# Managing sources

In the Digital River API, [payment sources](https://docs.digitalriver.com/digital-river-api/payments/payment-sources) fall into two broad categories: [primary and secondary](#primary-versus-secondary-sources).

For both categories, after [creating a source](#creating-payment-sources), you can always [attach a source to a checkout](#attaching-sources-to-checkouts) so that Digital River can attempt to generate a [charge ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics)after you [create the order](https://docs.digitalriver.com/digital-river-api/order-management/creating-and-updating-an-order#creating-an-order-with-the-checkout-identifier). You can also [detach sources from checkouts](#detaching-sources-from-checkouts).

If a [primary source](#primary-payment-sources) supports [reusability](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use), you may also be able to [save it to a customer's account](#attaching-sources-to-customers). For [customers ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers)with multiple `sources[]`, we also provide you the ability to [set the default one](#setting-the-default-payment-source).

You can [combine primary and secondary sources](#combining-primary-and-secondary-payment-sources), but how you sequence their application depends on whether or not the primary source is [reusable](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use).

When [building payment flows](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows), the [Digital River object](https://docs.digitalriver.com/digital-river-api/developer-resources/reference/digitalriver-object) exposes methods for [authenticating](#authenticating-sources) and [updating](#updating-sources) sources useful in the purchase and account management scenarios.

## Primary versus secondary sources

When [building your payment workflows](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows), you should know the differences between [primary](#primary-payment-sources) and [secondary](#secondary-payment-sources) payment sources and how they affect the [payment session](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/payment-sessions).

### Primary payment sources

Primary payment [sources ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)are created from traditional [payment methods](https://docs.digitalriver.com/digital-river-api/payments/supported-payment-methods) such as [credit cards](https://docs.digitalriver.com/digital-river-api/payments/supported-payment-methods/credit-cards), [Google Pay](https://docs.digitalriver.com/digital-river-api/payments/supported-payment-methods/google-pay), [PayPal](https://docs.digitalriver.com/digital-river-api/payments/supported-payment-methods/paypal), and [wire transfers](https://docs.digitalriver.com/digital-river-api/payments/supported-payment-methods/wire-transfer). Most customers use a primary source when making a purchase, but a [checkout's ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts)`sources[]`can only contain one primary source.

Primary sources created from [payment methods that support reusability](https://docs.digitalriver.com/digital-river-api/payments/supported-payment-methods) may be able to be [associated with a customer](#attaching-sources-to-customers) and then [reused](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use) in future transactions.

Alternatively, you can simply [attach a primary source to a checkout](#attaching-sources-to-checkouts), thereby enabling Digital River to submit a [charge authorization request](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics#how-a-charge-is-created) after you [create the order](https://docs.digitalriver.com/digital-river-api/order-management/creating-and-updating-an-order#creating-an-order-with-the-checkout-identifier).

Once a [checkout ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts)contains a primary source, the [necessary payment preconditions](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/payment-sessions#how-to-determine-when-to-create-an-order) are met to [convert that checkout to an order](https://docs.digitalriver.com/digital-river-api/order-management/creating-and-updating-an-order#creating-an-order-with-the-checkout-identifier).

### Secondary payment sources

Secondary payment [sources ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)are typically used to supplement a [primary source](#primary-payment-sources).

In the Digital River APIs, secondary sources have a [`type`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#supported-payment-methods) of [`customerCredit`](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/applying-a-store-credit).

If a [checkout ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts)only contains secondary `sources[]`, you may be able to successfully [create the order](https://docs.digitalriver.com/digital-river-api/order-management/creating-and-updating-an-order#creating-an-order-with-the-checkout-identifier), but before doing so, you must ensure the [necessary payment preconditions are met](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/payment-sessions#how-to-determine-when-to-create-an-order).

Secondary sources do not support [reusability](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use). Therefore, they [cannot be saved to a customer's account](#restrictions-on-saving-sources). They can only be [attached to a checkout](#attaching-sources-to-checkouts) to create a one-time [charge ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges)upon [order ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/orders)creation.

## Creating payment sources

We provide multiple options for [creating primary sources](#creating-primary-sources) and [creating secondary sources](#creating-secondary-sources).

### Creating primary sources

[Primary sources](#primary-payment-sources) are created with your [public API key](https://docs.digitalriver.com/digital-river-api/administration/dashboard/developers/api-keys#standard-keys) using [Drop-in payments](https://docs.digitalriver.com/digital-river-api/payments/payment-integrations-1/drop-in/drop-in-integration-guide) or [DigitalRiver.js with elements](https://docs.digitalriver.com/digital-river-api/payments/payment-integrations-1/digitalriver.js/quick-start). Once created, you can [attach the source to a checkout](#attaching-sources-to-checkouts) or, in some cases, [save the source to a customer](#attaching-sources-to-customers).

### Creating secondary sources

How you create [sources ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)with a [`type`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#supported-payment-methods) of `customerCredit` depends on the [version](https://docs.digitalriver.com/digital-river-api/general-resources/versioning) you're using.

For versions:

* `2021-03-23` and higher, refer to [Applying store credit](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/applying-a-store-credit).
* `2020-09-30`, `2020-12-17`, and `2021-02-23`, refer to [Applying store credit (legacy)](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/applying-store-credit-legacy).

## Combining primary and secondary payment sources

A [checkout's ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts)`sources[]` can hold a single [primary source](#primary-payment-sources) and/or one or more [secondary sources](#secondary-payment-sources).

In [checkouts](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts), you can combine a secondary source with any primary source that has one of the following [`type`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#supported-payment-methods) values: `alipayCn`, `creditCard`, `googlePay`, `applePay`, `payPal`, `payPalCredit`, `payPalBilling`, `wireTransfer`, `klarnaCredit`, `klarnaCreditRecurring`, `alipay`, `konbini`, `directDebit` and `onlineBanking`.

You can also use secondary sources with any primary payment sources in [invoices](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/invoices). Just make sure you turn off [billing optimization](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/invoices/invoice-basics#invoice-billing). For details, refer to [Supported payment methods with invoices](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/invoices/invoice-basics#supported-payment-methods).

When [building your workflows](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows), ensure you're properly sequencing the application of primary and secondary sources. The sequence depends on whether you use [secondary sources with a single-use primary source](#using-secondary-sources-with-a-single-use-primary-source) or [secondary sources with a saved primary source](#using-secondary-sources-with-a-saved-primary-source).

Also, you should be aware of [how Digital River handle captures, cancels, and refunds](#how-we-handle-captures-cancels-and-refunds) when an [order ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/orders)contains multiple [`charges[]`](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics).

### Using secondary sources with a single-use primary source

If a primary source is created during the checkout process and then not [associated with a customer](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers) (perhaps because the customer is checking out as a [guest](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/using-the-checkout-identifier#guest-checkouts-or-invoices), the customer is [registered](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/using-the-checkout-identifier#registered-checkouts-or-invoices) but chooses not to save the [source](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources), or the source's [`type`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#supported-payment-methods) doesn’t support [reusability](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use)), you must attach all [secondary sources](#secondary-payment-sources) to the [checkout ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts)before attaching the primary source.

If a [checkout's ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts)primary `sources[]` has a [`reusable`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use) value that is `false`, then any attempt to [associate a secondary source with the checkout](#attaching-sources-to-checkouts) returns the following error:

{% code title="409 Conflict" %}

```
{
    "type": "conflict",
    "errors": [
        {
            "code": "session_update_not_allowed",
            "message": "Updating source is not allowed for the current session state."
        }
    ]
}
```

{% endcode %}

### Using secondary sources with a saved primary source

If a checkout's primary [`sources[]`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources) is saved to the [customer making the purchase](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/using-the-checkout-identifier#registered-checkouts-or-invoices), then you have more flexibility in how you sequence the application of [primary](#primary-payment-sources) and [secondary](#secondary-payment-sources) sources.

More specifically, if a checkout's primary `sources[]` has a [`reusable`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use) value of `true`, then you can request to [associate a secondary source with the checkout](#attaching-sources-to-checkouts). Each time this request is successfully submitted, the checkout's primary `sources[].amount` gets reduced by the secondary [source's ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)`amount`.

### How we handle captures, cancels, and refunds

When [combining secondary sources with a primary source](#combining-primary-and-secondary-payment-sources), you should be aware of how Digital River processes [captures](#captures), [cancels](#cancels), and [refunds](#refunds) on an [order's ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/orders)`charges[]`.

#### Captures

Digital River first [captures ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics#captures)the [charges](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics) created from [secondary sources](#secondary-payment-sources) and then the single charge from the [primary source](#primary-payment-sources).

#### Cancels

Digital River first [cancels ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics#cancels)the single [charge ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics)created from the [primary source](#primary-payment-sources) and then the charge(s) created from [secondary sources](#secondary-payment-sources).

#### Refunds

Digital River first [refunds ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics#refunds)the single [charge ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics)created from the [primary source](#primary-payment-sources) and then the charge(s) created from [secondary sources](#secondary-payment-sources).

## Attaching sources to checkouts

After you [create](#creating-payment-sources) or [authenticate](#authenticating-sources) a payment [source ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)and retrieve its unique identifier, you can use that value to associate the source with a [checkout](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts).

You do this by [sending the source's identifier in the request's payload](#sending-a-source-identifier-in-the-request-payload) or [passing its identifier as a path parameter](#passing-the-source-identifier-as-a-path-parameter). This is true for both [primary and secondary sources](#primary-versus-secondary-sources).

You're only allowed to associate one [primary source](#primary-payment-sources) with a checkout. If a checkout's `sources[]` contains a primary source, and you submit a request to attach a different primary source, using either the [payload](#sending-a-source-identifier-in-the-request-payload) or [path parameter](#passing-the-source-identifier-as-a-path-parameter) approach, then the existing source is replaced.

However, as long as the aggregated `amount` of all of a checkout's `sources[]` doesn't exceed the checkout's `totalAmount`, there's no limit to the number of [secondary sources](#secondary-payment-sources) you can attach to a checkout.

### Passing a source's identifier in the request body <a href="#sending-a-source-identifier-in-the-request-payload" id="sending-a-source-identifier-in-the-request-payload"></a>

To associate a payment [source](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources) with a [checkout](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts), you can send its `sourceId` in the body of a [`POST /checkouts`](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts#checkouts-1) or [`POST /checkouts/{id}`](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts#checkouts-id-1) request.

```
curl --location --request POST 'https://api.digitalriver.com/checkouts/177642590336' \
--header 'Authorization: <API_key>' \
--header 'Content-Type: text/plain' \
--data-raw '{
   "sourceId": "7a3ce24c-5e18-4b8d-a667-d64a513ed33f"
}'
```

### Passing a source's identifier as a path parameter <a href="#passing-the-source-identifier-as-a-path-parameter" id="passing-the-source-identifier-as-a-path-parameter"></a>

To associate a payment source with a [checkout](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts), you can pass the checkout's identifier and the source's identifier as path parameters in a [`POST /checkouts/{id}/sources/{sourceId}`](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts#checkouts-id-sources-sourceid).

## Detaching sources from checkouts

When you need to remove a payment source from a checkout, you can send a [`DELETE /checkouts/{id}/sources/{sourceId}`](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts#checkouts-id-sources-sourceid-1). A successful request returns a `204 No Content` status code and an empty body.

If the source's [`reusable`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use) value is `false` when you submit the detach request, then the source's [`state`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#source-state) transitions to `cancelled`, and any attempt to [reattach the source to a checkout](#attaching-sources-to-checkouts) returns the following error:

{% tabs %}
{% tab title="409 Conflict" %}

```javascript
{
    "type": "conflict",
    "errors": [
        {
            "code": "source_status_invalid_for_session",
            "message": "The source status is invalid for this session."
        }
    ]
}
```

{% endtab %}
{% endtabs %}

## Saving sources to customers <a href="#attaching-sources-to-customers" id="attaching-sources-to-customers"></a>

In some cases, after you [create a primary payment source](#creating-primary-sources), you can save it to a customer for use in future checkouts.

Attaching [sources ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)to [customers ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers)can be useful when [building workflows](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows) that allow customers to save their payment information during [one-off purchases](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows#credit-card-details-saved-by-customer-during-checkout), [subscription acquisitions](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows#customer-enters-credit-card-details-during-subscription-acquisition-checkout), or on [account management pages](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows#saving-a-credit-card-for-future-use).

As long as the [necessary preconditions](#restrictions-on-saving-sources) are satisfied, you can save a [primary source](#primary-payment-sources) to a [customer ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers)by sending their unique identifiers as path parameters in a [`POST /customers/{customerId}/sources/{sourceId}`](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts#checkouts-id-sources-sourceid) request.

```
curl --location --request POST 'https://api.digitalriver.com/customers/544671250336/sources/05642ad9-d227-4250-a73e-92514ef68620' \
...
--data-raw ''
```

A successful request flips the source's [`reusable`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use) value to `true` and returns the source.

{% tabs %}
{% tab title="200 OK" %}

```javascript
{
    "id": "05642ad9-d227-4250-a73e-92514ef68620",
    "createdTime": "2021-09-16T14:29:45Z",
    "type": "creditCard",
    "reusable": true,
    "state": "chargeable",
    "customerId": "544671250336",
    "owner": {
        ...
    },
    "clientSecret": "05642ad9-d227-4250-a73e-92514ef68620_be853d8e-0422-436e-af3e-45f8a92b25e9",
    "creditCard": {
        "brand": "Visa",
        "expirationMonth": 7,
        "expirationYear": 2027,
        "lastFourDigits": "1111"
    },
    "liveMode": false
}
```

{% endtab %}
{% endtabs %}

At this point, you can update your system and notify customers that the payment method has been saved to their account.

### Restrictions on saving sources

Before sending a [save source to customer request](#attaching-sources-to-customers), make sure that the [source ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)doesn't have any [reusability](#reusability-restrictions) and [chargeability](#chargeability-restrictions) restrictions.

#### Reusability restrictions

If a [source ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)doesn't support [reusability](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#reusable-or-single-use) and you pass its identifier in a [`POST /customers/{customerId}/sources/{sourceId}`](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers#customers-id-sources-sourceid), then the following error is returned:

{% tabs %}
{% tab title="409 Conflict" %}

```javascript
{
    "type": "conflict",
    "errors": [
        {
            "code": "nonreusable_source",
            "message": "Only a reusable source may be attached to a customer."
        }
    ]
}
```

{% endtab %}
{% endtabs %}

{% hint style="success" %}
For a list of payment methods that can be used in recurring transactions, refer to the [Supported payment methods](https://docs.digitalriver.com/digital-river-api/payments/supported-payment-methods) page.

With [Drop-in payments](https://docs.digitalriver.com/digital-river-api/payments/payment-integrations-1/drop-in), you can also use `supportsStorage` in the [`onSuccess`](https://docs.digitalriver.com/digital-river-api/payment-integrations-1/drop-in/drop-in-integration-guide#onsuccess) event's `data` to make this determination.
{% endhint %}

#### Chargeability restrictions

Only [source's ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)whose [`state`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#source-state) is `chargeable` can successfully be saved to a [customer](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers). If the [source ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources)isn't `chargeable` (perhaps because it has a `redirect` payment [`flow`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#authentication-flow), the customer has yet to successfully authorize payment, and, as a result, its [`state`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#source-state) is still `pending_redirect`), and you attempt to [save the source to a customer](#attaching-sources-to-customers), you'll receive the following error:

{% code title="409 Conflict" %}

```
{
    "type": "conflict",
    "errors": [
        {
            "code": "source_not_chargeable",
            "parameter": "sourceId",
            "message": "Source 'ea6b3297-d05f-4d5d-a12d-95234e93d450' is not chargeable."
        }
    ]
}
```

{% endcode %}

{% hint style="info" %}
With [Drop-in payments](https://docs.digitalriver.com/digital-river-api/payments/payment-integrations-1/drop-in), you can use `readyForStorage` in the [`onSuccess`](https://docs.digitalriver.com/digital-river-api/payment-integrations-1/drop-in/drop-in-integration-guide#onsuccess) event's `data` to determine whether a [source](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources) can be associated with a [customer](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers).
{% endhint %}

### Restrictions on using saved sources

A [source](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources) saved to a [customer](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers) can't be used to [generate a charge](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics#how-a-charge-is-created) unless you associate the [customer](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers) with the [checkout](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/checkouts).

If a [customer ](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers)has a saved `sources[]`, and you [associate that source with the checkout](#attaching-sources-to-checkouts) but neglect to [associate that customer with the checkout](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/using-the-checkout-identifier#registered-checkouts-or-invoices), you'll receive the following error when you [convert the checkout to an order](https://docs.digitalriver.com/digital-river-api/order-management/creating-and-updating-an-order#creating-an-order-with-the-checkout-identifier).

{% tabs %}
{% tab title="409 Conflict" %}

```javascript
{
    "type": "conflict",
    "errors": [
        {
            "code": "source_in_use",
            "parameter": "sourceId",
            "message": "Source '37dcb9dc-c1ea-4295-b787-7d872e94cefd' is attached to a different customer."
        }
    ]
}
```

{% endtab %}
{% endtabs %}

## Removing sources from customers <a href="#detaching-sources-from-customers" id="detaching-sources-from-customers"></a>

If you'd like to detach a payment [source](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/sources) saved to a customer, you can send a [`DELETE/customers/{id}/sources/{sourcesId}`](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers#customers-id-sources-sourceid-1) request. When you do so, the source's [`state`](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/..#source-state) becomes `cancelled` and the resource can't be used to [create any future charges](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/charges/charge-basics#how-a-charge-is-created).

If you attempt to reattach this source to a customer, you'll receive the following error:

{% tabs %}
{% tab title="409 Conflict" %}

```javascript
{
    "type": "conflict",
    "errors": [
        {
            "code": "source_not_chargeable",
            "parameter": "sourceId",
            "message": "Source '24f4f281-9613-4d6d-8831-808952ed4915' is not chargeable."
        }
    ]
}
```

{% endtab %}
{% endtabs %}

## Setting the default payment source

Customers can store multiple payment `sources[]`.

The first [source you attach to a customer](#attaching-sources-to-customers) automatically becomes its default, and its identifier is assigned to the customer's `defaultSourceId` attribute. If you'd like to assign a customer a different default payment source, you must first ensure it's [attached to the customer](#attaching-sources-to-customers). Once that's done, you can set its identifier as the `defaultSourceId` in an [update customer request](https://app.gitbook.com/s/x8fSFzVR3sg0TsNWwwVz/customers#customers-id-1).

## Authenticating sources

After you [retrieve a source](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/retrieving-sources), you can pass its identifier, [payment session](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/payment-sessions) identifier, and client secret to the [authenticate source method](https://docs.digitalriver.com/digital-river-api/developer-resources/reference/digitalriver-object#authenticating-sources) in the [DigitalRiver.js](https://docs.digitalriver.com/digital-river-api/developer-resources/reference) library. This operation is especially helpful when [building workflows](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows) that allow customers to retrieve saved credit card information during [one-off purchases](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows#customer-selects-saved-credit-card-during-checkout) or [subscription acquisitions](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows#customer-saves-credit-card-details-during-subscription-acquisition-checkout).

## Updating sources

After you [retrieve a source](https://docs.digitalriver.com/digital-river-api/payments/payment-sources/retrieving-sources), you can pass its identifier, [payment session](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/creating-checkouts/payment-sessions) identifier, and client secret to the [update source method](https://docs.digitalriver.com/digital-river-api/developer-resources/reference/digitalriver-object#updating-sources) in the [DigitalRiver.js](https://docs.digitalriver.com/digital-river-api/developer-resources/reference) library. This operation is useful when [building workflows](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows) that allow customers to [update a credit card's expiration date or billing address](https://docs.digitalriver.com/digital-river-api/integration-options/checkouts/building-you-workflows#updating-a-credit-cards-expiration-date-or-billing-address).