Skip to content
Create account
 or
Sign in
The Stripe Docs logo
/
Create account
Sign in

Place an extended hold on an online card payment

Learn how to use extended authorizations to capture online card payments up to 30 days after authorization.

Copy page

Extended authorizations have a longer authorization validity period, which allows you to hold customer funds for longer than standard authorization validity windows. For most card networks, the default authorization validity period is 7 days for online payments and 2 days for in-person Terminal payments, whereas extended validity periods can go up to 30 days depending on the card network. For more information about authorization validity windows, see place a hold on a payment method.

Availability

When you use extended authorizations, there are no regional restrictions. However, be aware of the following limitations:

  • They’re only available with Visa, Mastercard, American Express, and Discover.
  • Certain card brands have merchant category restrictions. Refer to the network availability table below.
  • This page describes extended authorizations for online card payments. For in-person card payments using extended authorizations, refer to the Terminal documentation.

IC+ Feature

We offer extended authorizations to users on IC+ pricing. If you’re on blended Stripe pricing and want access to this feature, contact us at support.stripe.com.

Availability by card network and merchant category

Every card network has different rules that determine which payments have extended authorizations available, and how long they’re valid. The following table shows the validity windows and transaction types that extended authorization is available for using Visa, Mastercard, American Express, and Discover. However, we recommend that you rely on the capture_before field to confirm the validity window for any given payment because these rules can change without prior notice.

Card brand Merchant category Extended authorization validity window

Visa

Hotel, lodging, vehicle rental, and cruise line

All other merchant categories*

30 days**

Mastercard (not including Maestro and Cirrus cards)All merchant categories30 days
American ExpressLodging and vehicle rental30 days***
DiscoverAirline, bus charter/tour, car rental, cruise line, local/suburban commuter, passenger transportation including ferries, hotel, lodging, and passenger railway30 days

* For other merchant categories, Stripe charges an additional 0.08% fee per transaction, and the extended window doesn’t apply to transactions with merchants in JP.
** The exact extended authorization window for Visa is 29 days and 18 hours, to allow time for clearing processes.
*** Although your validity window is extended to 30 days, you must capture the authorized funds no later than the end of your customer’s stay or rental.

Networks with limited support (beta)

Recent changes to availability

Best Practices

Customers see their funds held longer when you use extended authorizations. Use clear statement descriptors to avoid increased disputes from unrecognized payments.

You can use the custom_text field when creating a new CheckoutSession to display additional text on the checkout page to help meet compliance requirements.

Compliance

You’re responsible for your compliance with all applicable laws, regulations, and network rules when using extended authorization. Consult the network specifications for the card networks that you plan to accept using this feature with to make sure your sales are compliant with the applicable rules, which vary by network. For instance, for many networks extended validity windows are only for cases where you don’t know the final amount that you’ll capture at the time of authorization.

The information provided on this page relating to your compliance with these requirements is for your general guidance, and is not legal, tax, accounting, or other professional advice. Consult with a professional if you’re unsure about your obligations.

Create a CheckoutSession

Add a checkout button to your website that calls a server-side endpoint to create a Checkout Session.

checkout.html
<html>
  <head>
    <title>Buy cool new product</title>
  </head>
  <body>
    <!-- Use action="/create-checkout-session.php" if your server is PHP based. -->
    <form action="/create-checkout-session" method="POST">
      <button type="submit">Checkout</button>
    </form>
  </body>
</html>

A Checkout Session is the programmatic representation of what your customer sees when they’re redirected to the payment form. You can configure it with options such as:

You must populate success_url with the URL value of a page on your website that Checkout returns your customer to after they complete the payment. You can optionally also provide a cancel_url value of a page on your website that Checkout returns your customer to if they terminate the payment process before completion.

Note

Checkout Sessions expire 24 hours after creation by default.

After creating a Checkout Session, redirect your customer to the URL returned in the response.

To enable the extended authorization feature, set request_extended_authorization to if_available.

# This example sets up an endpoint using the Sinatra framework.
# Watch this video to get started: https://youtu.be/8aA9Enb8NVc.

require 'json'
require 'sinatra'
require 'stripe'

# Set your secret key. Remember to switch to your live secret key in production.
# See your keys here: https://dashboard.stripe.com/apikeys
Stripe.api_key = 
'sk_test_BQokikJOvBiI2HlWgH4olfQ2'


post '/create-checkout-session' do
  session = Stripe::Checkout::Session.create({
    line_items: [{
      price_data: {
        currency: 'usd',
        product_data: {
          name: 'T-shirt',
        },
        unit_amount: 2000,
      },
      quantity: 1,
    }],
    payment_method_options: {
      card: {
        request_extended_authorization: 'if_available',
      },
    },
    mode: 'payment',
    # These placeholder URLs will be replaced in a following step.
    success_url: 'https://example.com/success',
    cancel_url: 'https://example.com/cancel',
  })

  redirect session.url, 303
end

Rely on the capture_before field to confirm the validity window for a given payment. The validity window won’t change after the CheckoutSession is complete. To determine if the authorization is extended after the CheckoutSession is complete, look at the extended_authorization.status field on the associated charge.

{
  "id": "pi_xxx",
  "object": "payment_intent",
  "amount": 1000,
  "amount_capturable": 1000,
  "amount_received": 0,
  "status": "requires_capture",
  ...
  // if latest_charge is expanded
  "latest_charge": {
      "id": "ch_xxx",
      "object": "charge",
      "payment_method_details": {
        "card": {
          "amount_authorized": 1000,
          "capture_before": 1696524701,
          "extended_authorization": {
              "status": "enabled", // or "disabled"
          }
        }
      }
      ...
    }
  ...
}

Test your integration

Use the Stripe test cards below with any CVC and future expiration date to request extended authorizations while testing. If extended authorizations are available on payments for a given network while testing, they’re also available for live payments.

Card brandNumberPayment method
Visapm_card_visa
Mastercardpm_card_mastercard
Amexpm_card_amex
Discoverpm_card_discover

See also

Was this page helpful?
YesNo
Need help? Contact Support.
Join our early access program.
Check out our changelog.
Questions? Contact Sales.
LLM? Read llms.txt.
Powered by Markdoc