# Authorize a sale transaction

{% hint style="info" %}
Before you start a sale transaction in mobile app using the[ transactions API](https://docs.xplorpay.com/api-references/payments/cards/transactions/transactions) endpoint, make sure you have the following:

:white\_check\_mark: [API key](https://docs.xplorpay.com/api-references/authentication#obtaining-your-access-key) issued by Xplor Pay.

:white\_check\_mark: Mobile JSON Web Token (`mobilejwt`) returned by the `successfulTransactionToken` method using the [JavaScript SDK](https://docs.xplorpay.com/guides/payment-processing-solutions/javascript) integration.
{% endhint %}

To create a multi-use or durable token (`id`) when authorizing a sale transaction:

1. Add the `create-token` field with a value of `true` to the request body when calling the [transactions API](https://docs.xplorpay.com/api-references/payments/cards/transactions/transactions) endpoint to authorize a sale transaction.

{% code overflow="wrap" lineNumbers="true" %}

```json
{
    "type": "sale",
    "card": "4111111111111111",
    "exp-date": "1227",
    "amount": "1.00",
    "create-token": "true"
}
```

{% endcode %}

2. Use the **POST** method to call the `rest/v2/transactions/auth` endpoint.

The API returns the following response:

{% code overflow="wrap" lineNumbers="true" %}

```json
{
    "code": "200",
    "status": "success",
    "exchange-id": "ID-clearent-cgw-1-1747434482642-0-19185009",
    "links": [
        {
            "rel": "transaction",
            "href": "/rest/v2/transactions?id=118883986",
            "id": "118883986"
        },
        {
            "rel": "token",
            "href": "/rest/v2/tokens/1100001516808661111",
            "id": "1100001516808661111"
        }
    ],
    "payload": {
        "transaction": {
            "amount": "1.00",
            "id": "118883986",
            "created": "2025-06-03 13:53:03.177",
            "type": "SALE",
            "result": "APPROVED",
            "card": "XXXXXXXXXXXX1111",
            "authorization-code": "TAS632",
            "batch-string-id": "67",
            "display-message": "Transaction approved",
            "result-code": "000",
            "exp-date": "1227",
            "card-type": "VISA",
            "last-four": "1111",
            "merchant-id": "946074139743",
            "terminal-id": "10011111",
            "create-token": true
        },
        "payloadType": "transaction"
    }
}
```

{% endcode %}

The API response includes `links` array with the following fields:

<table><thead><tr><th width="113.66668701171875" valign="top">Name</th><th width="148.66668701171875" valign="top">Data type</th><th valign="top">Description</th></tr></thead><tbody><tr><td valign="top"><code>rel</code></td><td valign="top">String</td><td valign="top"><p>Indicates the type of resource the link refers to.</p><p>Common values are:</p><ul><li><code>transaction</code></li><li><code>token</code></li></ul></td></tr><tr><td valign="top"><code>href</code></td><td valign="top">String (URI)</td><td valign="top">The relative URI to access the card token.</td></tr><tr><td valign="top"><code>id</code></td><td valign="top">String</td><td valign="top">The unique multi-use or durable card token ID.</td></tr></tbody></table>

{% hint style="info" %}
See [Authorize a sale transaction endpoint](https://docs.xplorpay.com/api-references/payments/cards/transactions/transactions#post-rest-v2-transactions-auth) response for more information.
{% endhint %}