Integrate
Need Help?In Europe? Go to EU docs

Refresh bank authorization

If a customer's bank authorization expires or is invalidated (for example, due to a password change or a security update at the bank), you must re-authenticate the customer to continue processing payments.

Trustly provides a mechanism to detect these scenarios and relaunch the Lightbox to restore connectivity without requiring the customer to re-enter all their details.

Prerequisites

Before you attempt to refresh an authorization, ensure you have the following data from the original transaction:

  • Original Transaction ID: The ID of the transaction that requires re-authentication. If you are missing the ID, use the List transactions endpoint to search for the original transaction using your merchantReference.

Detect a required refresh

When you attempt a capture or a data refresh request, you may receive a failure response indicating that the session is no longer valid.

Common indicators

Monitor your API responses and event notifications for the following statuses:

  • paymentProviderTransaction.status: SW057 (Expired Split Token)
  • paymentProviderTransaction.status: SW051 (Invalid or corrupt Split Token)

When you encounter these errors, you must prompt the customer to re-authenticate.

Relaunch the Lightbox

To refresh the authorization, you must launch the Trustly Lightbox again using the specific parameters associated with the original transaction. This flow differs slightly from the initial setup because you are updating an existing connection rather than creating a new one.

Required parameters

The following table lists the parameters required to relaunch the Lightbox for a refresh flow.

ParameterDescription
paymentTypeSet to Verification, indicating that you are verifying the customer access to the bank account to refresh the bank authorization.
transactionIdThe ID of the customer authorization transaction you are attempting to refresh.
authTokenSet to new, indicating that the customer must re-authenticate and the merchant will receive a new split token.

Implementation example

Call the establish method from the appropriate SDK with the required parameters to trigger the refresh flow.

var refreshData = {
  accessId: 'YOUR_ACCESS_ID',
  merchantId: 'YOUR_MERCHANT_ID',
  merchantReference: 'refresh-order-123',
  paymentType: 'Verification', 
  transactionId: '1002636615', // The original transaction ID
  authToken: 'new'
};

Trustly.establish(refreshData, {
  closeButton: true,
  dragAndDrop: false,
  widgetContainerId: 'widget-container'
});

Once the customer successfully completes the workflow, Trustly issues a new Authorize event with a fresh splitToken. You must update your system with this new token for future requests.

Updated about 2 months ago