Simulates a 3D Secure (3DS) authentication request for online card transactions.
3DS provides an additional layer of security by requiring cardholder authentication
before authorizing online purchases. In the Kulipa system, this triggers an
Out-Of-Band authentication flow where the user receives a notification in their
wallet application to confirm the transaction.
This simulation endpoint will result in a cardAuthentication.created event being
sent to wallet distributor webhooks, allowing you to test the complete 3DS flow.
For more details about the 3DS process, see the 3DS documentation.
Response: Returns a CardAuthentication object with status in_progress and
transaction details that will be presented to the user for authentication.
The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).
Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response.
The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401 Unauthorized, the client's identity is known to the server.
The user has sent too many requests in a given amount of time ("rate limiting").
The server has encountered a situation it does not know how to handle.