as the event code. |
| notificationId | Unique identifier of the notification. |
| eventCode | The event code. In this case, the event code is 106. |
| eventVersion | The event version. |
| notificationTime | When the notification was created. Time in the UTC format of 'yyyy-MM-ddTHH:mm:ssZ'. |
| payload | Object that contains the payload of the notification, which is specific to the event code. |
| publicToken | The public token associated with the TAR notification. |
| productId | The unique identifier of the product. |
| paymentToken | Thredd's internal identifier for the payment token. |
| dpan | The Digital Primary Account Number (DPAN) for the payment token. |
| networkTokenReference | The unique token reference from the network. |
| provisioningTraceId | The lifecycle identifier used to correlate related tokenisation events. |
| tokenisationServiceDateTime | The event generation timestamp from the tokenisation service. |
| processorDateTime | The event processing timestamp from Thredd. |
| responseCode | Identifies the action taken by Thredd for the tokenisation request:
|
| requestSource | The provisioning request source. |
| tokenRequestorId | The unique identifier of the token request initiator. |
| orangeFlowIndicator | Identifies if a given authorisation request is flagged as high fraud risk by Apple (Orange Flow). Based on the 9th character of the wallet_reasons attribute. |
| provisioningFlow | Indicates the provisioning risk assessment outcome returned by the card scheme during token provisioning. Possible values are Green, Yellow, or Red. |
| tokenisationReasonCodes | Array of reason codes returned by the card scheme indicating factors that contributed to the tokenisation or provisioning risk assessment.
|
Updated 26 days ago
Did this page help you?
