Skip to main content
POST
/
api
/
interceptors
/
{ref}
Execute interceptor
curl --request POST \
  --url https://{instance}.{env}.on-hellgate.cloud/api/interceptors/{ref} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{}'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "amount": 123,
  "backend_results": [
    {
      "backend": "<string>",
      "error": "<string>",
      "latency_ms": 123,
      "link_execution_id": "<string>",
      "link_timing": {
        "external": 123,
        "internal": 123,
        "total": 123
      },
      "live": true,
      "missing_fields": [
        "<string>"
      ],
      "raw_response": {},
      "rule_id": "<string>"
    }
  ],
  "context": "checkout",
  "credential_fingerprint": "crd_4ba218...",
  "currency": "<string>",
  "customer_id": "<string>",
  "device_fingerprint": "<string>",
  "device_ip": "<string>",
  "evaluated_at": "2023-11-07T05:31:56Z",
  "events": [
    {
      "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "occurred_at": "2023-11-07T05:31:56Z",
      "processed_at": "2023-11-07T05:31:56Z"
    }
  ],
  "has_backend_error": true,
  "integration": "<string>",
  "interceptor_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "latency_us": 4250,
  "masked_credential": "411111 ****** 4242",
  "metadata": {},
  "resolution": {
    "resolved_at": "2023-11-07T05:31:56Z"
  },
  "ruleset_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "ruleset_version": 123,
  "transaction_reference": "<string>",
  "triggered_rules": [
    {
      "action": "BLOCK",
      "name": "Block USD",
      "rule_id": "r1",
      "type": "condition"
    }
  ],
  "payload": {}
}

Authorizations

Authorization
string
header
required

HS256-signed JWT bearer token, obtained via the OAuth2 client-credentials grant (see Authentication).

Headers

payment-type
string

Payment type declared by the merchant. Controls the initial payment state on the decision.

Path Parameters

ref
string
required

The interceptor's reference

Body

application/json

Acquirer request body

The body is of type object.

Response

Interceptor outcome. On ALLOW the merchant's request is forwarded and the destination's response is returned verbatim. On BLOCK/REVIEW the body is either the configured template response or, in decision mode, the decision result shown below.

Decision body returned by the interceptor runtime endpoint when it produces a decision (BLOCK or REVIEW in decision response mode). Identical to the standard decision result plus the interceptor-specific payment_type, payment_state, and payload fields.

id
string<uuid>

Unique decision identifier

amount
integer | null
backend_results
BackendResult · object[]

One entry per backend rule that was executed.

context
string
Example:

"checkout"

credential_fingerprint
string

Deterministic HMAC-SHA256 card instrument identifier

Example:

"crd_4ba218..."

credential_type
enum<string> | null

Type of credential supplied in the request

Available options:
pan,
masked_pan,
sepa
currency
string | null
customer_id
string | null
decision
enum<string>

BLOCK terminates on first match. REVIEW accumulates. ALLOW is the default when no rules match.

Available options:
ALLOW,
BLOCK,
REVIEW,
PROVISIONAL
device_fingerprint
string | null
device_ip
string | null
evaluated_at
string<date-time>
events
object[]

Always empty on a freshly evaluated decision.

has_backend_error
boolean

True if any backend_results entry carries a non-nil error (e.g. "backend_capability_disabled").

integration
string | null

Integration type that originated this decision (e.g. 'interceptor')

interceptor_id
string<uuid> | null

ID of the interceptor that originated this decision

latency_us
integer
Example:

4250

masked_credential
string | null

Display-safe masked representation, e.g. '411111 ****** 4242'

Example:

"411111 ****** 4242"

metadata
object

Merchant-supplied key-value pairs stored with the decision.

resolution
object

Always null on a freshly evaluated decision.

ruleset_id
string<uuid> | null
ruleset_version
integer | null
source
enum<string>

RULE_ENGINE — condition rules only. BACKEND — backend rule(s) only. COMBINED — both.

Available options:
RULE_ENGINE,
BACKEND,
COMBINED
transaction_reference
string | null
triggered_rules
TriggeredRule · object[]
payload
object

Masked raw request body captured at intercept time.

payment_state
enum<string> | null

Current payment lifecycle state. Advances as lifecycle events are submitted via POST /api/events.

Available options:
authorized,
captured,
voided,
fraud_reported,
chargedback,
failed
payment_type
enum<string> | null

Payment type declared by the merchant via the payment-type request header.

Available options:
unknown,
authorization,
authorization-and-capture