TABLE OF CONTENTS


Authorisations


Authorisation records are used when you want to collect and save a payment method from one of your customers or to store supplier bank details if you are making Outbound payments. 


Authorisations can have a record type of either Inbound (for collections) or Outbound (for supplier/vendor payments).


Saved payment method details such as card or account number are always tokenised to protect you and your customers or suppliers from fraud. Your customer or supplier can have multiple authorisations with you, so a single customer could have both a card payment method on record as well as a Direct Debit mandate in place.


Asperato maintains these records with any state changes that you need to be aware of. For example, if your customer cancels a direct debit, Asperato will update the appropriate authorisation to a cancelled state within Salesforce. Acting on these state changes is something you can do via Salesforce automation.


For Outbound Authorisations, these will be marked as 'In Force' only when they have been submitted for verification to Airwallex.  This process confirms that the account details are correct and in line with PSD2 regulations have been authenticated by the user (see Getting Started with Outbound Payments for more details).



Key Fields:


Authorisation URLThis is the link you provide to your customer to enable them to provide authority to save a payment method.
StatusTells you if the Authorisation is ready to use or not. Authorisations have to be ‘In Force’ before they can be used to collect payments.
Status descriptionA descriptive text showing the reason related to the current status. Might contain the reason for cancellation or failure for example.
Payment Route OptionsAllows you to choose which Authorisation routes are available to your customer to use. E.g. Card, Direct Debit or ACH
Payment Route SelectedTells you which type of payment method has been granted by the customer


In order for an Authorisation to be used to collect payments, it must be marked as status of 'In Force'


The following statuses are available on the Authorisation object


Awaiting submissionThe authorisation has not yet been processed through a payment service provider.
PendingThis status is used for direct debits, and indicates the authorisation has been processed but is not yet in force. Direct debit authorisations have a lead time of a few days before they become active - see Timing cycles for details. This status isn’t relevant for card authorisations, as they become active (or fail) instantly.
In forceThe authorisation has been confirmed, is valid, and can be used to authorise a payment.
Submitted for CancellationStatus value introduced in package version 2.16. This status is used for direct debit payments created using GoCardless connection. It shows that the mandate/authorisation has been submitted for cancellation at the request of the payor, or at your request. The status is automatically updated to Cancelled when the mandate is cancelled at GoCardless
CancelledThe authorisation has been cancelled at the request of the payor, or at your request.
FailedThe authorisation is not valid / no longer valid and cannot be used to take payments.
ExpiredThe authorisation has expired, and can no longer be used to take payments.

Creating and Requesting Authorisations

An Asperato Authorisation is completed in 2 steps as follows:


(1) Creating an Authorisation Record in Salesforce;


(2) Processing an Authorisation.


Creating an Authorisation Record in Salesforce

An authorisation can be created manually in Salesforce by clicking the "New" button on the Authorisation object, completing the details and saving the record.


Processing an Authorisation

Authorisations can either be processed internally to the org (for example, if an agent in a call centre was taking details over the phone to set up an authorisation) or externally (if a link to setup the authorisation is required outside of Salesforce.)


The Asperato package can cover both of these use cases.


Processing an Authorisation Internally


To process an authorisation internally, hit the “Process authorisation” button. This will appear as a standard button in classic, and a quick action in lightning:

Process authorisation button


An overlay will appear showing the paypage for the authorisation - when this from is submitted details of the Authorisation will show in Salesforce.


Processing an Authorisation Externally


To send your customers a link to process an authorisation, first create the basic Authorisation record in Salesforce and then on the record you will see the 'Ecommerce URL' field. 

This will contain a URL pointing to the paypage for the user to enter their card or bank details in order for them to set up the Authorisation.  THis can be distributed in any number of ways (email, IM etc)

Once the user has filled in and submitted their details, the record in Salesforce is updated to reflect these details in the same way as the internal process.


Using Authorisations with GoCardless


Viewing GoCardless Authorisations/Mandates (V2.16+)


The view the mandate click 'View Mandate' quick action button on the Authroisation record page. Note - If you are not using GoCardless as a PSP then you will want to consider removing that button for your users.

Clicking this button will open the mandate as saved with GoCardless.



Updating a GoCardless Authorisation/Mandate (V2.23.1 2023.3 and later)


You can now update a customers email and/ billing address on an an Authorisation record from within Salesforce to GoCardless.  This can be done on any 'In-Force' Authorisation with the payment route of Direct Debit.  Ensure the 'Update authorisation' Lighning Action button is added to the page layout in accordance with the release notes for this release.



Cancelling a GoCardless Authorisation/Mandate (V2.16+)


For users running Asperato version 2.15 or below, you need to do this via the GoCardless Dashboard directly, you cannot do this via Salesforce.


For users running version 2.16 or later

  • navigate to the Authorisation record within Salesforce that you wish to cancel
  • Click button 'Cancel Mandate' (this may be hidden under the arrow in the button bar)
    • You will see a confirmation screen. Upon confirming the mandate will be cancelled at both SF and GC side and the status of authorisation record would be updated to "Cancelled".

Note that if the same Authorisation record which was previously cancelled is then sent to be processed from within Salesforce then


  • The same Authorisation Record will be updated from a status of Cancelled to Pending 
  • In GoCardless, a new Customer record would be created



Importing Authorisations to Salesforce


If you require existing authorisations from your PSP to be populated in Salesforce, then please contact support@asperato.com with details of your requirements.