📍
Bolt Help / Core Products / Checkout / Custom Cart Checkout / Bolt Checkout Direct API Integration Guide / How to Set Up Pre-Authorization
Learn how to create and test pre-authorization order flows.
Implement a pre-authorization flow by creating an order in your ecommerce platform before starting the authorization process. This prevents capturing funds on orders that have failed for various reasons.
How to Create & Authorize an Order
The order.create
Merchant Callback API is called after a shopper has selected Pay and directly before Bolt process with payment authorization.
- Implement order_create Merchant Callback API on your server.
- Respond to Bolt’s
order.create
POST request from your Merchant Callback API. - Verify the authenticity of the request by confirming that it originated from Bolt.
PHP Example
<?php
require(dirname(__FILE__) . '/init_example.php');
$client = new \BoltPay\ApiClient([
'api_key' => \BoltPay\Bolt::$apiKey,
'is_sandbox' => \BoltPay\Bolt::$isSandboxMode
]);
$requestJson = file_get_contents('php://input');
$requestData = json_decode($requestJson);
$baseUrl = $exampleData->getBaseUrl();
$response = [
'status' => 'success',
'message' => 'Order create was successful.',
'order_received_url' => $baseUrl . '/example/order_confirmation.php',
'display_id' => @$requestData->order->cart->display_id
];
header('Content-Type: application/json');
http_response_code(200);
echo json_encode($response);
Test the Endpoint
Pre-Auth Flow
- Create an order in a pending state. The transaction must still undergo Bolt’s fraud review.
- Listen for a Bolt webhook informing whether this order has been accepted or denied.
Without Pre-Auth Flow
NOTE
Bolt recommends setting up a Pre-Authorization flow.
- Create an order upon receiving a pending webhook or from the frontend success callback.
- Verify one of the following based on your setup:
- If you respond to Bolt with an
order_received_url
(confirmation page), then Bolt will attempt to redirect the user to that URL, when the order is complete. - If you choose not to respond with an
order_received_url
, you may instead accomplish the redirect through frontend callbacks. - If the card authorization fails after a successful pre-auth request, Bolt will send a webhook to inform that this order has failed card authorization.
- If you respond to Bolt with an