**Last updated**: 30 September 2024 | [**Change log**](/access/products/sca-exemptions/changelog/)

# Exemption assessment

`POST` your request to the `exemptions:assess` action link.

## Assessment example request

POST  `https://try.access.worldpay-bsh.securedataplatform.com/exemptions/assessment`

Risk assessment request body:

Card
Token
Network token
View the full API request schema
## Assessment responses

The response contains the outcome of your `assessment` request.

Applying the exemption
You must apply the `riskProfile` from the exemption assessment response in the [Card Payments API](/access/products/card-payments/authorize-a-payment#sca-exemptions) to link the Worldpay payment and apply the exemption that was granted.

See [applying the exemption](/access/products/sca-exemptions/assessment#applying-the-exemption) for details.

Note:
* We return a `WP-CorrelationId` in the headers of service responses. We **highly recommend** you log this. We can use the `WP-CorrelationId` to examine individual service requests.


lowValue/authorization

```json
  {
      "outcome": "exemption",
      "transactionReference": "Memory265-13/08/1876",
      "exemption": {
          "placement": "authorization",
          "type": "lowValue"
      },
      "riskProfile": {
          "href": "https://access.worldpay-bsh.securedataplatform.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ"
      }
  }
```

lowRisk/authorization

```json
  {
      "outcome": "exemption",
      "transactionReference": "Memory265-13/08/1876",
      "exemption": {
          "placement": "authorization",
          "type": "lowRisk"
      },
      "riskProfile": {
          "href": "https://access.worldpay-bsh.securedataplatform.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ"
      }
  }
```

lowRisk/authentication

```json
  {
      "outcome": "exemption",
      "transactionReference": "Memory265-13/08/1876",
      "exemption": {
          "placement": "authentication",
          "type": "lowRisk"
      },
      "riskProfile": {
          "href": "https://access.worldpay-bsh.securedataplatform.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ"
      }
  }
```

No exemption granted

```json
  {
      "outcome": "noExemption",
      "transactionReference": "Memory265-13/08/1876",
      "riskProfile": {
          "href": "https://access.worldpay-bsh.securedataplatform.com/riskprofile/eyJrIjoxLCJkIjoialRBL0FFelBzcnZ"
      }
  }
```

View the full API response schema
## Applying the exemption

#### If the placement is `authorization`

* apply the `riskProfile` in the [payment authorization](/access/products/card-payments/authorize-a-payment) request.


In the event that the exemption is not successful (honoured + authorized) when applied in the payment, the issuer responds with a soft decline ([refusal code 65](/access/products/reference/refusal-response)). The next logical step is, to proceed with [3DS authentication](/access/products/3ds).

#### If the placement is `authentication`

* set the `challenge.preference` in [3DS authentication](/access/products/3ds/web/authentication) to `noChallengeRequestedTRAPerformed`
* apply the `riskProfile` in the [payment authorization](/access/products/card-payments/authorize-a-payment) request


#### If no exemption is provided

* perform [3DS authentication](/access/products/3ds)
* apply the `riskProfile` in the [payment authorization](/access/products/card-payments/authorize-a-payment) request. Without this, the data model will not improve over time


**Next steps**

[Exemption testing](/access/products/sca-exemptions/testing)