Feature Request: API Access to Card Authorizations (Pre-Auth Holds)
Y
Yair Burowski
started a topic
15 days ago
This extends my previous request for Payment Account API access. Authorizations require selecting a specific card — the payment_account_id from that request.
Use Case
Building an automation system to manage damage deposit holds:
Check-in → create pre-auth hold on guest's personal card (not VCC) Check-out (no damage) → release the hold Check-out (damage found) → capture partial or full amount
The amount and timing must be controlled programmatically — I determine when to create, release, or capture based on my own logic.
Important: Authorizations ≠ VCC Charges
Action
Card Type
Why
Charge for stay
VCC
OTA pays via virtual card
Damage deposit hold
Guest's personal card
Guest is liable for damages
A reservation may have multiple cards on file. The API must let me specify which card to authorize using payment_account_id.
The Functionality Already Exists
Under Financials → Journal → CC Transactions, there's an AUTHORIZATIONS tab separate from PAYMENTS.
From the help docs:
"An authorization is NOT payment; rather, it is a reservation of funds on a guest credit card."
The UI allows creating, viewing, and reversing authorizations. This logic exists but is not exposed via Connect API.
Current Connect API — Gap
GET /reservations/{id}/pay_link ✓ exists
GET /reservations/{id}/selected_payment_method ✓ exists
POST /reservations/{id}/transactions ✓ exists
* /authorizations ✗ missing
Request 1: Create Authorization on Specific Card
POST /authorizations
Must specify payment_account_id to select the guest's personal card (not the OTA VCC).
Key Requirements payment_account_id required — must specify which card to authorize I control the amount — not auto-calculated I control timing — no automatic release; I call /release or /capture when I decide
This builds on the Payment Accounts request — I need both to automate the full guest payment lifecycle:
Payment Accounts API → identify cards (VCC vs guest card) Authorizations API → hold/release/capture on guest card Charge API → charge VCC at the right time
This extends my previous request for Payment Account API access. Authorizations require selecting a specific card — the payment_account_id from that request.
Use Case
Building an automation system to manage damage deposit holds:
Check-in → create pre-auth hold on guest's personal card (not VCC)
Check-out (no damage) → release the hold
Check-out (damage found) → capture partial or full amount
The amount and timing must be controlled programmatically — I determine when to create, release, or capture based on my own logic.
Important: Authorizations ≠ VCC Charges
A reservation may have multiple cards on file. The API must let me specify which card to authorize using payment_account_id.
The Functionality Already Exists
Under Financials → Journal → CC Transactions, there's an AUTHORIZATIONS tab separate from PAYMENTS.
From the help docs:
"An authorization is NOT payment; rather, it is a reservation of funds on a guest credit card."
The UI allows creating, viewing, and reversing authorizations. This logic exists but is not exposed via Connect API.
Current Connect API — Gap
GET /reservations/{id}/pay_link ✓ exists GET /reservations/{id}/selected_payment_method ✓ exists POST /reservations/{id}/transactions ✓ exists * /authorizations ✗ missingRequest 1: Create Authorization on Specific Card
POST /authorizations
Must specify payment_account_id to select the guest's personal card (not the OTA VCC).
Request:
{ "reservation_id": 789012, "payment_account_id": "PA_789012", "amount": 200.00, "currency": "PLN" }Response (success):
{ "id": "AUTH_123456", "reservation_id": 789012, "payment_account_id": "PA_789012", "status": "AUTHORIZED", "amount": 200.00, "currency": "PLN", "authorization_code": "A12345", "created_at": "2025-12-13T14:00:00Z", "expires_at": "2026-01-10T14:00:00Z", "card_last_four": "4242" }Response (declined):
{ "id": "AUTH_123457", "status": "DECLINED", "decline_reason": "Insufficient funds", "decline_code": "INSUFFICIENT_FUNDS" }Request 2: List Authorizations
GET /authorizations?reservation_id=789012
Or: GET /authorizations?hotel_id=123&status=AUTHORIZED
Response:
{ "results": [ { "id": "AUTH_123456", "reservation_id": 789012, "payment_account_id": "PA_789012", "status": "AUTHORIZED", "amount": 200.00, "currency": "PLN", "created_at": "2025-12-13T14:00:00Z", "expires_at": "2026-01-10T14:00:00Z", "card_last_four": "4242" } ] }Request 3: Release Authorization
POST /authorizations/{id}/release
Response:
{ "id": "AUTH_123456", "status": "RELEASED", "released_at": "2025-12-15T11:00:00Z" }Request 4: Capture Authorization
POST /authorizations/{id}/capture
Request:
{ "amount": 150.00, "reference": "Damage to bedside lamp" }Response:
{ "id": "AUTH_123456", "status": "CAPTURED", "captured_amount": 150.00, "original_amount": 200.00, "transaction_id": "TXN_789456", "captured_at": "2025-12-15T11:00:00Z" }Summary
Key Requirements
payment_account_id required — must specify which card to authorize
I control the amount — not auto-calculated
I control timing — no automatic release; I call /release or /capture when I decide
This builds on the Payment Accounts request — I need both to automate the full guest payment lifecycle:
Payment Accounts API → identify cards (VCC vs guest card)
Authorizations API → hold/release/capture on guest card
Charge API → charge VCC at the right time
Is this on the roadmap?