> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/3d-secure/integrate-d1-api/d1-api-reference/inbound-api-to-d1/card-api.md).
# Card API
## Create
> This request is used by the bank backend to request the creation of a card (virtual or physical) with the processor.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card","description":"Card APIs."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"consumerId":{"type":"string","description":"Unique identifier of the consumer. ","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"cardProductId":{"type":"string","description":"Unique identifier of the type of card ( defined during the onboarding of D1)","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"createState":{"description":"The state of the card
If not provided, the card is considered ACTIVE","type":"string","enum":["ACTIVE","INACTIVE"]},"AccountInformation":{"additionalProperties":false,"type":"object","required":["default","number","currencyCode"],"properties":{"default":{"type":"boolean","description":"true if the account is the default consumer account"},"type":{"type":"string","description":"Type of the Account. By default if not provided, it is a 'CHECKING' account.","enum":["CHECKING","SAVINGS"]},"number":{"type":"string","minLength":2,"maxLength":24,"pattern":"^[a-zA-Z0-9_]{2,24}$","description":"Account number used for posting to Core Banking System"},"currencyCode":{"$ref":"#/components/schemas/currencyCode"}}},"currencyCode":{"type":"string","pattern":"^[A-Z]{3}$","description":"Currency Code in ISO 4217 alpha code format"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards":{"post":{"description":"This request is used by the bank backend to request the creation of a card (virtual or physical) with the processor.","requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"consumerId":{"$ref":"#/components/schemas/consumerId"},"cardProductId":{"$ref":"#/components/schemas/cardProductId"},"state":{"$ref":"#/components/schemas/createState"},"name":{"type":"string","minLength":0,"maxLength":26,"pattern":"^[a-zA-Z. -]{0,26}$","description":"Name of the card holder as it will be printed/embossed on the card.
For virtual card this value will be used exclusively for card display.
Empty string supported."},"secondName":{"type":"string","minLength":0,"maxLength":26,"pattern":"^[a-zA-Z. -]{0,26}$","description":"Optional second card holder name as it will be printed/embossed on the card under the first card holder name.
Not used in case of virtual card."},"statusReason":{"type":"string","minLength":0,"maxLength":2,"default":"IN","pattern":"^[a-zA-Z]{0,2}$","description":"This indicates the state of the card once it's created"},"accountList":{"type":"array","description":"This represent the list of account the card will be attached to.
This list is used for the posting","items":{"$ref":"#/components/schemas/AccountInformation"}}},"required":["consumerId","accountList","cardProductId","name"]}}}},"responses":{"201":{"description":"Successful card creation","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","description":"Information related to the created card.","required":["cardId"],"properties":{"cardId":{"$ref":"#/components/schemas/cardId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n| FIELD_INVALID_VALUE | Contains the field in error (first found) | no | One field value is not allowed for the given field |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application.
\nThe below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource |\n| CARD_CREATION_COUNT_EXCEEDED | - | no | The maximum number of cards for the consumer is reached. Creation of additional card is not possible. |\n | OPERATION_NOT_ALLOWED | Name of the operation/field that is not allowed in this operation | no | Card creation is not allowed for this card product |","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CONSUMER | - | no | Consumer does not exist |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Create","operationId":"createCard","tags":["Card"]}}}}
```
## Register Card
> This request is used to register a card with corresponding cards credentials.\
> This operation is applicable for card product supporting:\
> \- No authorisation mode\
> \- Light authorisation mode\
> \
> The cardId used to register the card shall be unique. A cardId can be reused to register another card (having a different PAN) under several conditions:\
> \- The cardId to be reused is linked with a DELETED or REPLACED card\
> \- The cardId to be reused is not associated to a card issued by D1 (a card created using the CREATE card API).\
> \- The cardId to be reused is not associated with a card product used for making transactions\
> \- In any case, it is not possible to register a card PAN already deleted or replaced. Even by reusing a cardId.\
> Reusing a cardId for another consumer is not recommanded. Since the cardId will disappear from the previous consumer cards list.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card","description":"Card APIs."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"consumerId":{"type":"string","description":"Unique identifier of the consumer. ","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"cardProductId":{"type":"string","description":"Unique identifier of the type of card ( defined during the onboarding of D1)","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"state":{"description":"The state of the card
If not provided, the card is considered ACTIVE","type":"string","enum":["ACTIVE","SUSPENDED"]},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}":{"put":{"description":"This request is used to register a card with corresponding cards credentials.\nThis operation is applicable for card product supporting:\n - No authorisation mode\n - Light authorisation mode\n\nThe cardId used to register the card shall be unique. A cardId can be reused to register another card (having a different PAN) under several conditions:\n - The cardId to be reused is linked with a DELETED or REPLACED card\n - The cardId to be reused is not associated to a card issued by D1 (a card created using the CREATE card API).\n - The cardId to be reused is not associated with a card product used for making transactions\n - In any case, it is not possible to register a card PAN already deleted or replaced. Even by reusing a cardId.\nReusing a cardId for another consumer is not recommanded. Since the cardId will disappear from the previous consumer cards list.\n","requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"consumerId":{"$ref":"#/components/schemas/consumerId"},"cardProductId":{"$ref":"#/components/schemas/cardProductId"},"state":{"$ref":"#/components/schemas/state"},"name":{"type":"string","minLength":0,"maxLength":26,"pattern":"^[a-zA-Z. -]{0,26}$","description":"Name of the card holder as it will be printed/embossed on the card.
For virtual card this value will be used exclusively for card display.
Empty string supported."},"secondName":{"type":"string","minLength":0,"maxLength":26,"pattern":"^[a-zA-Z. -]{0,26}$","description":"Optional second card holder name as it will be printed/embossed on the card under the first card holder name.
Not used in case of virtual card."},"encryptedData":{"type":"string","title":"encryptedData","maxLength":8192,"pattern":"^(?:[\\x20-\\x2D\\x2F-\\x7F]*\\.){4}(?:[\\x20-\\x2D\\x2F-\\x7F]*)$","description":"The encryptedData is the encrypted json (cf http://www.json.org/) representation of the Card information.\nThis value is encrypted using the JWE encryption (please refer to the **[Encrypt sensitive data](../../../integrate-the-d1-api/encrypt-sensitive-data)** for more details)\n
Once deciphered, the plaintext contains a json structure with:\n|JSON field parameter name|description|MOC|Format|\n|-------|-------|-------|-------|\n|pan|The funding pan value.|M|string - up to 19 digits|\n|exp|The expiry date of the card.|M|string - 4 digits, following the format MMYY|\n|auxiliaryPan|The auxiliary funding pan value. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - up to 19 digits|\n|auxiliaryExp|The auxiliary expiry date of the card. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - 4 digits, following the format MMYY|\n\nAs D1 is able to compute the CVV2, the cvv parameter is not expected. \n
\n
\n"}},"required":["consumerId","cardProductId","name","encryptedData"]}}}},"responses":{"204":{"description":"Successful card registration"},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | One field is not expected format as defined in this documentation |\n| CRYPTO_ERROR | - | no | Not possible to decrypt the provided encrypted data |\n| FIELD_INVALID_VALUE | - | no | One field value is not allowed for the given field |\n| INVALID_PAN | - | no | PAN is invalid |\n| INVALID_EXPIRY_DATE | Expiry date is invalid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application.\nThe below table defines the possible error:\n | errorCode | error | Retryable | Comments |\n | -------------- | ------------| ----------| -----------------------------------|\n | - | - | no | No error details available |\n | AUTHORIZER_FORBIDDEN | not\\_authorized error message | no | User\\_is\\_not\\_authorized\\_to\\_access\\_this\\_resource |\n | CARD_ALREADY_EXISTS | - | no | CardId already registered in the solution |\n | CARD_INVALID_STATE | - | no | CardId already registered in the solution and has an invalid card state (REPLACED or DELETED) |\n | CONSUMER_INVALID_STATE| - | no | Consumer exists with an invalid consumer state (DELETED) |\n | OPERATION_NOT_ALLOWED | Name of the operation/field that is not allowed in this operation | no | Register is not allowed for this card product |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Register Card","operationId":"registerCard","tags":["Card"]}}}}
```
## Resume
> This request is used by the bank backend to request the reactivation of a card that has been suspended.\
> The card could have been suspended\
> \- by the bank's backend\
> \- by customer agent\
> \- by end user using the mobile banking application\
> \- or automatically by authorisation system when a payment validation failure retry counter has been exceeded (PIN locked, CVV2 locked or expiry date locked)\
> \
> If the card is locked (PIN locked, CVV2 locked or expiry date), D1 will unlock the card whatever the reason.\
> \
> \*\*Note:\*\* It cannot be used to activate a physical card for the really first time. \
> Please refer to \[activatePhysicalCard]\()
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:resume":{"post":{"description":"This request is used by the bank backend to request the reactivation of a card that has been suspended.\nThe card could have been suspended\n- by the bank's backend\n- by customer agent\n- by end user using the mobile banking application\n- or automatically by authorisation system when a payment validation failure retry counter has been exceeded (PIN locked, CVV2 locked or expiry date locked)\n\nIf the card is locked (PIN locked, CVV2 locked or expiry date), D1 will unlock the card whatever the reason.\n\n**Note:** It cannot be used to activate a physical card for the really first time. \nPlease refer to [activatePhysicalCard](https://thales-dis-dbp.stoplight.io/docs/d1-developer-portal/a2ebfce648687-card-activation)","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["ISSUER_DECISION","USER_DECISION","CARD_FOUND"]}}}}}},"responses":{"200":{"description":"Card resumed Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"operationId":{"$ref":"#/components/schemas/operationId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application.
\nThe below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource |\n| CARD_INVALID_STATE | - | no | Resume with this state reason is not allowed |\n"},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Resume","tags":["Card Operations"],"operationId":"resumeCard"}}}}
```
## Suspend
> This request is used by the bank backend to request the suspention of a card.\
\
> When a card is suspended:\
> \+ authorization will be declined by the system.\
> \+ end user will not be alble to digitize the card.\
> \+ But authorization with digital card will be still approved by the system.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:suspend":{"post":{"description":"This request is used by the bank backend to request the suspention of a card.
\nWhen a card is suspended:\n + authorization will be declined by the system.\n + end user will not be alble to digitize the card.\n + But authorization with digital card will be still approved by the system.\n","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["CARD_LOST","CARD_STOLEN","CARD_BROKEN","FRAUD","USER_DECISION","ISSUER_DECISION"]}}}}}},"responses":{"200":{"description":"Card was suspended Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"operationId":{"$ref":"#/components/schemas/operationId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource \n| CARD_INVALID_STATE | - | no | Suspension with this state reason is not allowed |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Suspend","tags":["Card Operations"],"operationId":"suspendCard"}}}}
```
## Delete
> This request is used by the bank backend to request the deletion of a card. \
> \
> For cards managed by D1 (in oposition to legacy cards that are managed by the issuer), D1 will propagate the deletion/revocation to the processor.\
> \
> \Note:\ The deletion of the card cannot be reverted. In case of card lost consider using the suspend operation first.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:delete":{"post":{"description":"This request is used by the bank backend to request the deletion of a card. \n\nFor cards managed by D1 (in oposition to legacy cards that are managed by the issuer), D1 will propagate the deletion/revocation to the processor.\n\nNote: The deletion of the card cannot be reverted. In case of card lost consider using the suspend operation first.","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["CLOSED_ACCOUNT","CLOSED_CARD","CARD_LOST","CARD_STOLEN","CARD_BROKEN","CARD_NOT_RECEIVED","FRAUD","ISSUER_DECISION"]}}}}}},"responses":{"200":{"description":"Card was deleted Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"operationId":{"$ref":"#/components/schemas/operationId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application.
\nThe below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource |\n| CARD_INVALID_STATE | - | no | Possible error is card already deleted with an other reason |\n"},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Delete","tags":["Card Operations"],"operationId":"deleteCard-v2"}}}}
```
## Replace
> End user can request the bank a replacement of an existing card because the card has been lost or damaged.\
\
> The replaced card is blocked until the new card is activated.\
\
> The new card has a new cardId and a new card credentials (PAN and expiry date).\
\
> In the particular case of Virtual Card, the new Virtual Card is automaticaly activated.\
> \
> \
> D1 manages to re-link automatically digital card from the old card to the new card upon activation.\
> \
> For card registered in D1, the bank backend shall provide new cardId and new card credentials when calling the API.\
> The new cardId used to replace the card shall be unique. The new cardId can be reused from another card (having a different PAN) under several conditions :\
> \- The cardId to be reused is linked with a DELETED or REPLACED card (thus it's not possible to use the current cardId as newCardID when doing a replace)\
> \- The cardId to be reused is not associated to a card issued by D1 (a card created using the CREATE card API).\
> \- The cardId to be reused is not associated with a card product used for making transactions\
> \- In any case, it is not possible to use a card PAN already deleted or replaced. Even by reusing a cardId.\
> Reusing a cardId for another consumer is not recommanded. Since the cardId will disappear from the previous consumer cards list. \
> \
> \
> For card created by D1, D1 will generate a new cardId and new card credentials. Thus the newCardId shall not be provided by the issuer when calling this API.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"newCardId":{"type":"string","description":"Unique identifier of the new card. Provided in case the card is in REPLACED state.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:replace":{"post":{"description":"End user can request the bank a replacement of an existing card because the card has been lost or damaged.
\nThe replaced card is blocked until the new card is activated.
\nThe new card has a new cardId and a new card credentials (PAN and expiry date).
\nIn the particular case of Virtual Card, the new Virtual Card is automaticaly activated.\n\n\nD1 manages to re-link automatically digital card from the old card to the new card upon activation.\n\nFor card registered in D1, the bank backend shall provide new cardId and new card credentials when calling the API.\nThe new cardId used to replace the card shall be unique. The new cardId can be reused from another card (having a different PAN) under several conditions :\n - The cardId to be reused is linked with a DELETED or REPLACED card (thus it's not possible to use the current cardId as newCardID when doing a replace)\n - The cardId to be reused is not associated to a card issued by D1 (a card created using the CREATE card API).\n - The cardId to be reused is not associated with a card product used for making transactions\n - In any case, it is not possible to use a card PAN already deleted or replaced. Even by reusing a cardId.\nReusing a cardId for another consumer is not recommanded. Since the cardId will disappear from the previous consumer cards list. \n\n\nFor card created by D1, D1 will generate a new cardId and new card credentials. Thus the newCardId shall not be provided by the issuer when calling this API.","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"newCardId":{"$ref":"#/components/schemas/newCardId"},"encryptedData":{"type":"string","title":"encryptedData","maxLength":8192,"pattern":"^(?:[\\x20-\\x2D\\x2F-\\x7F]*\\.){4}(?:[\\x20-\\x2D\\x2F-\\x7F]*)$","description":"The encryptedData has to be provided in case of card registered in D1. It is not needed for card created by D1.
\nThe encryptedData is the encrypted json (cf http://www.json.org/) representation of the Card information.\nThis value is encrypted using the JWE encryption (please refer to the **[Encrypt sensitive data](../../../integrate-the-d1-api/encrypt-sensitive-data)** for more details)\n
Once deciphered, the plaintext contains a json structure with:\n|JSON field parameter name|description|MOC|Format|\n|-------|-------|-------|-------|\n|pan|The funding pan value.|M|string - up to 19 digits|\n|exp|The expiry date of the card.|M|string - 4 digits, following the format MMYY|\n|auxiliaryPan|The auxiliary funding pan value. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - up to 19 digits|\n|auxiliaryExp|The auxiliary expiry date of the card. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - 4 digits, following the format MMYY|\n\n
\n
\n"},"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["CARD_LOST","CARD_STOLEN","CARD_BROKEN","CARD_NOT_RECEIVED","FRAUD","ISSUER_DECISION"]}},"required":["reason","stateReason"]}}}},"responses":{"200":{"description":"Card was replaced Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","required":["newCardId"],"properties":{"operationId":{"$ref":"#/components/schemas/operationId"},"newCardId":{"$ref":"#/components/schemas/cardId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n| FIELD_INVALID_VALUE | Contains the field in error (first found) | no | One field value is not allowed for the given field |\n| CRYPTO_ERROR | - | no | Not possible to decrypt the provided encrypted data |\n| INVALID_PAN | - | no | PAN is invalid |\n| INVALID_EXPIRY_DATE | Expiry date is invalid | \n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource \n| CARD_INVALID_STATE | - | no | The card to replace is in invalid state (DELETED, REPLACED) |\n| CARD_ALREADY_EXISTS | - | no | The new card referenced by newCardId or new PAN already exists in the solution |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Replace","tags":["Card Operations"],"operationId":"replaceCard-v2"}}}}
```
## Renew
> Card renewal is the process where a new card is provided to end-user. The new card has new expiry date, but cardId and PAN are remaining the same.\
> \
> For card registered in D1, this request is used by the bank backend to inform that card has been renewed. In such case the new expiry date shall be provided. Moreover, the auxiliary expiry date of the card shall also be provided for cobadged cards that have an auxiliary pan. \
> \
> For card created by D1, this request is used by the bank backend to manualy request the renewal of an existing card (a new expiry date will be generated by D1).\
> \
> In the particular case of the Virtual Card, the Virtual Card is automaticaly activated.\
> For Physical Card, the renewed card will remain active until:\
> \- an explicit activation perfomed using the activation operation using the same cardId as the renew card \
> \- an implicit activation following a valid card present transaction (if card product is configured as such)
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"cardExpiryDate":{"type":"string","description":"Expiry date of the card in MMYY format","pattern":"^(0[1-9]|1[0-2])\\d{2}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:renew":{"post":{"description":"Card renewal is the process where a new card is provided to end-user. The new card has new expiry date, but cardId and PAN are remaining the same.\n\nFor card registered in D1, this request is used by the bank backend to inform that card has been renewed. In such case the new expiry date shall be provided. Moreover, the auxiliary expiry date of the card shall also be provided for cobadged cards that have an auxiliary pan. \n\nFor card created by D1, this request is used by the bank backend to manualy request the renewal of an existing card (a new expiry date will be generated by D1).\n\nIn the particular case of the Virtual Card, the Virtual Card is automaticaly activated.\nFor Physical Card, the renewed card will remain active until:\n - an explicit activation perfomed using the activation operation using the same cardId as the renew card \n - an implicit activation following a valid card present transaction (if card product is configured as such)","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"newExp":{"$ref":"#/components/schemas/cardExpiryDate"},"newAuxiliaryExp":{"$ref":"#/components/schemas/cardExpiryDate"},"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["ISSUER_DECISION","USER_DECISION","CARD_EXPIRED"]}}}}}},"responses":{"200":{"description":"Card was renewed Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"operationId":{"$ref":"#/components/schemas/operationId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n| FIELD_INVALID_VALUE | Contains the field in error (first found) | no | One field is |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource \n| CARD_INVALID_STATE | - | no | Renewal with this state reason is not allowed |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Renew","tags":["Card Operations"],"operationId":"renewCard-v2"}}}}
```
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.payments.thalescloud.io/3d-secure/integrate-d1-api/d1-api-reference/inbound-api-to-d1/card-api.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.