Pre-authorization (pre-auth) allows merchants to temporarily block funds on a customer’s card and capture the payment later, typically after order fulfillment. This helps secure funds without charging the customer immediately.

Telr Payment Gateway (PG) supports pre-auth for Visa and Mastercard credit and debit cards.

How pre-authorization works?

With pre-auth, you can :

  • Authorize an amount on a customer’s card without immediate capture.
  • Capture the authorized amount later (fully or partially) when ready.
  • Void the authorization to release funds if the transaction is not completed.

Unlike standard transactions, where funds are instantly captured, pre-auth provides flexibility in payment processing.

Pre-authorization flow

  1. The customer initiates the payment.
  2. The amount is blocked on the customer’s card after successful payment completion.
  3. The merchant can:

    • Either Capture the full or partial amount.

      OR

    • Void the authorization to release the blocked funds to the customer.

Note: If not captured within seven days, the funds are automatically released.

Pre-authorization feature request

  • To enable pre-auth for your account, submit a request via the Support Form.

Managing pre-authorization transactions

You can capture or void pre-auth transactions from the Cashfree Merchant Dashboard or integrate the capture and void APIs to automate the process.

Note

  • You must capture or void a pre-auth transaction within seven days of authorization.
  • A transaction can only be captured or voided once.
  • Once captured, a transaction cannot be voided.
  • Once voided, a transaction cannot be captured.
  • Transactions not captured within 7 days are automatically released back to the customer.
  • Voided transactions return funds to the customer immediately.
  • After pre-auth is enabled for your account, ensure all Pre Auth transactions are either captured or voided.

Supported payment instruments for pre-authorization

Telr Payment Gateway supports pre-auth workflow on cards and UPI (Unified Payments Interface).

Cards

If you are using cards, you do not need to provide any additional parameters while initiating the payment.

Below is a sample /orders/pay request and response:

  curl --request POST \
    --url https://sandbox.cashfree.com/pg/orders/sessions \
    --header 'Content-Type: application/json' \
    --header 'x-api-version: <x-api-version>' \
    --data '{
    "payment_method": {
      "card": {
        "card_cvv": "900",
        "card_display": "3243",
        "card_expiry_mm": "03",
        "card_expiry_yy": "26",
        "card_number": "4111111111111111",
        "channel": "link",
        "cryptogram": "AQBBBBBBZatIlaIAmWKSghwBBBB=",
        "token_requestor_id": "22457512314",
        "token_type": "ISSUER_GC_TOKEN"
      }
    },
    "payment_session_id": "session__CvcEmNKDkmERQrxnx39ibhJ3Ii034pjc8ZVxf3qcgEXCWlgDDlHRgz2XYZCqpajDQSXMMtCusPgOIxYP2LZx0-05p39gC2Vgmq1RAj--gcn"
  }'

UPI

For UPI pre-auth, you need to pass additional parameters in the /orders/pay API request. Once you have created the order, invoke the Order Pay API call with the authorize_only, authorization parameters.

The authorization object contains the following attributes:

  • approve_by - The time by when customer needs to approve this one time mandate request.
  • start_time - The time when the mandate should start.
  • end_time - The time until when the mandate hold will be on customer’s bank account. You can call capture and void until this time.

UPI Collect

Below is a sample UPI Collect request and response:

curl --request POST \
  --url https://api.cashfree.com/pg/orders/sessions \
  --header 'Content-Type: application/json' \
  --data '{
	"payment_session_id": "HTIdYxfOYgqKyYM3rLCZ",
	"payment_method" : {
		"upi" : { 
			"channel": "collect",
			"upi_id": "rohit@okicici",
			"authorize_only": true,
			"authorization" : {
          "approve_by": "2022-02-08T19:20:12+05:30",
          "start_time": "2022-02-09T12:34:34Z",
          "end_time": "2022-02-10T12:34:34Z"
       }			
		}
	}
}'

UPI Intent

Below is a sample UPI Intent request and response:

curl --request POST \
  --url https://api.cashfree.com/pg/orders/sessions \
  --header 'Content-Type: application/json' \
  --data '{
	"payment_session_id": "HTIdYxfOYgqKyYM3rLCZ",
	"payment_method" : {
		"upi" : { 
			"channel": "link",
			"authorize_only": true,
			"authorization" : {
          "approve_by": "2022-02-08T19:20:12+05:30",
          "start_time": "2022-02-09T12:34:34Z",
          "end_time": "2022-02-10T12:34:34Z"
       }			
		}
	}
}'

Capture

The capture workflow helps you to capture the payment and move the authorised amount partially or completely from customers bank account to your bank account.

curl --request POST \
  --url https://api.cashfree.com/pg/orders/:order_id/authorization \
  --header 'Content-Type: application/json' \
  --header 'x-api-version: <<api_version>>' \
  --header 'x-client-id: <<app_id>>' \
  --header 'x-client-secret: <<secret_key>>' \
  --data '{
  "action": "CAPTURE",
  "amount": "2.00"
}'

Void

The void workflow helps you to release the entire authorized amount back to the customer.

curl --request POST \
  --url https://api.cashfree.com/pg/orders/:order_id/authorization \
  --header 'Content-Type: application/json' \
  --header 'x-api-version: <<api_version>>' \
  --header 'x-client-id: <<app_id>>' \
  --header 'x-client-secret: <<secret_key>>' \
  --data '{
  "action": "VOID"
}'

FAQs