> ## Documentation Index
> Fetch the complete documentation index at: https://developers.pcibooking.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Store 3D Secure Data

> Store 3D Secure authentication data on a token.

<Card title="3DS Authentication Guide" icon="book" href="/manage-tokens/3ds-auth-management">
  Store and manage 3D Secure authentication data
</Card>

Stores 3D Secure authentication results on an existing token. Use this when you have performed 3DS authentication outside of PCI Booking and need to attach the authentication data (CAVV, ECI, XID) to the token for use in subsequent payment transactions.

## Error Responses

| Code  | HTTP Status | Condition                                                            |
| ----- | ----------- | -------------------------------------------------------------------- |
| -179  | 400         | ThreeDSecureInfo is null or Version does not start with "1." or "2." |
| -1003 | 401         | User is not the owner                                                |
| -150  | 500         | Failed to store 3DS data                                             |

## Parameter Constraints

* **ThreeDSecIndication** is required and must be `Authenticated` or `TechnicalProblem`.
* **AuthenticationValue** has a max length of 256 characters and is required when ThreeDSecIndication is `Authenticated`.
* **Eci** has a max length of 2 characters.
* **Version** must start with "1." or "2.".

## Parameters

### Headers

<ParamField header="Authorization" type="string" required>
  Your API key prefixed with `APIKEY`. Example: `APIKEY your-api-key`. See the [Authentication guide](/getting-started/authentication).
</ParamField>

### Path Parameters

<ParamField path="cardToken" type="string" required>
  The token ID as returned by one of the tokenization methods. For example, `2821a46d80e14d1b96a7f18f1b81926d`.
</ParamField>

### Request Body

<ParamField body="AuthenticationValue" type="string" required>
  The cardholder's Authentication Verification Value (AVV). e.g. `1234567890`. Max 256 characters.
</ParamField>

<ParamField body="Version" type="string" required>
  The version of 3DS authentication used. Should start with either "1" or "2". Max 5 characters.
</ParamField>

<ParamField body="eci" type="string">
  The Electronic Commerce Indicator (ECI) value. e.g. `12`.
</ParamField>

<ParamField body="ThreeDSeciIndication" type="string">
  The 3D Secure authentication decision. Accepted values: **Authenticated**, **TechnicalProblem**, **CardNotEnrolled**.
</ParamField>

<ParamField body="XID" type="string">
  The 3DS transaction ID for 3DS version 1.0 (`XID`) and version 2.0 (`3DS_Trans_ID`). Max 40 characters.
</ParamField>

<ParamField body="AcsTransactionId" type="string">
  Unique transaction identifier assigned by the Access Control Server (ACS) to identify a single 3D Secure transaction.
</ParamField>

<RequestExample>
  ```javascript Node.js theme={null}
  const response = await fetch(
    'https://service.pcibooking.net/api/payments/paycard/2821a46d80e14d1b96a7f18f1b81926d/3dToken',
    {
      method: 'PUT',
      headers: {
        'Authorization': 'APIKEY your-api-key',
        'Content-Type': 'application/json'
      },
      body: JSON.stringify({
        AuthenticationValue: 'AJkBAoEREQAAAAB4hABwcAAAAAA=',
        Version: '2.1.0',
        eci: '05',
        ThreeDSeciIndication: 'Authenticated',
        XID: '861433f4-abff-4c40-b2fd-fea208856a33',
        AcsTransactionId: 'e7a46959-9630-413e-ab56-4e399b96244a'
      })
    }
  );

  console.log(response.status);
  ```

  ```python Python theme={null}
  import requests

  response = requests.put(
      'https://service.pcibooking.net/api/payments/paycard/2821a46d80e14d1b96a7f18f1b81926d/3dToken',
      headers={
          'Authorization': 'APIKEY your-api-key',
          'Content-Type': 'application/json'
      },
      json={
          'AuthenticationValue': 'AJkBAoEREQAAAAB4hABwcAAAAAA=',
          'Version': '2.1.0',
          'eci': '05',
          'ThreeDSeciIndication': 'Authenticated',
          'XID': '861433f4-abff-4c40-b2fd-fea208856a33',
          'AcsTransactionId': 'e7a46959-9630-413e-ab56-4e399b96244a'
      }
  )

  print(response.status_code)
  ```
</RequestExample>

## Response

**201** - 3D Secure data stored successfully.

<ResponseExample>
  ```text 201 theme={null}
  Empty response body. 3D Secure data stored successfully.
  ```

  ```json 401 theme={null}
  {
      "code": -1003,
      "message": "Not authorized to access this resource",
      "moreInfo": "Bad or missing authorization data, expected APIKEY or Temp Session or One-Time Accesss Token",
      "errorList": null
  }
  ```
</ResponseExample>
