Norwegian Air Shuttle API - NAS Payment Service Providers

OrderCreate with 3-D-Secure

When you send an OrderCreateRQ and 3-D-Secure is required for the payment card, we will respond with a CustomerInputRQ instead of the OrderViewRS. The CustomerInputRQ is a way for the API to tell the client that more information is required to be able to proceed.

API flow

The message pair CustomerInputRQ/RS from NDC 17.2 schema is used when 3-D Secure is required.

Multiple redirects occur at the OTA and User-agent before a CustomerInputRS can be sent back to the Norwegian NDC API.

Important

The following information is mandatory in the OrderCreateRQ for the 3-D-Secure to succeed.

OrderCreateParameters/Alerts/Alert/SecurePaymentAlert/Details/CustomerDevice/IP_Address OrderCreateParameters/Alerts/Alert/SecurePaymentAlert/Details/CustomerDevice/BrowserUserAgentHeader

OrderCreateParameters/Alerts/Alert/SecurePaymentAlert/URLs/FailURL OrderCreateParameters/Alerts/Alert/SecurePaymentAlert/URLs/TermURL

Examples

Request: OrderCreateRQ

HTTP Request

[show]

URLs needed from OTA/Aggregator in setup of 3D secure support
TermURL	The URL to which the user will be directed to at the conclusion of 3D secure authentication.
FailURL	URL to which the user will be directed in the event of a 3D secure authorisation failure.

URLs needed from OTA/Aggregator in setup of 3D secure support

TermURL

The URL to which the user will be directed to at the conclusion of 3D secure authentication.

FailURL

URL to which the user will be directed in the event of a 3D secure authorisation failure.

Response: CustomerInputRQ

HTTP Response

[show]

Element
Transaction Type	3D Secure Transaction Type Value: Authorize Description: Authorize the amount (no funds transferred)
SPM_TxnReference	Secure Payment transaction reference. Must be returned in CustomerInputRS.
OriginalTransactionID	The identifier of the original transaction that initiated this authentication. Must be returned in CustomerInputRS.
ACS_URL	3DS Access Control System URL. The browser should simply redirect to this URL.

Element

Transaction Type

3D Secure Transaction Type

Value: Authorize

Description: Authorize the amount (no funds transferred)

SPM_TxnReference

Secure Payment transaction reference. Must be returned in CustomerInputRS.

OriginalTransactionID

The identifier of the original transaction that initiated this authentication. Must be returned in CustomerInputRS.

ACS_URL

3DS Access Control System URL. The browser should simply redirect to this URL.

Request: CustomerInputRS

HTTP Request

[show]

Element
SPM_TxnReference	Secure Payment transaction reference. Value from CustomerInputRQ.
OriginalTransactionID	The identifier of the original transaction that initiated this authentication. Value from CustomerInputRQ.
Status	3DS Program ACS Customer Authentication status. Value: Y Description: Customer Authenticated --- Value: N Description: Customer not authenticated --- Value: A Description: An authentication attempt occurred but could not be completed --- Value: U Description: Unable to perform authentication

Element

SPM_TxnReference

Secure Payment transaction reference. Value from CustomerInputRQ.

OriginalTransactionID

The identifier of the original transaction that initiated this authentication. Value from CustomerInputRQ.

Status

3DS Program ACS Customer Authentication status.

Value: Y

Description: Customer Authenticated

---

Value: N

Description: Customer not authenticated

---

Value: A

Description: An authentication attempt occurred but could not be completed

---

Value: U

Description: Unable to perform authentication

Response: OrderViewRS

HTTP Response

[show]

HTTP/1.1 200 OK
vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/vnd.nas.ndc.v17.2+xml;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 22 Nov 2024 15:02:01 GMT
Keep-Alive: timeout=60
Connection: keep-alive
Content-Length: 7815

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OrderViewRS xmlns="http://www.iata.org/IATA/EDIST/2017.2" xmlns:ns2="http://services.norwegian.com/retail/ndc/extensions" TimeStamp="2024-11-22T16:02:01.568417+01:00" Target="Test" Version="17.2" TransactionIdentifier="fhdhdks-222ff-222-dssfd-ddds" CorrelationID="test-550e84d5-0630-4091-ad79-9e2230693faf">
    <Document/>
    <Success/>
    <Response>
        <Order OrderID="oda7bed0353e94ff0b8342fb800290c33" Owner="DY" WebAddressID="http://portal.dev.norwegian.com/en/start/booking/details?pnr=KVDKDR&amp;pnrName=JZNKZTEST">
            <BookingReferences>
                <BookingReference>
                    <ID>KVDKDR</ID>
                    <AirlineID>DY</AirlineID>
                </BookingReference>
            </BookingReferences>
            <TotalOrderPrice>
                <SimpleCurrencyPrice Code="NOK">2245.00</SimpleCurrencyPrice>
            </TotalOrderPrice>
            <Status>
                <StatusCode>OK</StatusCode>
            </Status>
            <Payments>
                <Payment>
                    <Type>CC</Type>
                    <Amount>
                        <SimpleCurrencyPrice Code="NOK">2245.00</SimpleCurrencyPrice>
                    </Amount>
                    <Method>
                        <VoucherMethod>
                            <Number>71bd29e0d56b487ca5b94a76ac81180e</Number>
                        </VoucherMethod>
                    </Method>
                </Payment>
            </Payments>
            <OrderItems>
                <OrderItem OrderItemID="oi2f283e281bac4ec2b30887d04bdeeb49" Owner="DY">
                    <PriceDetail>
                        <BaseAmount Code="NOK">1821.43</BaseAmount>
                        <Taxes>
                            <Total Code="NOK">423.57</Total>
                        </Taxes>
                    </PriceDetail>
                    <Service ServiceID="SERVICE__PAX__ADT01-SGMF94A8749146B48C385E33A7731211A50">
                        <PassengerRef>PAX__ADT01</PassengerRef>
                        <SegmentRef>SGMF94A8749146B48C385E33A7731211A50</SegmentRef>
                    </Service>
                </OrderItem>
            </OrderItems>
        </Order>
        <Commission>
            <Amount Code="NOK">0</Amount>
        </Commission>
        <DataLists>
            <PassengerList>
                <Passenger PassengerID="PAX__ADT01">
                    <PTC>ADT</PTC>
                    <Individual>
                        <Birthdate>1974-12-12</Birthdate>
                        <NameTitle>MR</NameTitle>
                        <GivenName>tiVRM</GivenName>
                        <Surname>jZNKZTest</Surname>
                    </Individual>
                    <ContactInfoRef>CI__PAX__ADT01</ContactInfoRef>
                </Passenger>
            </PassengerList>
            <ContactList>
                <ContactInformation ContactID="CI__PAX__ADT01">
                    <ContactProvided>
                        <EmailAddress>
                            <EmailAddressValue>[email protected]</EmailAddressValue>
                        </EmailAddress>
                    </ContactProvided>
                    <ContactProvided>
                        <Phone>
                            <CountryDialingCode>47</CountryDialingCode>
                            <PhoneNumber>99887766</PhoneNumber>
                        </Phone>
                    </ContactProvided>
                </ContactInformation>
            </ContactList>
            <FlightSegmentList>
                <FlightSegment SegmentKey="SGMF94A8749146B48C385E33A7731211A50">
                    <Departure refs="COUNTRY-NO">
                        <AirportCode>OSL</AirportCode>
                        <Date>2021-03-08</Date>
                        <Time>15:05</Time>
                        <AirportName>Oslo-Gardermoen</AirportName>
                    </Departure>
                    <Arrival refs="COUNTRY-NO">
                        <AirportCode>TOS</AirportCode>
                        <Date>2021-03-08</Date>
                        <Time>17:05</Time>
                        <AirportName>Tromsø</AirportName>
                    </Arrival>
                    <MarketingCarrier>
                        <AirlineID>DY</AirlineID>
                        <Name>Norwegian Air Shuttle</Name>
                        <FlightNumber>378</FlightNumber>
                    </MarketingCarrier>
                    <OperatingCarrier>
                        <AirlineID>DY</AirlineID>
                        <Name>Norwegian Air Shuttle</Name>
                        <FlightNumber>378</FlightNumber>
                    </OperatingCarrier>
                    <Equipment>
                        <AircraftCode>73H</AircraftCode>
                    </Equipment>
                    <FlightDetail>
                        <FlightDuration>
                            <Value>PT2H</Value>
                        </FlightDuration>
                    </FlightDetail>
                </FlightSegment>
            </FlightSegmentList>
            <FlightList>
                <Flight FlightKey="FJ323F095CC9ABEF7856F642E932C83495">
                    <Journey>
                        <Time>PT2H</Time>
                    </Journey>
                    <SegmentReferences>SGMF94A8749146B48C385E33A7731211A50</SegmentReferences>
                </Flight>
            </FlightList>
            <OriginDestinationList>
                <OriginDestination OriginDestinationKey="OD__OSL_TOS">
                    <DepartureCode>OSL</DepartureCode>
                    <ArrivalCode>TOS</ArrivalCode>
                    <FlightReferences>FJ323F095CC9ABEF7856F642E932C83495</FlightReferences>
                </OriginDestination>
            </OriginDestinationList>
            <PriceClassList>
                <PriceClass PriceClassID="PC__LFAR">
                    <Name>LowFare</Name>
                    <Code>LFAR</Code>
                </PriceClass>
            </PriceClassList>
        </DataLists>
        <Metadata>
            <Other>
                <OtherMetadata>
                    <LanguageMetadatas>
                        <LanguageMetadata MetadataKey="LANG-9CFEFED8FB9497BAA5CD519D7D2BB5D7">
                            <Code_ISO>en</Code_ISO>
                            <Code_NLS>en</Code_NLS>
                            <Name>English</Name>
                        </LanguageMetadata>
                    </LanguageMetadatas>
                </OtherMetadata>
                <OtherMetadata>
                    <CountryMetadatas>
                        <CountryMetadata MetadataKey="COUNTRY-NO">
                            <ICAO_Code>NO</ICAO_Code>
                            <Name>Norway</Name>
                        </CountryMetadata>
                    </CountryMetadatas>
                </OtherMetadata>
                <OtherMetadata>
                    <CityMetadatas>
                        <CityMetadata MetadataKey="CITY-OSLALL">
                            <AugmentationPoint>
<AugPoint Key="OSLALL">
    <ns2:City>
        <ns2:Code>OSLALL</ns2:Code>
        <ns2:Name>Oslo</ns2:Name>
    </ns2:City>
</AugPoint>
                            </AugmentationPoint>
                        </CityMetadata>
                        <CityMetadata MetadataKey="CITY-TOS">
                            <AugmentationPoint>
<AugPoint Key="TOS">
    <ns2:City>
        <ns2:Code>TOS</ns2:Code>
        <ns2:Name>Tromsø</ns2:Name>
    </ns2:City>
</AugPoint>
                            </AugmentationPoint>
                        </CityMetadata>
                    </CityMetadatas>
                </OtherMetadata>
            </Other>
        </Metadata>
    </Response>
</OrderViewRS>