Manage payment authorizations

Important

Some or all of the functionality noted in this article is available as part of a preview release. The content and the functionality are subject to change. For more information about preview releases, see One version service updates FAQ.

This article provides an overview of payment authorization expiration ranges and common payment authorization parameters in Microsoft Dynamics 365 Commerce.

Authorization expiration ranges

Average expiration dates of authorizations from payment method issuers might vary, depending on the payment method that's used. Each authorization expiration date can vary, and there's no guaranteed timeline that each payment method follows. Individual authorization requests might expire if the issuer has a reason to end the active authorization that was initially provided at the origination of the authorization. Depending on the specific payment methods that are used in your environment and with your payment gateway, you can adjust Commerce configuration parameters that apply to your solution, to optimally capture the date ranges that are needed to manage authorizations while orders are being fulfilled.

Here are the commonly suggested authorization expiration ranges for the out-of-box connectors that Commerce currently supports:

  • PayPal authorizations: Up to 29 days (but the authorizations can expire earlier in some cases)
  • Credit card authorizations (via Adyen): Typically 14 days (but the range depends on the individual issuer)

Note

The preceding expiration ranges are only suggestions. The exact time frames that you experience or configure for your environment depend on the range of methods that are used.

Authorization expiration reauthorization parameters

The Number of days before expired parameter (found in Commerce headquarters at Accounts receivable > Setup > Accounts receivable parameters > Credit card) controls the behavior of your environment's payment connector by preemptively voiding and reauthorizing authorizations against the gateway to obtain a renewed authorization before expiration.

For Adyen, the void and reauthorization pattern renews the authorization for a new cycle. Adyen's use of recurring tokens for the transaction scope can obtain an authorized token for upcoming calls but reference the same transactional scope as the original customer-approved and validated authorization. If you set the Number of days before expired parameter for a time range that's longer than the typical token expiration time frame, the system might initially detect that the capture token was accepted through a transactional response. However, if the capture is later rejected in the gateway, there's a risk that the system won't detect the status change.

Note

The capture response is the status notification that the gateway received the network call. The capture result is the actual resulting status of the capture action in the gateway. Because it takes time for the issuer to determine and confirm the capture result, capture results are asynchronous to the Commerce system. Knowing the capture result and documenting it in the system will require the future Commerce asynchronous payments feature to update the transaction with the capture result. Currently, the transaction's authorization is checked before the capture call, and the capture is then considered successful. Although it's rare for a capture to fail if there's a successful authorization, this behavior can occur. Capture results can be compared during the reconciliation process.

For PayPal, tokens can remain authorized for up to 29 days. However, the Number of days before expired parameter will void PayPal's token without providing the ability to renew it, unless the OrderIntent parameter (available as of Commerce version 10.0.30) is configured. For PayPal, tokens are single-use, and the OrderIntent parameter's action will void the token without providing the ability to recover a new order authorization. Voided PayPal tokens require a payment to be obtained again from the customer for PayPal orders. If the OrderIntent parameter is set to Save in the connector configuration, the Number of days before expired parameter extends the order expiration duration for PayPal tokens. If the OrderIntent parameter is set to a value other than Save, the Number of days before expired parameter should be set to a balanced number of days that works best for both the Adyen and PayPal Connectors (if you're using both). Invoicing will occur within the regular time frame that the token is valid for. The recommended setting for Number of days before expired is 14 days.

For more information about the PayPal order intent setting, see the PayPal connector order intent parameter section later in this article.

Authorization resubmit job parameters

The Authorization Resubmit job (found in headquarters at Retail and Commerce > Retail and Commerce IT > Payments > Authorization resubmit) is a batch job that can be set at a specific recurring cadence to reauthorize payment authorization tokens that are within the range that's specified by the Number of days before expired parameter.

The Authorization resubmit dialog box includes the following parameters:

  • Days out – This parameter reviews the shipping date that's set for a sales order and triggers reauthorization, based on that date. It works in addition to the Number of days before expired parameter.
  • Check inventory availability – This legacy batch job parameter is no longer supported.
  • Release and authorize future orders – This parameter removes "don't process" holds from orders that a future order date is set for, and authorizes the amount as the configured order shipping date approaches.

Note

Orders marked with a future shipping date have authorization holds created for them. These orders appear on the Retail and Commerce > Channels > Call centers > Call center credit cards > Authorization management form in headquarters. The sales order header Do not process property remains set to True. To update the Do not process property for the sales order, go to the Authorization management form, set the page filter Status to Declined, and then select the intended record by the customer account or sales order row in the records list. Next, select the Credit card menu item, and then select Process. This should resend the authorization and set the Do not process property to False if successfully authorized.

  • Retry declined credit cards – This parameter retries a card authorization for a previously declined card. Depending on your business requirements, you might not want to set this parameter.
  • Resubmit stale credit cards – This parameter resubmits a card for authorization after the system has determined an expired authorization. Depending on your business requirements, you might not want to set this parameter.
  • Void expired authorizations – This parameter voids the authorization if the system determines that it meets the expired settings.

The Run in the background section of the dialog box includes the following elements:

  • Batch processing – This parameter is set to Yes by default and can't be turned off.
  • Recurrence – The parameters on the Recurrence > Define recurrence tab let you set recurrence timing configurations to run the job.
  • Alerts – The parameters on the Alerts > Batch job alerts tab allow you to configure alerts for different events related to the batch job.
  • Task description – This parameter specifies the display label of the batch job.
  • Batch group – This parameter lets you specify batch groups to distribute the workload to different servers.
  • Private – When this parameter is set to Yes, Commerce prevents other users from processing your batch job. Only the user who configured the dialog box will be able to run the job.
  • Critical Job – Set this parameter to Yes to prioritize processing capacity for the job.
  • Monitoring category – This parameter lets you assign a monitoring category to make it easier to identify different types of jobs during monitoring.

PayPal connector order intent parameter

As of Commerce version 10.0.30, the PayPal payment connector configuration in headquarters includes the OrderIntent field. This field enables the PayPal payment connector to be configured to operate with a saved PayPal order for the online channel. For more information about Commerce support for PayPal order intent, see Order Intent.

Adyen connector authorization stale period parameter

When you configure the Dynamics 365 Payment Connector for Adyen in headquarters for online, call center, or Hardware Station, the Authorization stale period (days) parameter specifies the number of days after which the connector will consider the authorization token expired. If an authorization token is older than the number of days that are specified for this parameter, Dynamics 365 proactively sets a decline status on a capture and generates the following error message: "Capture failed: Capture failed due to stale authorization.(22062)." When a capture call is declined, it generates the error in the system before it calls the payment gateway (Adyen). The Authorization stale period (days) parameter prevents unnecessary capture requests for authorizations that are likely to fail. In this way, it helps prevent unnecessary transactional attempt charges.

The Authorization stale period (days) parameter in the Adyen connector configuration should be set to a longer time frame than the Accounts receivable Number of days before expired parameter, because the Authorization stale period (days) parameter triggers the protective action to consider the authorization expired.

Additional resources

Dynamics 365 Payment Connector for PayPal

Dynamics 365 Payment Connector for Adyen overview