In https://www.marqeta.com/docs/core-api/3ds#_receive_an_advanced_authentication_challenge, we need to create an endpoint "/three-ds/decision" on our server so Marqeta can POST to it.
The docs say:
Marqeta-assigned unique card token identifying the user.
36 char max
card_token is Optional - in what cases is this field null? We hope there's always going to be a "card_token" when Marqeta POSTs to that endpoint - it means someone is swiping their card and that we need to determine if we want to push them through the 3DS authentication flow. So how can this be null?
Hi @bigrhino1223, Community Manager here. Thank you for posting your question here in the Developer Community. We are glad to have you join us.
I sent this over to our docs team when you posted this, and we were able to update the doc you mentioned above to clarify for your question. https://www.marqeta.com/docs/core-api/3ds#_delegate_decisioning_determine_whether_to_send_an_sca
Thank you for bringing this up to us, your feedback and questions make it possible for us to make a better developer experience. Cheers.