Welcome to our new developer portal! Use the "Ask" button to chat with our AI Agent.
Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Consumer API

Get Consumer Information

get

This request is used by the D1 backend to request the details of an end user (consumer) from the issuer backend.

If the end user information is associated with the card, it is possible to activate "cardId" query parameter via an onboarding flag.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Path parameters
issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Query parameters
cardIdstring · min: 1 · max: 48Optional

Unique identifier of the card.

Example: cardId=crd_h2otddwm5uwujlye3qyxmjkphaPattern: ^[A-Za-z0-9_-]{1,48}$
Header parameters
x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Responses
200

All needed information related to the requested end user (consumer).

application/json

The following objects represent the personal information of the end user (consumer).

languagestring · min: 5 · max: 5Optional

Language of the end user (consumer). Based on ISO format for language (ISO 639–1) and an alpha-2 country code (ISO 3166–1 alpha-2). The language must be lowercase, and the country must be uppercase ideally. The language and country should be separated using a minus character "-".
Note: This field is mandatory for Click to Pay.

Example: en-USPattern: ^[a-z]{2}-[a-zA-Z]{2}$
firstNamestring · min: 1 · max: 128Required

First name of the end user (consumer).
Note: This field is mandatory for Click to Pay.

Example: JohnPattern: ^[\p{L}\p{N}\u0600-\u06FF ,.'_#;:\/-]{1,128}$
middleNamestring · min: 1 · max: 128Optional

Middle name of the end user (consumer).

Example: JohnPattern: ^[\p{L}\p{N}\u0600-\u06FF ,.'_#;:\/-]{1,128}$
lastNamestring · min: 1 · max: 128Required

Last name of the end user (consumer).
Note: This field is mandatory for Click to Pay.

Example: SmithPattern: ^[\p{L}\p{N}\u0600-\u06FF ,.'_#;:\/-]{1,128}$
dateOfBirthstringOptional

Date of Birth.

Example: 1990-01-25Pattern: ^\d{4}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[0-1])$
titlestring · min: 1 · max: 40Optional

Title of the end user (consumer).

Example: Mr.Pattern: ^[\p{L}\p{N}\u0600-\u06FF ,.'_#;:\/-]{1,40}$
emailstringOptional

Email of the end user (consumer).
Note: This field is mandatory for Click to Pay (Mastercard).

Example: john.smith@dummymail.comPattern: ^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,15}$
get
/banking/d1/v1/issuers/{issuerId}/consumers/{consumerId}?cardId=<cardId>

Authenticate

post

This request is sent by D1 to request an end user authentication.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Path parameters
issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Header parameters
x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Body
authenticationIdstringRequired

The authentication request identifier. For 3DS, the value is the same as the 'acsTransactionId'.

operationstring · enumRequired

The operation type.

Possible values:
detailsone ofOptional
Responses
200

OK

application/json
authenticationStatusstring · enumRequired

Status of the operation

Possible values:
post
/banking/d1/v1/issuers/{issuerId}/consumers/{consumerId}/authentication

Get Authentication Result

get

Polling request to get the authentication result.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Path parameters
issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$
authenticationIdstringRequired

The authentication identifier.

Header parameters
x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Responses
200

OK

application/json
authenticationStatusstring · enumRequired

Status of the operation

Possible values:
reasonstring · min: 1 · max: 64Optional

The reason of the technical error. Human readable text without personal or sensitive data.

get
/banking/d1/v1/issuers/{issuerId}/consumers/{consumerId}/authentication/{authenticationId}

Notify Consumer Operation (V1)

post

This request is used by D1 to notify the issuer backend about operations done on a consumer.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Path parameters
issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Header parameters
x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Body

Operation details related to a specific operationId

operationIdstring · min: 1 · max: 64Required

Unique identifier of the operation

Pattern: ^[A-Za-z0-9_-]{1,64}$
operationstring · enumRequired

The operation type.

Possible values:
statusstring · enumRequired

Status of the operation

Possible values:
startTimestring · min: 1 · max: 64Required

The time the request has been processed. Format ISO 8601 YYYY-MM-DDThh:mm:ssTZD

Example: 2022-06-16T06:28:02.492Z
endTimestring · min: 1 · max: 64Optional

The time the operation has been completed. Format ISO 8601 YYYY-MM-DDThh:mm:ssTZD note: This is an optional field and might not be returned for synchronous operations.

Example: 2022-06-16T06:28:32.492Z
requestorTypestring · enumRequiredPossible values:
requestorIdstringRequired

The consumerId of the end user.

detailsone ofOptional
errorstringOptional

Human readable string representing the error, only present in case of operation failure

Responses
post
/banking/d1/v1/issuers/{issuerId}/consumers/{consumerId}/notifications
No content

Deliver OTP

post

This request is used by D1 during the tokenization flow for a card in case it is required to send an OTP to the end user (consumer) "consumerId".

The parameter 'threeDSDetails' is available in the scenario :

  • 3DS Authentication

Note

This is applicable only if the issuer decides to rely on its own messaging system to send messages to their customers and not on the D1 platform.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Path parameters
issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Header parameters
x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Body
deliveryChannelstring · enumRequired

The channel on which the end user has decided to receive the OTP.

Possible values:
panSuffixstring · min: 4 · max: 4Required

Last 4 digits of the PAN of the card to be tokenized (digitized)

Responses
post
/banking/d1/v1/issuers/{issuerId}/consumers/{consumerId}/otp
No content
PreviousOAuth2 APINext3DS API

Last updated

Was this helpful?