> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/classic-tokenization/ja/apirifarensu/ishuagtoweiapi/autobaundoishua.md).

# アウトバウンド（イシュア宛）

## check card is eligibile to digitization

> This method is used by TSH to :\
> \* check with issuer if the card is eligible to digitization \
> \* get from issuer the card profile identifier\
> \
> Please note that in the case of AMEX implementation, Issuer has to configure some card metadata on Thales portal to respond properly to AMEX TSP. Please check with the integration team.

````json
{"openapi":"3.1.1","info":{"title":"Gemalto TSH Issuer Gateway  API","version":"2.8.7"},"tags":[{"name":"Check Card Eligibility"}],"servers":[{"url":"https://issuer.host.com/issuer/igwapi/v2.0"}],"paths":{"/checkCardEligibility":{"post":{"summary":"check card is eligibile to digitization","description":"This method is used by TSH to :\n* check with issuer if the card is eligible to digitization \n* get from issuer the card profile identifier\n\nPlease note that in the case of AMEX implementation, Issuer has to configure some card metadata on Thales portal to respond properly to AMEX TSP. Please check with the integration team.","operationId":"checkCardEligibility","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/x-issuer-id-header"}],"responses":{"200":{"description":"checkCardEligibility response payload","content":{"application/json":{"schema":{"$ref":"#/components/schemas/checkCardEligibilityRes"}}}},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter","content":{"application/json":{"schema":{"type":"object","description":"Error Information Response","properties":{"responseCode":{"type":"number","description":"Error Response code to the request\n|Error code | Description|\n|-------|-------|\n|111|Missing mandatory parameter|\n|112|Bad parameter format|\n|116|Invalid card details (either FPAN or expiry date)|\n|158|Card is expired or wrong expiry date provided|\n|159|Card is suspended|\n|160|Card is revoked or deleted|\n|163|Product not supported for tokenization|\n|164|Fraud Suspected|\n|165|FPAN is not whitelisted for the token requestor. It applies ONLY to American Express|\n|166|Invalid FPAN|\n|911|Operation failed|\n|921|Unexpected server error|\n"},"errorMessage":{"maxLength":256,"type":"string","description":"Textual error message"}},"required":["responseCode"]}}}},"500":{"description":"Internal Server Error"}},"tags":["Check Card Eligibility"],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/checkCardEligibilityReq"}}},"description":"checkCardEligibility request payload","required":true}}}},"components":{"parameters":{},"schemas":{"checkCardEligibilityRes":{"type":"object","properties":{"issuerCardRefId":{"$ref":"#/components/schemas/issuerCardRefId"},"productId":{"$ref":"#/components/schemas/productId"},"accountMetadata":{"type":"object","properties":{"displayAccountNumber":{"description":"Last digits of the account number to be displayed.<br/>If it's provided by the issuer, this value will be the one displayed by the token requestor instead of the FPAN last digits.\n<br/>This is applicable to the following solutions:\n  - **Google Pay**\n  - **Huawei Pay**\n  - **AMEX ITSP**","type":"string","maxLength":5,"pattern":"^[0-9]*$"},"expiryDate":{"description":"Card expiry date in the format yyyy-mm-dd.<br/>It shall be provided for **AMEX ITSP** solution.","type":"string","maxLength":10}},"required":["displayAccountNumber"]}},"required":["issuerCardRefId"]},"issuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/>"},"productId":{"type":"string","description":"Unique identifier of the card product associated to the card to digitize.\n\nIt is used by TSH or the TSP scheme to identify the proper card arts and card profile metadata to send to the wallet.\n\nIn case of an international scheme, card arts and card metadata are configured by the Issuer with the scheme directly, TSH does not host any data.\n\nConditional field:\n* For international schemes: the field is required or not according to the configuration the Issuer has choosen with the scheme. TSH will forward it to the TSP if the field is available.\n* For domestic schemes: required in case TSH is not able to determine the card product profile based on the (sub)BIN","maxLength":32,"minLength":1},"checkCardEligibilityReq":{"type":"object","required":["walletProviderId"],"properties":{"cipheredCardInfo":{"$ref":"#/components/schemas/cipheredCardInfoEligibility"},"publicKeyIdentifier":{"type":"string","maxLength":32,"minLength":1,"description":"Identifier of the key used to encrypt cipheredCardInfo.<br/>Provided by Issuer to Thales during onboarding."},"issuerCardRefId":{"$ref":"#/components/schemas/optionaIssuerCardRefId"},"walletProviderId":{"$ref":"#/components/schemas/walletProviderId"},"tokenRequestor":{"$ref":"#/components/schemas/tokenRequestor"},"captureMethod":{"$ref":"#/components/schemas/captureMethod"}}},"cipheredCardInfoEligibility":{"maxLength":8196,"minLength":1,"type":"string","description":"TSH sends Card information as a JSON.\n\nThis value is encrypted using the PKCS#7 encryption scheme defined in RFC 2315/5652 using following encryption parameters:<br/>\n* The content encryption algorithm used is AES256/CBC/PKCS7Padding using a randomly generated AES key.\n* The key encryption algorithm is either RSAES-PKCS1-v1_5 (RSA/NONE/PKCS1Padding) or RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256), using the certificate provided during onboarding.<br/>\nThe key encryption algorithm is defined during onboarding and is by default (if ommitted) the RSA/NONE/PKCS1Padding for legacy purpose.<br/>\nIt is recommended to configure RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256) for new issuers.\n\n* The encryption result is then encoded using base64.<br/>\n* The public key length in the certificate can be 2048-bit or 4096-bit.\n\nOnce deciphered, the cardInfo contains the following information:<br/>\n\n|JSON field parameter name |description |MOC |Length |\n|--------------------------|------------|----|-------|\n|fpan |The funding pan to digitize |M |Up to 19 |\n|exp |The expiry date in the format MMYY |O |4 |\n|cvv |Depending of the OEM and scheme, this value is provided or not |O |3 or 4 |\n|additionalCardInfos | Optional JSON Open format, in order to add additional card info - project dependent|O|Up to 8177|\n<br/>\n\n\n**Examples:**\n\n``` javascript\n  Example 1\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n  }\n\n  Example 2\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    “cvv\":\"765”\n  }\n\n  Example 3\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    “cvv\":\"765”,\n    \"additionalCardInfos\": {\n      \"archiveReference\": “90217095220928”\n    }\n  }\n\n  Example 4\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    \"additionalCardInfos\": {\n      \"pin\": “06123456FFFFFFFF”\n    }\n  }\n\t\t\n\t\n\t\t\n```\n\n*Note*: \n1. **This parameter is optional**, If it not provided, the Issuer must rely on the **issuerCardRefId** to find\nthe funding card to digitize.**cipheredCardInfo**  and **issuerCardRefId** are exclusive <br/>\n2. **pin** is sent inside **additionalCardInfos** only in case of UPI scheme. It is generally sent for Debit cards."},"optionaIssuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/> *The following is valid for enrolment of domestic card (not valid for VISA & Mastercard)*: **This parameter is optional**, If it not provided, the Issuer must rely on the **cipheredCardInfo** to get the funding PAN and find the funding card to digitize.<br/>\n"},"walletProviderId":{"type":"string","description":"Wallet Provider identifier, defined by Thales.\n\n<b>When TSH acts as OEM Pay broker:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|APPLE_PAY |Apple Pay Wallet|\n|SPAYHCE |Samsung Pay Wallet|\n|ANDROID_PAY |Google Pay Wallet|\n\n\n<b>When TSH acts as ITSP:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|WALLET|Generic NFC/QR Code Wallet provider |\n|ECOM |Generic Merchant Wallet Provider ID managing CoF token |\n\nNOTE:\nIt is possible to assign a specific \"walletProviderId\" for a given TRID. This configuration can be achieved during the project on-boarding phase only.\n\nPlease check the \"Wallet Provider ID Mapping\" page in the \"API Reference\" section.","minLength":1,"maxLength":128},"tokenRequestor":{"type":"object","description":"**Applies to ITSP solution only**","properties":{"id":{"type":"string","maxLength":11,"description":"Token Requestor Identifier provided and allocated by Scheme TSP.\\\nFor the same requestor, the identifier changes across the different Schemes."},"originalTokenRequestorId":{"type":"string","maxLength":11,"description":"VISA Only\\\nApplies in case of token for token provisioning"},"walletId":{"type":"string","maxLength":100,"description":"This field applies ONLY to MasterCard, Discover and American Express\n\nWallet Application Identifier provided and allocated by Scheme TSP"},"merchantId":{"type":"string","maxLength":32,"description":"VISA only\\\nUnique identifier for merchant"},"name":{"type":"string","maxLength":256,"description":"Readable name of the token requestor"}}},"captureMethod":{"description":"Method used by the user or the issuer to capture card information to digitize.\n\nDescription:\n- CAMERA: when card information is captured by the on-device camera\n- MANUAL: when the consumer enters the card information manually, through the device keyboard\n- BANK_APP: when the card information is exchanged between the banking App and the Issuer App\n- ON-FILE: when the card information is retrieved by a merchant who has stored the card information\n- READER_MODE: when the card information is retrieved through a NFC interaction between the device and the physical card (applicable to VISA, MASTERCARD, AMEX, DISCOVER and some domestic schemes)\n- TOKEN: when the card information is retrieved through a device-based token. This is applicable only to VISA and MASTERCARD schemes\n- CHIP_DIP: card information is captured by inserting (dip) the card into a terminal (applicable to VISA & MASTERCARD)\n- WEB_BROWSER: card information (PAN) is captured through a web browser (applicable only to MasterCard & AMEX schemes)\n- UNKNOWN: the origin of the card information is unknown  ","type":"string","maxLength":64}}}}
````

## request issuer for digitization of the card

> This method is used by TSH to request issuer approval for card digitiazation\
> \
> This method provides information about:\
> \*  user accepts or declines Terms and Condition\
> \*  scoring made by the Wallet Provider and optionaly the scheme\
> \
> The issuer have then to:\
> \*  decide or not to digitize the card\
> \*  if an step up authnetication of the cardholder is required (ID\&V process)\
> \*  if yes, the list of authentication/ID\&V OTP method available for cardholder authentication<br>

````json
{"openapi":"3.1.1","info":{"title":"Gemalto TSH Issuer Gateway  API","version":"2.8.7"},"tags":[{"name":"Request Card Digitization"}],"servers":[{"url":"https://issuer.host.com/issuer/igwapi/v2.0"}],"paths":{"/requestCardDigitization":{"post":{"summary":"request issuer for digitization of the card","description":"This method is used by TSH to request issuer approval for card digitiazation\n\nThis method provides information about:\n*  user accepts or declines Terms and Condition\n*  scoring made by the Wallet Provider and optionaly the scheme\n\nThe issuer have then to:\n*  decide or not to digitize the card\n*  if an step up authnetication of the cardholder is required (ID&V process)\n*  if yes, the list of authentication/ID&V OTP method available for cardholder authentication\n","operationId":"requestCardDigitization","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/x-issuer-id-header"}],"responses":{"200":{"description":"requestCardDigitization response payload","content":{"application/json":{"schema":{"$ref":"#/components/schemas/requestCardDigitizationRes"}}}},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter","content":{"application/json":{"schema":{"type":"object","description":"Error Information Response","properties":{"responseCode":{"type":"number","description":"Error Response code to the request\n|Error code | Description|\n|-------|-------|\n|111|Missing mandatory parameter|\n|112|Bad parameter format|\n|116|Invalid card details (either FPAN or expiry date)|\n|158|Card is expired or wrong expiry date provided|\n|159|Card is suspended|\n|160|Card is revoked or deleted|\n|161|Invalid CVV2|\n|164|FPAN Provisioning Count Exceeded|\n|166|Invalid FPAN|\n|170|Invalid cardholder. It applies ONLY to Discover|\n|181|CVV Verification Attempts Exceeded|\n|911|Operation failed|\n|921|Unexpected server error|"},"errorMessage":{"maxLength":256,"type":"string","description":"Textual error message"}},"required":["responseCode"]}}}},"500":{"description":"Internal Server Error"}},"tags":["Request Card Digitization"],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/requestCardDigitizationReq"}}},"description":"requestCardDigitization request payload","required":true}}}},"components":{"parameters":{},"schemas":{"requestCardDigitizationRes":{"type":"object","properties":{"issuerCardRefId":{"$ref":"#/components/schemas/issuerCardRefId"},"productId":{"$ref":"#/components/schemas/productIdDigitization"},"cardDetails":{"$ref":"#/components/schemas/cardDetails"},"levelOfTrust":{"type":"string","maxLength":32,"description":"Issuer Level of trust of the customer and Card Information\nValue can be:\n• 'green' : good level of trust, no ID&V requested\n• 'yellow' : warning, ID&V is required\n• 'red' : reject the digitization\nConditional: not provided in case of error. Mandatory in case of success.\n","enum":["green","yellow","red"]},"idvMethodList":{"type":"array","description":"List of Id&V step-up authentication method the wallet application will present to end user, in case of yellow flow.\n- If provided, TSH Issuer Gateway won't call getIDnVMethodList request and cache the response for further Wallet/scheme TSP request.\n- If not provided, TSH Issuer Gateway each time the Wallet/Scheme TSP request the ID&VMethodList which allow dynamic ID&V management","items":{"$ref":"#/components/schemas/idvMethod"}},"transactionLimit":{"type":"string","maxLength":12,"description":"The amount quota, if the transaction amount exceeds it, the terminal shall prompt the cardholder to provide the Online PIN.\n**This field is only returned for UPI scheme. And it is not applicable for other schemes.**"}},"required":["issuerCardRefId"]},"issuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/>"},"productIdDigitization":{"type":"string","description":"Unique identifier of the card product associated to the card to digitize.\n\nIt is used by TSH or the TSP scheme to identify the proper card arts and card profile metadata to send to the wallet.\n\nIn case of international schemes, card arts and card metadata are configured by the Issuer with the scheme directly, TSH does not host any data.\n\nConditional field, if provided, TSH will forward it to the TSP.\n","maxLength":32,"minLength":1},"cardDetails":{"type":"object","properties":{"cardholderName":{"type":"string","description":"Name displayed on the card","maxLength":256,"minLength":1},"fpanLastDigits":{"type":"string","description":"Last digits of the funding PAN (V/MC-4, Amex-5)<br/>\nUsed by the Wallet Application to be display close to or on top of Card Art<br/> Shall be returned for Apple Pay solution.           \n","maxLength":5,"minLength":1},"fpanBin":{"type":"string","description":"6 digits of the funding card BIN","minLength":6,"maxLength":6},"fpanExpiryDate":{"type":"string","description":"Expiry Date to be display close to or on top of Card Art in format 'mm/yy'","maxLength":5}}},"idvMethod":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":32,"description":"A unique identifier of this method"},"type":{"type":"string","minLength":1,"maxLength":16,"description":"It is the type of ID&V method supported. In case of ITSP configuration, the following values apply:\n |Value | Description|VISA|MasterCard|UPI|\n|-------|-------|:-------:|:-------:|:-------:|\n|'cell_phone'|ID&V based on an OTP sent by SMS|x|x|x|\n |'email'|ID&V based on an OTP sent by email|x|x|x|\n  |'bank_app'|ID&V managed through the Bank Application|x|x|x|\n |'outbound_call'|ID&V based on an outbound flow, like, for example, weblink|x|x|-|\n |'customer_service'|ID&V based on Cardholder-initiated call to the Bank customer service|x|x|x|\n  |'call'|ID&V based on Issuer-initiated voice call to Cardholder|-|x|-| \n |'ivr'|ID&V based on Cardholder-initiated call to the Bank IVR system|-|x|-|\n\n In case of TSP-broker configuration, values depend on the OEMPay:\n |Value | Description|Samsung Pay|Apple Pay|Google Pay|\n|-------|-------|:-------:|:-------:|:-------:|\n|'cell_phone'|ID&V based on an OTP sent by SMS|x|x|x|\n |'email'|ID&V based on an OTP sent by email|x|x|x|\n  |'bank_app'|ID&V managed through the Bank Application|x|x|x|\n |'outbound_call'|ID&V based on an outbound flow, like, for example, weblink|x|-|-|\n |'customer_service'|ID&V based on Cardholder-initiated call to the Bank customer service|x|x|x|\n |'call'|ID&V based on Issuer-initiated voice call to the Cardholder|x|x|x|\n<b><u>Note:</u></b><br/>After ID&V of cardholder with option 'call' or 'customer_service', Issuer shall trigger a call to TSH using updateCardState to activate the virtual card."},"value":{"type":"string","description":"This field contains a value that will be display to the end user for this ID&V method.\nConditional. \n\n Note that the field is **Mandatory** in the following cases:\n- cell_phone\n-- it shall be the masked value of the phone number where the OTP will be sent via SMS when Issuer is sending the OTP (using sendOTP API)\n-- it shall be the complete value of the phone number when TSH is sending the OTP (On Behalf Of Issuer OTP sending)\n- email\n-- it shall be the masked value of the mail where the OTP will be sent via email when Issuer is sending the OTP (using sendOTP API)\n-- it shall be the complete value of the mail when TSH is sending the OTP (On Behalf Of Issuer OTP sending)\n- call \n-- it aims to be the masked value of the Cardholder's phone number\n- ivr\n-- it aims to be the masked value of the phone number that the Cardholder calls\n\n Please note that in case of 'bank_app', 'customer_service' & 'outbound_call'\n-- default value from onboarding is used. If issuer wants to override, new value must be provided in api response.\n\nSending \"PUSH_NOTIFICATION\" value with type 'bank_app' will provide the option **In-App Verification ID&V via Push**  only supported by MDES \n","minLength":1,"maxLength":64},"source":{"type":"string","maxLength":64,"description":"<b>Applicable for ITSP only</b>.<br/>Indicates the source address from which the OTP will be sent.\nThis field can be used in two different contexts:\n- When used with OTPSMS or OTPEMAIL type, this field is used to support auto-vetting for sending an OTP via cell_phone (SMS) or email. This field is required. For example, if an SMS will be sent from “382-2”, then the sourceAddress would be “382-2”.\n**NOTE**\nAuto-vetting is not currently supported. This attribute will be ignored until auto-vetting is supported by Wallet Provider.\n- When used with **bank_app** type, this field can be optionally used if the step-up flow mobile banking app is different from the mobile banking app used during provisioning. If used, this value must contain the appropriate identifier for the associated issuer mobile banking_application.\nFor Apple, this would be the Apple Adam ID and for Android, this would be the Android Package name."},"platform":{"type":"string","maxLength":64,"description":"<b>Applicable for ITSP only</b>.<br/>Used with *bank_app* type. If used, this value must contain the appropriate OS platform for the associated issuer mobile banking application.\nValues are:\n- IOS\n- ANDROID\n- WINDOWS\n- WEB"}},"required":["id","type"]},"requestCardDigitizationReq":{"type":"object","properties":{"cipheredCardInfo":{"$ref":"#/components/schemas/cipheredCardInfo"},"issuerCardRefId":{"$ref":"#/components/schemas/optionaIssuerCardRefId"},"walletProviderId":{"$ref":"#/components/schemas/walletProviderId"},"tokenRequestor":{"$ref":"#/components/schemas/tokenRequestorDgt"},"walletCardRefId":{"$ref":"#/components/schemas/walletCardRefId"},"authenticationValue":{"maxLength":8196,"minLength":1,"type":"string","description":"An additional authentication value provided by end user or third party application through the Wallet Provider\nIt can be for example the CVV value entered by end user\n\n\nIn case of CVV :\nThe base64 represent the encrypted buffer of the JSON :\n``` javascript\n{\n  \"cvv\":\"123\"\n}\n```\nEncryption is done using PKCS#7 in RFC2315/5652 as for the cipheredCardInfo using Issuer Certificate\nConditional: it depends of the Wallet Provider, some are managing an authenticationValue and others not.\n"},"publicKeyIdentifier":{"type":"string","maxLength":32,"minLength":1,"description":"Identifier of the key used to encrypt cipheredCardInfo and authenticationValue.<br/>Provided by Issuer to Thales during onboarding."},"walletUserInformation":{"$ref":"#/components/schemas/walletUserInformation"},"cardCaptureInformation":{"$ref":"#/components/schemas/cardCaptureInformation"},"scoringInformation":{"$ref":"#/components/schemas/scoringInformation"},"deviceInformation":{"$ref":"#/components/schemas/deviceInformationRCD"},"tncStatus":{"type":"boolean","description":"T&C acceptance status by end user.\nValue is \"true\" if T&C have been accepted, \"false\" otherwise.\n"},"tncAcceptedDate":{"maxLength":64,"type":"string","description":"Date of T&C acceptance by end user in ISO 8601 format YYYY-MM-DDThh:mm:ssTZD"},"cvvValidated":{"description":"true if the TSP has verify the CVV2 on behalf of the issuer\nfalse if TSP failed to verify the CVV2\nnot provided if TSP doesn't manage to verify the CVV2","type":"boolean"},"tokenType":{"$ref":"#/components/schemas/tokenType"}},"required":["walletProviderId","deviceInformation"]},"cipheredCardInfo":{"maxLength":8196,"minLength":1,"type":"string","description":"TSH sends Card information as a JSON.\n\nThis value is encrypted using the PKCS#7 encryption scheme defined in RFC 2315/5652 using following encryption parameters:<br/>\n* The content encryption algorithm used is AES256/CBC/PKCS7Padding using a randomly generated AES key.\n* The key encryption algorithm is either RSAES-PKCS1-v1_5 (RSA/NONE/PKCS1Padding) or RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256), using the certificate provided during onboarding.<br/>\nThe key encryption algorithm is defined during onboarding and is by default (if ommitted) the RSA/NONE/PKCS1Padding for legacy purpose.<br/>\nIt is recommended to configure RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256) for new issuers.\n\n* The encryption result is then encoded using base64.<br/>\n* The public key length in the certificate can be 2048-bit or 4096-bit.\n\nOnce deciphered, the cardInfo contains the following information:<br/>\n\n|JSON field parameter name |description |MOC |Length |\n|--------------------------|------------|----|-------|\n|fpan |The funding pan to digitize |M |Up to 19 |\n|exp |The expiry date in the format MMYY |O |4 |\n|cvv |Depending of the OEM and scheme, this value is provided or not |O |3 or 4 |\n|additionalCardInfos | Optional JSON Open format, in order to add additional card info - project dependent|O|Up to 8177|\n|originalToken | The device-based token used to request the digitization |O|Up to 19|\n|originalTokenReferenceID | The unique reference of the original Token |O|Up to 32|\n|originalTokenAssuranceLevel | The assurance level of the orginal Token - RFU|O|2|\n\n<br/>\n\n\n**Examples:**\n\n``` javascript\n  Example 1\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n  }\n\n  Example 2\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    “cvv\":\"765”\n  }\n\n  Example 3\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    “cvv\":\"765”,\n    \"additionalCardInfos\": {\n      \"archiveReference\": “90217095220928”\n    }\n  }\n\n  Example 4\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    \"additionalCardInfos\": {\n      \"pin\": “06123456FFFFFFFF”\n    }\n  }\n\t\t\n\tExample 5: Token for Token digitization\n\t{\n\t\t\"fpan\":\"1234567891234567\",\n\t\t\"exp\":\"1218\",\n\t\t“cvv\":\"765”,\n\t\t\"originalToken\":\"4532111111111112\",\n\t\t\"originalTokenReferenceID\":\"DNITHE381835220225004085\",\n\t\t\"originalTokenAssuranceLevel\":\"\"\n\t}\n\t\t\n```\n\n*Note*: \n1. **This parameter is optional**, If it not provided, the Issuer must rely on the **issuerCardRefId** to find the funding card to digitize. **cipheredCardInfo**  and **issuerCardRefId** are exclusive.<br/>\n2. **pin** is sent inside **additionalCardInfos** only in case of UPI scheme. It is generally sent for Debit cards.<br/>\n3. originalToken,originalTokenReferenceID and originalTokenAssuranceLevel are provided ONLY by VISA in case of a Token for Token digitization flow.<br/>\n"},"optionaIssuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/> *The following is valid for enrolment of domestic card (not valid for VISA & Mastercard)*: **This parameter is optional**, If it not provided, the Issuer must rely on the **cipheredCardInfo** to get the funding PAN and find the funding card to digitize.<br/>\n"},"walletProviderId":{"type":"string","description":"Wallet Provider identifier, defined by Thales.\n\n<b>When TSH acts as OEM Pay broker:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|APPLE_PAY |Apple Pay Wallet|\n|SPAYHCE |Samsung Pay Wallet|\n|ANDROID_PAY |Google Pay Wallet|\n\n\n<b>When TSH acts as ITSP:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|WALLET|Generic NFC/QR Code Wallet provider |\n|ECOM |Generic Merchant Wallet Provider ID managing CoF token |\n\nNOTE:\nIt is possible to assign a specific \"walletProviderId\" for a given TRID. This configuration can be achieved during the project on-boarding phase only.\n\nPlease check the \"Wallet Provider ID Mapping\" page in the \"API Reference\" section.","minLength":1,"maxLength":128},"tokenRequestorDgt":{"type":"object","description":"**Applies to ITSP solution only**","properties":{"id":{"type":"string","maxLength":11,"description":"Token Requestor Identifier provided and allocated by Scheme TSP.\\\nFor the same requestor, the identifier changes across the different Schemes."},"originalTokenRequestorId":{"type":"string","maxLength":11,"description":"VISA Only\\\nApplies in case of token for token provisioning"},"walletId":{"type":"string","maxLength":100,"description":"This field applies ONLY to MasterCard, Discover and American Express.\n\nWallet Application Identifier provided and allocated by Scheme TSP"},"merchantId":{"type":"string","maxLength":32,"description":"VISA only\\\nUnique identifier for merchant"},"name":{"type":"string","maxLength":256,"description":"Readable name of the token requestor"},"tspId":{"type":"string","maxLength":11,"description":"VISA Only\\\nID that identifies in an unique way the couple Token Requestor - Token Service Provider. Generated by the scheme.\\\nNamed by VTS \"tokenRequestorTspID\""}}},"walletCardRefId":{"type":"string","description":"Wallet card unique identifier\nConditional: If provided by Wallet provider.\n","minLength":1,"maxLength":128},"walletUserInformation":{"type":"object","properties":{"walletUserId":{"type":"string","description":"Unique identifier of a wallet user account.  (Required only for VISA, MC, AMEX)","minLength":1,"maxLength":100},"emailHash":{"type":"string","description":"Hash value of the email address registered in the wallet","minLength":1,"maxLength":64},"maskedEmail":{"type":"string","description":"Masked value of the email address.<br/>\n\"*\" is used for masking.\n","minLength":1,"maxLength":256},"isAccountUsernamMatchCardName":{"type":"boolean","description":"true if cardHolderName match with walletUserName, false otherwise"},"provisioningAttemptsOnDeviceIn24Hours":{"type":"string","description":"Number of provisioning attempts\non this device within 24 hours. If\nthe number of attempts surpass\n99 it will stay at 99.\nFor example: “99”.\n","minLength":1,"maxLength":2},"walletDistinctCardholderNames":{"type":"string","description":"Number of Distinct cardholder\nnames used in provisioning from\nthis wallet.\nFor example: “99”.\n","minLength":1,"maxLength":2},"walletAccountCountry":{"type":"string","description":"Country of accountholder.\nCountry in ISO 3166-1 alpha-2\nformat, e.g. \"US\".\n","minLength":1,"maxLength":2},"suspendedCardsInAccount":{"type":"string","description":"Number of cards suspended in\naccount. If the number of days\nsurpass it will stay at 99.\nFor example: “99”.\n","minLength":1,"maxLength":2},"daysSinceLastAccountActivity":{"type":"string","description":"Number of days since last activity\non account. If the number of\ndays surpass 9999, it will stay at\n9999.\nFor example: “9999”.\n","minLength":1,"maxLength":4},"numberOfActiveTokens":{"type":"string","description":"Number of active tokens on this\naccount. If the number of tokens\nsurpass limit it will stay at 99.\nFor example: “99”.\n","minLength":1,"maxLength":2},"deviceWithActiveTokens":{"type":"string","description":"Number of devices for this user\nwith same card. If the number\nof tokens surpass limit it will stay\nat 99.\nFor example: “99”.\n","minLength":1,"maxLength":2},"activeTokensOnAllDeviceForAccount":{"type":"string","description":"Number of active tokens for this\nuser across all devices. If the\nnumber of tokens surpass limit it\nwill stay at 9999.\nFor example: “9999”.\n","minLength":1,"maxLength":4},"daysSinceConsumerDataLastAccountChange":{"type":"string","description":"Number of days since account\nsettings were changed (e.g.\npassword change). If the number\nof days surpass it will stay at\n9999.\nFor example: “9999”.\n","minLength":1,"maxLength":4},"numberOfTransactionsInLast12Months":{"type":"string","description":"Number of transaction on this\naccount in the last 12 months.\nIf the number of transaction\nsurpass limit it will stay at 9999.\nFor example: “9999”.\n","minLength":1,"maxLength":4},"accountEmailLife":{"type":"string","description":"Number of months passed since the  account's email was last updated.\n\n**This field is sent in case of UPI and DISCOVER schemes. For other schemes, this field is not sent.**","minLength":1,"maxLength":4}}},"cardCaptureInformation":{"type":"object","properties":{"cardHolderName":{"type":"string","description":"card holder name entered by the user on the device\nThe format is LASTNAME/FIRSTNAME or FIRSTNAME LASTNAME","maxLength":256,"minLength":1},"captureMethod":{"$ref":"#/components/schemas/captureMethod"},"deviceLocation":{"type":"string","description":"It can be:<br/>\n• Short location description, for ex: \"+37/-121\"<br/>\n• Extended location description, for ex: \"+37.23/-121.23\"\n","maxLength":16,"minLength":1},"sourceIp":{"type":"string","maxLength":256,"minLength":1,"description":"Current device IP address"},"address":{"type":"object","description":"address of th wallet user provided by the wallet provider\neach address field is encode in UTF-8 characters.\nCharacters allowed are:\n• White space\n• Letters (a to z, A to Z)\n• Numbers (0 to 9)\n• Period (.)\n• Comma (,)\n• Single quote (‘)\n• Hyphen (-)\n• Underscore (_)\n• Hashtag (#)\n• Colon (:)\n• Forward slash (/)","properties":{"addressStreetOne":{"type":"string","maxLength":256,"minLength":1,"description":"main address street"},"addressStreetTwo":{"type":"string","maxLength":256,"minLength":1,"description":"secondary address street"},"addressCity":{"type":"string","maxLength":128,"minLength":1,"description":"address city"},"addressState":{"type":"string","maxLength":128,"minLength":1,"description":"State or province code associated with the address."},"addressZip":{"type":"string","maxLength":10,"minLength":1,"description":"address zip code"},"addressCountry":{"type":"string","maxLength":128,"minLength":1,"description":"address country\nCountry in ISO 3166-1 alpha-2 (VISA) or alpha-3 (MASTERCARD) format, for example, 'US' or 'USA'"}}},"cardHolderIdType":{"type":"string","description":"The cardholder's ID type, the possible values are:\n|Type|Description|\n|----|-----------|\n|01|Identification Card|\n|02|Military ID Card|\n|03|Passport|\n|04|Home-visit Permit|\n|05|Taiwan Compatroit Permit|\n|06|Police ID Card|\n|07|Soldier ID Card|\n|99|The others|\n\n**This field is only applicable to UPI scheme**"},"cardHolderIdNo":{"type":"string","description":"This is the identification no. of the cardholder type choosen by the cardholder. \n\n**This field is only applicable to UPI scheme**","maxLength":20}}},"captureMethod":{"description":"Method used by the user or the issuer to capture card information to digitize.\n\nDescription:\n- CAMERA: when card information is captured by the on-device camera\n- MANUAL: when the consumer enters the card information manually, through the device keyboard\n- BANK_APP: when the card information is exchanged between the banking App and the Issuer App\n- ON-FILE: when the card information is retrieved by a merchant who has stored the card information\n- READER_MODE: when the card information is retrieved through a NFC interaction between the device and the physical card (applicable to VISA, MASTERCARD, AMEX, DISCOVER and some domestic schemes)\n- TOKEN: when the card information is retrieved through a device-based token. This is applicable only to VISA and MASTERCARD schemes\n- CHIP_DIP: card information is captured by inserting (dip) the card into a terminal (applicable to VISA & MASTERCARD)\n- WEB_BROWSER: card information (PAN) is captured through a web browser (applicable only to MasterCard & AMEX schemes)\n- UNKNOWN: the origin of the card information is unknown  ","type":"string","maxLength":64},"scoringInformation":{"type":"object","properties":{"levelOfTrust":{"type":"string","description":"Wallet Provider Level of trust of the customer and provided Card Information\nValue can be:\n- 'green' : good level of trust, no particular ID&V requested\n- 'yellow' : warning, ID&V is required needed\n- 'orange' : suspect a fraud\nConditional: It depends on the Wallet Provider, if this information is provided or not.\n","maxLength":32,"enum":["green","yellow","orange"]},"tspScore":{"type":"string","pattern":"^[0-5]{1,2}$","description":"Token Service Provider scoring (1 to 5)"},"reasonCodes":{"type":"array","maxLength":100,"description":"This is a list of reason provided by the WalletProvider to explain the levelOfTrust.\n\nIn case of levelOfTrust=green, this field might be applicable only for MDES if cardCapture=TOKEN. This is to indicate the verification method used on the token.\n\n|reasonCode |In case of Yellow flow description|\n|-----------|----------------------------------|\n|01 |User Wallet Account ID too new relative to launch|\n|02 |User Wallet Account ID too new relative to provisioning request|\n|03 |User Wallet Account ID/Card Pair is newer than date threshold|\n|04 |Changes made to account data within date threshold|\n|05 |Suspicious transactions linked to this account.|\n|06 |The Account has not had activity in the last year.|\n|07 |Suspended cards in the secure element|\n|08 |The device was put in lost mode in the last 7 days for longer than the duration threshold|\n|09 |The number of provisioning attempts on this device in 72 hours exceeds the threshold|\n|0A |There have been more than the threshold number of different cards attempted at provisioning to this phone in 24 hours.|\n|0B |The card provisioning request contains a distinct name in excess of the permitted threshold|\n|0C |Device Score is less than 3|\n|0D |Account Score is less than 4|\n|0E |Device provisioning location outside of OEM marketplace store home country|\n|0F |Model rules not available at this time (in cases where back end systems time out).|\n|0G |Orange path flag|\n|0H |Phone Number Score is less than 3|\n|V1 |Card holder name does not match Wallet Name|\n|V2 |Account to device binding age is low|\n|VC |No transactions in the last month|\n\n\n|reasonCode |In case of Green flow description|\n|-----------|---------------------------------|\n|A0 |This has not to be taken as a risk. Verification from recently approved token within the system time validation window. Applies only to MDES and corresponds to RECENT_APPROVED_TOKEN|\n|A1 |This has not to be taken as a risk. Verification from recently cardholder authentication within the system time validation window. Applies only to MDES and corresponds to RECENT_CARDHOLDER_AUTHENTICATION|\n|A2 |This has not to be taken as a risk. Verification from a DSRP cryptogram provided as proof of authentication by a device. Applies only to MDES and corresponds to DEVICE_AUTHENTICATION_VERIFIED|\n","items":{"type":"string","maxLength":32}},"deviceScore":{"type":"string","pattern":"^[0-5]{1,2}$","description":"Wallet Provider Device scoring, scoring is a level of trust between 1 and 5, 5 is most trusted."},"deviceTenure":{"type":"string","description":"Device tenure in number of days","pattern":"^[0-9]{1,6}$"},"deviceTokens":{"type":"string","description":"Number of tokens in device","pattern":"^[0-9]{1,4}$"},"deviceCountry":{"type":"string","description":"Device country code as per ISO-3166-Alpha-2","maxLength":2,"minLength":2},"devicePayJoinDate":{"type":"string","description":"The date on which the device joined the Wallet Provider digital payment service. In UTC timezone, example '2018-01-01Z'.","maxLength":32},"accountScore":{"type":"string","pattern":"^[0-5]{1,2}$","description":"Wallet Provider account scoring, scoring is a level of trust between 1 and 5, 5 is most trusted."},"accountCreationDate":{"type":"string","description":"Wallet Provider account creation date. In UTC timezone, example '2017-01-01Z'.","maxLength":32},"accountLastUpdateDate":{"type":"string","maxLength":64,"description":"The date corresponding to the Wallet Provider account last update. In UTC timezone, example '2017-06-01Z'."},"userTenure":{"type":"string","description":"User tenure in number of days","pattern":"^[0-9]{1,6}$"},"userTokens":{"type":"string","description":"Number of tokens for user","pattern":"^[0-9]{1,4}$"},"userWallets":{"type":"string","description":"Number of wallets for user","pattern":"^[0-9]{1,4}$"},"userCountry":{"type":"string","description":"User country code as per ISO-3166-Alpha-2","maxLength":2,"minLength":2},"userPayJoinDate":{"type":"string","maxLength":64,"description":"The date on which the user joined the Wallet Provider digital payment service. In UTC timezone, example '2018-01-01Z'."},"phoneNumberScore":{"type":"string","pattern":"^[0-5]{1,2}$","description":"Phone number scoring made by the wallet provider, scoring is a level of trust between 1 and 5, 5 is most trusted."},"walletScore":{"type":"string","pattern":"^[0-5]{1,2}$","description":"Wallet Provider Account scoring, scoring is a level of trust between 1 and 5, 5 is most trusted."},"walletTenure":{"type":"string","description":"Wallet tenure in number of days","pattern":"^[0-9]{1,6}$"},"walletTransactions":{"type":"string","description":"Number of transactions by the wallet","pattern":"^[0-9]{1,4}$"},"cardScore":{"type":"string","pattern":"^[0-5]{1,2}$","description":"Card scoring, scoring is a level of trust between 1 and 5, 5 is most trusted."},"cardTenure":{"type":"string","description":"Card tenure in number of days","pattern":"^[0-9]{1,6}$"},"cardNewlyAdded":{"type":"boolean","description":"Flag indicating if the card is added as well the card on file manage by the wallet provider during the current token provisioning attempt. False if the card was already on file (provided only in case of google pay)\n"},"levelOfTrustStandardVersion":{"type":"string","description":"Version number of standard set applied beginning with 0001.00.(please refer to OEM for detailed description)\r\n**Note**: This parameter is not supported by Discover","maxLength":16,"minLength":1}}},"deviceInformationRCD":{"type":"object","properties":{"tokenStorageId":{"$ref":"#/components/schemas/tokenStorageId"},"tokenStorageType":{"$ref":"#/components/schemas/tokenStorageType"},"manufacturer":{"type":"string","description":"Device manufacturer name","maxLength":32,"minLength":1},"brand":{"type":"string","description":"Device brand","maxLength":16,"minLength":1},"model":{"type":"string","description":"Device model","maxLength":16,"minLength":1},"tac":{"type":"string","description":"Type Allocation Code of the device","maxLength":8,"minLength":1},"osVersion":{"type":"string","description":"Device OS version","maxLength":16,"minLength":1},"firmwareVersion":{"type":"string","description":"Device firmware version","maxLength":16,"minLength":1},"phoneNumber":{"type":"string","description":"DEvice Phone number","maxLength":20,"minLength":1},"fourLastDigitPhoneNumber":{"type":"string","description":"The 4 last digit of the device phone number","maxLength":4,"minLength":1},"deviceName":{"type":"string","description":"Device name that the device owner may use to identify it","maxLength":128,"minLength":1},"deviceId":{"type":"string","description":"Stable hardware identifier.\nUsed only for risk signal as there are some rare cases when deviceId can be reused across multiple devices or can change\n","maxLength":64,"minLength":1},"androidIdLastTwo":{"type":"string","description":"Last 2 hex characters of the Android Id.","maxLength":2,"minLength":1},"deviceParentId":{"type":"string","description":"Parent device tokenStorageId. It is used in case of wearable device","maxLength":64,"minLength":1},"language":{"type":"string","description":"Selected language on the device in ISO 639-3","maxLength":3,"minLength":1},"deviceStateFlags":{"type":"string","description":"Hexa string containing the device state flags defined in [VCON] section 7.2. There is one bit per flag.\nConditional - Mandatory in case of HCE\n","maxLength":2,"minLength":1},"serialNumber":{"type":"string","description":"Serial number of the mobile device","minLength":1,"maxLength":64},"timeZone":{"type":"string","description":"Device time zone\nTimezone abbreviation.\nExample: PST, GMT, GMT+05:00\n","maxLength":10,"minLength":1},"timeZoneSetting":{"type":"string","description":"who set the timezone.\n\nDescription:\n-NETWORK_SET\n-CONSUMER_SET","maxLength":32},"simSerialNumber":{"type":"string","description":"SIM serial number","maxLength":24,"minLength":1},"IMEI":{"type":"string","description":"Phone IMEI","maxLength":24,"minLength":1},"phoneLostTime":{"type":"string","description":"If available, the period, in day, the phone has been lost","maxLength":4,"minLength":1},"networkOperator":{"type":"string","description":"The network operator name","maxLength":16,"minLength":1},"networkType":{"type":"string","description":"Type of network use for enrollment\n\nDescription:\n-CELLULAR\n-WIFI","maxLength":32},"platform":{"enum":["ANDROID","IOS","WINDOWS","TIZEN","BLACKBERRY","ANDROID_WEAR","EMBEDDED_OS","OTHER"],"description":"It holds the name of the device OS system as provided by the scheme"}}},"tokenStorageId":{"type":"string","description":"Unique token storage identifier","minLength":1,"maxLength":128},"tokenStorageType":{"type":"string","description":"Identifies the type of token storage location, possible values are:\n- HCE\n- SPAY_PHONE\n- SPAY_TABLET\n- SPAY_WATCH\n- SPAY_TV\n- IPHONE\n- IWATCH\n- IPAD\n- MAC_BOOK\n- ANDROID_PHONE\n- ANDROID_TABLET\n- ANDROID_WATCH\n- MOBILE_PHONE\n- TABLET\n- WATCH\n- MOBILE_PHONE_OR_TABLET\n- BRACELET\n- PC\n- HOUSEHOLD\n- WEARABLE\n- AUTOMOBILE\n- REALITY\n- UNKNOWN","maxLength":32},"tokenType":{"type":"string","maxLength":16,"description":"The type of token the TSP has created or for which the request is sent.\nIt applies to VISA, MasterCard and UPI.\nFollowing values are supported:\n- SE (token for a secure element)\n- HCE (token for Host Card Emulated device)\n- COF (token for a card on file)\n- ECOM (token for ecommerce)\n- QRC (token for QRCode)"}}}}
````

## request issuer for the list of ID\&V method

> This method is used by TSH to request issuer for the list of ID\&V method in case it is not provided in respont of request card digitiazation\
> This request could be invoke several time during the enrolment so the ID\&v Methold list can be updated\
> For example : it could happen that the end user find out that the masked phone number in ID\&V method list is an old one and call the Issuer customer service to update the phone number. Following this, the end user can request a ID\&V method refresh througth the wallet application that which result in a subsequent requestIdnVList request.\
> \
> Another applicable use case is for VISA CTF, in COF. In this case the merchant can request the cardholder authtentication to the Issuer and so the list of IDnV supported is needed.\
> \<br/>\<br/>\
> \*\*\*This method applies to ITSP solution only\*\*\*

```json
{"openapi":"3.1.1","info":{"title":"Gemalto TSH Issuer Gateway  API","version":"2.8.7"},"tags":[{"name":"Get ID&V Method List"}],"servers":[{"url":"https://issuer.host.com/issuer/igwapi/v2.0"}],"paths":{"/getIDnVMethodList":{"post":{"summary":"request issuer for the list of ID&V method","description":"This method is used by TSH to request issuer for the list of ID&V method in case it is not provided in respont of request card digitiazation\nThis request could be invoke several time during the enrolment so the ID&v Methold list can be updated\nFor example : it could happen that the end user find out that the masked phone number in ID&V method list is an old one and call the Issuer customer service to update the phone number. Following this, the end user can request a ID&V method refresh througth the wallet application that which result in a subsequent requestIdnVList request.\n\nAnother applicable use case is for VISA CTF, in COF. In this case the merchant can request the cardholder authtentication to the Issuer and so the list of IDnV supported is needed.\n<br/><br/>\n***This method applies to ITSP solution only***","operationId":"getIDnVMethodList","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/x-issuer-id-header"}],"responses":{"200":{"description":"The Issuer can:\n* approve request without IDVList --> no stepup is required.\n* approve with stepup. Then IDVList is returned.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/getIDnVMethodListRes"}}}},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter","content":{"application/json":{"schema":{"type":"object","description":"Error Information Response","required":["responseCode"],"properties":{"responseCode":{"type":"number","description":"Error Response code to the request\n|Error code | Description|\n|-------|-------|\n|111|Missing mandatory parameter|\n|112|Bad parameter format|\n|510|Cardholder verification declined|\n|911|Operation failed|\n|921|Unexpected server error|"},"errorMessage":{"maxLength":256,"type":"string","description":"Textual error message"}}}}}},"500":{"description":"Internal Server Error"}},"tags":["Get ID&V Method List"],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/getIDnVMethodListReq"}}},"description":"requestIdnVList request payload","required":true}}}},"components":{"parameters":{},"schemas":{"getIDnVMethodListRes":{"type":"object","properties":{"idvMethodList":{"type":"array","items":{"$ref":"#/components/schemas/idvMethod"}}}},"idvMethod":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":32,"description":"A unique identifier of this method"},"type":{"type":"string","minLength":1,"maxLength":16,"description":"It is the type of ID&V method supported. In case of ITSP configuration, the following values apply:\n |Value | Description|VISA|MasterCard|UPI|\n|-------|-------|:-------:|:-------:|:-------:|\n|'cell_phone'|ID&V based on an OTP sent by SMS|x|x|x|\n |'email'|ID&V based on an OTP sent by email|x|x|x|\n  |'bank_app'|ID&V managed through the Bank Application|x|x|x|\n |'outbound_call'|ID&V based on an outbound flow, like, for example, weblink|x|x|-|\n |'customer_service'|ID&V based on Cardholder-initiated call to the Bank customer service|x|x|x|\n  |'call'|ID&V based on Issuer-initiated voice call to Cardholder|-|x|-| \n |'ivr'|ID&V based on Cardholder-initiated call to the Bank IVR system|-|x|-|\n\n In case of TSP-broker configuration, values depend on the OEMPay:\n |Value | Description|Samsung Pay|Apple Pay|Google Pay|\n|-------|-------|:-------:|:-------:|:-------:|\n|'cell_phone'|ID&V based on an OTP sent by SMS|x|x|x|\n |'email'|ID&V based on an OTP sent by email|x|x|x|\n  |'bank_app'|ID&V managed through the Bank Application|x|x|x|\n |'outbound_call'|ID&V based on an outbound flow, like, for example, weblink|x|-|-|\n |'customer_service'|ID&V based on Cardholder-initiated call to the Bank customer service|x|x|x|\n |'call'|ID&V based on Issuer-initiated voice call to the Cardholder|x|x|x|\n<b><u>Note:</u></b><br/>After ID&V of cardholder with option 'call' or 'customer_service', Issuer shall trigger a call to TSH using updateCardState to activate the virtual card."},"value":{"type":"string","description":"This field contains a value that will be display to the end user for this ID&V method.\nConditional. \n\n Note that the field is **Mandatory** in the following cases:\n- cell_phone\n-- it shall be the masked value of the phone number where the OTP will be sent via SMS when Issuer is sending the OTP (using sendOTP API)\n-- it shall be the complete value of the phone number when TSH is sending the OTP (On Behalf Of Issuer OTP sending)\n- email\n-- it shall be the masked value of the mail where the OTP will be sent via email when Issuer is sending the OTP (using sendOTP API)\n-- it shall be the complete value of the mail when TSH is sending the OTP (On Behalf Of Issuer OTP sending)\n- call \n-- it aims to be the masked value of the Cardholder's phone number\n- ivr\n-- it aims to be the masked value of the phone number that the Cardholder calls\n\n Please note that in case of 'bank_app', 'customer_service' & 'outbound_call'\n-- default value from onboarding is used. If issuer wants to override, new value must be provided in api response.\n\nSending \"PUSH_NOTIFICATION\" value with type 'bank_app' will provide the option **In-App Verification ID&V via Push**  only supported by MDES \n","minLength":1,"maxLength":64},"source":{"type":"string","maxLength":64,"description":"<b>Applicable for ITSP only</b>.<br/>Indicates the source address from which the OTP will be sent.\nThis field can be used in two different contexts:\n- When used with OTPSMS or OTPEMAIL type, this field is used to support auto-vetting for sending an OTP via cell_phone (SMS) or email. This field is required. For example, if an SMS will be sent from “382-2”, then the sourceAddress would be “382-2”.\n**NOTE**\nAuto-vetting is not currently supported. This attribute will be ignored until auto-vetting is supported by Wallet Provider.\n- When used with **bank_app** type, this field can be optionally used if the step-up flow mobile banking app is different from the mobile banking app used during provisioning. If used, this value must contain the appropriate identifier for the associated issuer mobile banking_application.\nFor Apple, this would be the Apple Adam ID and for Android, this would be the Android Package name."},"platform":{"type":"string","maxLength":64,"description":"<b>Applicable for ITSP only</b>.<br/>Used with *bank_app* type. If used, this value must contain the appropriate OS platform for the associated issuer mobile banking application.\nValues are:\n- IOS\n- ANDROID\n- WINDOWS\n- WEB"}},"required":["id","type"]},"getIDnVMethodListReq":{"type":"object","properties":{"walletProviderId":{"$ref":"#/components/schemas/walletProviderId"},"tokenRequestor":{"$ref":"#/components/schemas/tokenRequestor"},"issuerCardRefId":{"$ref":"#/components/schemas/issuerCardRefId"},"virtualCardId":{"$ref":"#/components/schemas/virtualCardId"},"purpose":{"description":"The purpose of requestIDnVLisr:\n- <b>ENROLMENT</b>: the requestIDnVList is sent in the context of a card enrollment to create a virtual card\n- <b>DEVICE_BINDING</b>: the requestIDnVList is sent in the context of a device binding\n- <b>CARDHOLDER_STEPUP</b>: the requestIDnVList is sent in the context of a cardHolderVerification","type":"string"},"deviceBindingReference":{"$ref":"#/components/schemas/deviceBindingReference"}},"required":["walletProviderId"]},"walletProviderId":{"type":"string","description":"Wallet Provider identifier, defined by Thales.\n\n<b>When TSH acts as OEM Pay broker:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|APPLE_PAY |Apple Pay Wallet|\n|SPAYHCE |Samsung Pay Wallet|\n|ANDROID_PAY |Google Pay Wallet|\n\n\n<b>When TSH acts as ITSP:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|WALLET|Generic NFC/QR Code Wallet provider |\n|ECOM |Generic Merchant Wallet Provider ID managing CoF token |\n\nNOTE:\nIt is possible to assign a specific \"walletProviderId\" for a given TRID. This configuration can be achieved during the project on-boarding phase only.\n\nPlease check the \"Wallet Provider ID Mapping\" page in the \"API Reference\" section.","minLength":1,"maxLength":128},"tokenRequestor":{"type":"object","description":"**Applies to ITSP solution only**","properties":{"id":{"type":"string","maxLength":11,"description":"Token Requestor Identifier provided and allocated by Scheme TSP.\\\nFor the same requestor, the identifier changes across the different Schemes."},"originalTokenRequestorId":{"type":"string","maxLength":11,"description":"VISA Only\\\nApplies in case of token for token provisioning"},"walletId":{"type":"string","maxLength":100,"description":"This field applies ONLY to MasterCard, Discover and American Express\n\nWallet Application Identifier provided and allocated by Scheme TSP"},"merchantId":{"type":"string","maxLength":32,"description":"VISA only\\\nUnique identifier for merchant"},"name":{"type":"string","maxLength":256,"description":"Readable name of the token requestor"}}},"issuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/>"},"virtualCardId":{"description":"Unique identifier of the virtual card","type":"string","maxLength":64,"minLength":1},"deviceBindingReference":{"type":"string","maxLength":64,"description":"Reference of the device binding process/link to the Virtual Card, reference is unique per token. It helps to identify each device link to a given Virtual Card.\nNote this field corresponds to:\n* the deviceIndex for VTS\n* the authCorrelationId for MDES "}}}}
```

## request issuer to approve the binding of token with a user device

> This method is used by TSH to request approval or conditional approval to bind an existing virtual card to a new device\
> A a new and dedicated x-correlation-id will generated for the requestDeviceBinding\
> All subsequent call (notification , sendOTP, ...) link to this device binding will have the same x-correlation-id\
> \<br/>\<br/>\
> \*\*\*This method applies to VISA ITSP solution only\*\*\*

```json
{"openapi":"3.1.1","info":{"title":"Gemalto TSH Issuer Gateway  API","version":"2.8.7"},"tags":[],"servers":[{"url":"https://issuer.host.com/issuer/igwapi/v2.0"}],"paths":{"/requestDeviceBinding":{"post":{"summary":"request issuer to approve the binding of token with a user device","description":"This method is used by TSH to request approval or conditional approval to bind an existing virtual card to a new device\nA a new and dedicated x-correlation-id will generated for the requestDeviceBinding\nAll subsequent call (notification , sendOTP, ...) link to this device binding will have the same x-correlation-id\n<br/><br/>\n***This method applies to VISA ITSP solution only***","operationId":"requestDeviceBinding","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/x-issuer-id-header"}],"responses":{"200":{"description":"requestDeviceBinding response payload","content":{"application/json":{"schema":{"$ref":"#/components/schemas/requestDeviceBindingRes"}}}},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter","content":{"application/json":{"schema":{"type":"object","description":"Error Information Response","required":["responseCode"],"properties":{"responseCode":{"type":"number","description":"Error Response code to the request\n|Error code | Description|\n|-------|-------|\n|111|Missing mandatory parameter|\n|112|Bad parameter format|\n|116|Unknown Card|158|Card is expired|\n|159|Card is supended|\n|161|Invalid CVV2|\n|164|FPAN Provisioning Count Exceeded|\n|166|Invalid FPAN|\n|911|Operation failed|\n|921|Unexpected server error|"},"errorMessage":{"maxLength":256,"type":"string","description":"Textual error message"}}}}}},"500":{"description":"Internal Server Error"}},"tags":["Request Device Binding"],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/requestDeviceBindingReq"}}},"description":"requestDeviceBinding request payload","required":true}}}},"components":{"parameters":{},"schemas":{"requestDeviceBindingRes":{"type":"object","properties":{"levelOfTrust":{"type":"string","maxLength":32,"description":"Issuer Level of trust of the device binding\nValue can be:\n• 'green' : good level of trust, no ID&V requested\n• 'yellow' : warning, ID&V is required\n• 'red' : reject the digitization\nConditional: not provided in case of error. Mandatory in case of success.\n","enum":["green","yellow","red"]},"idvMethodList":{"type":"array","items":{"$ref":"#/components/schemas/idvMethod"}}},"required":["levelOfTrust"]},"idvMethod":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":32,"description":"A unique identifier of this method"},"type":{"type":"string","minLength":1,"maxLength":16,"description":"It is the type of ID&V method supported. In case of ITSP configuration, the following values apply:\n |Value | Description|VISA|MasterCard|UPI|\n|-------|-------|:-------:|:-------:|:-------:|\n|'cell_phone'|ID&V based on an OTP sent by SMS|x|x|x|\n |'email'|ID&V based on an OTP sent by email|x|x|x|\n  |'bank_app'|ID&V managed through the Bank Application|x|x|x|\n |'outbound_call'|ID&V based on an outbound flow, like, for example, weblink|x|x|-|\n |'customer_service'|ID&V based on Cardholder-initiated call to the Bank customer service|x|x|x|\n  |'call'|ID&V based on Issuer-initiated voice call to Cardholder|-|x|-| \n |'ivr'|ID&V based on Cardholder-initiated call to the Bank IVR system|-|x|-|\n\n In case of TSP-broker configuration, values depend on the OEMPay:\n |Value | Description|Samsung Pay|Apple Pay|Google Pay|\n|-------|-------|:-------:|:-------:|:-------:|\n|'cell_phone'|ID&V based on an OTP sent by SMS|x|x|x|\n |'email'|ID&V based on an OTP sent by email|x|x|x|\n  |'bank_app'|ID&V managed through the Bank Application|x|x|x|\n |'outbound_call'|ID&V based on an outbound flow, like, for example, weblink|x|-|-|\n |'customer_service'|ID&V based on Cardholder-initiated call to the Bank customer service|x|x|x|\n |'call'|ID&V based on Issuer-initiated voice call to the Cardholder|x|x|x|\n<b><u>Note:</u></b><br/>After ID&V of cardholder with option 'call' or 'customer_service', Issuer shall trigger a call to TSH using updateCardState to activate the virtual card."},"value":{"type":"string","description":"This field contains a value that will be display to the end user for this ID&V method.\nConditional. \n\n Note that the field is **Mandatory** in the following cases:\n- cell_phone\n-- it shall be the masked value of the phone number where the OTP will be sent via SMS when Issuer is sending the OTP (using sendOTP API)\n-- it shall be the complete value of the phone number when TSH is sending the OTP (On Behalf Of Issuer OTP sending)\n- email\n-- it shall be the masked value of the mail where the OTP will be sent via email when Issuer is sending the OTP (using sendOTP API)\n-- it shall be the complete value of the mail when TSH is sending the OTP (On Behalf Of Issuer OTP sending)\n- call \n-- it aims to be the masked value of the Cardholder's phone number\n- ivr\n-- it aims to be the masked value of the phone number that the Cardholder calls\n\n Please note that in case of 'bank_app', 'customer_service' & 'outbound_call'\n-- default value from onboarding is used. If issuer wants to override, new value must be provided in api response.\n\nSending \"PUSH_NOTIFICATION\" value with type 'bank_app' will provide the option **In-App Verification ID&V via Push**  only supported by MDES \n","minLength":1,"maxLength":64},"source":{"type":"string","maxLength":64,"description":"<b>Applicable for ITSP only</b>.<br/>Indicates the source address from which the OTP will be sent.\nThis field can be used in two different contexts:\n- When used with OTPSMS or OTPEMAIL type, this field is used to support auto-vetting for sending an OTP via cell_phone (SMS) or email. This field is required. For example, if an SMS will be sent from “382-2”, then the sourceAddress would be “382-2”.\n**NOTE**\nAuto-vetting is not currently supported. This attribute will be ignored until auto-vetting is supported by Wallet Provider.\n- When used with **bank_app** type, this field can be optionally used if the step-up flow mobile banking app is different from the mobile banking app used during provisioning. If used, this value must contain the appropriate identifier for the associated issuer mobile banking_application.\nFor Apple, this would be the Apple Adam ID and for Android, this would be the Android Package name."},"platform":{"type":"string","maxLength":64,"description":"<b>Applicable for ITSP only</b>.<br/>Used with *bank_app* type. If used, this value must contain the appropriate OS platform for the associated issuer mobile banking application.\nValues are:\n- IOS\n- ANDROID\n- WINDOWS\n- WEB"}},"required":["id","type"]},"requestDeviceBindingReq":{"type":"object","required":["walletProviderId","issuerCardRefId","deviceInformation","virtualCardId","walletUserInformation","deviceBindingReference"],"properties":{"deviceBindingReference":{"$ref":"#/components/schemas/deviceBindingReference"},"virtualCardId":{"$ref":"#/components/schemas/virtualCardId"},"walletProviderId":{"$ref":"#/components/schemas/walletProviderId"},"tokenRequestor":{"$ref":"#/components/schemas/tokenRequestor"},"issuerCardRefId":{"$ref":"#/components/schemas/optionaIssuerCardRefId"},"walletUserInformation":{"$ref":"#/components/schemas/walletUserInformation"},"deviceInformation":{"$ref":"#/components/schemas/deviceInformation"}}},"deviceBindingReference":{"type":"string","maxLength":64,"description":"Reference of the device binding process/link to the Virtual Card, reference is unique per token. It helps to identify each device link to a given Virtual Card.\nNote this field corresponds to:\n* the deviceIndex for VTS\n* the authCorrelationId for MDES "},"virtualCardId":{"description":"Unique identifier of the virtual card","type":"string","maxLength":64,"minLength":1},"walletProviderId":{"type":"string","description":"Wallet Provider identifier, defined by Thales.\n\n<b>When TSH acts as OEM Pay broker:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|APPLE_PAY |Apple Pay Wallet|\n|SPAYHCE |Samsung Pay Wallet|\n|ANDROID_PAY |Google Pay Wallet|\n\n\n<b>When TSH acts as ITSP:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|WALLET|Generic NFC/QR Code Wallet provider |\n|ECOM |Generic Merchant Wallet Provider ID managing CoF token |\n\nNOTE:\nIt is possible to assign a specific \"walletProviderId\" for a given TRID. This configuration can be achieved during the project on-boarding phase only.\n\nPlease check the \"Wallet Provider ID Mapping\" page in the \"API Reference\" section.","minLength":1,"maxLength":128},"tokenRequestor":{"type":"object","description":"**Applies to ITSP solution only**","properties":{"id":{"type":"string","maxLength":11,"description":"Token Requestor Identifier provided and allocated by Scheme TSP.\\\nFor the same requestor, the identifier changes across the different Schemes."},"originalTokenRequestorId":{"type":"string","maxLength":11,"description":"VISA Only\\\nApplies in case of token for token provisioning"},"walletId":{"type":"string","maxLength":100,"description":"This field applies ONLY to MasterCard, Discover and American Express\n\nWallet Application Identifier provided and allocated by Scheme TSP"},"merchantId":{"type":"string","maxLength":32,"description":"VISA only\\\nUnique identifier for merchant"},"name":{"type":"string","maxLength":256,"description":"Readable name of the token requestor"}}},"optionaIssuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/> *The following is valid for enrolment of domestic card (not valid for VISA & Mastercard)*: **This parameter is optional**, If it not provided, the Issuer must rely on the **cipheredCardInfo** to get the funding PAN and find the funding card to digitize.<br/>\n"},"walletUserInformation":{"type":"object","properties":{"walletUserId":{"type":"string","description":"Unique identifier of a wallet user account.  (Required only for VISA, MC, AMEX)","minLength":1,"maxLength":100},"emailHash":{"type":"string","description":"Hash value of the email address registered in the wallet","minLength":1,"maxLength":64},"maskedEmail":{"type":"string","description":"Masked value of the email address.<br/>\n\"*\" is used for masking.\n","minLength":1,"maxLength":256},"isAccountUsernamMatchCardName":{"type":"boolean","description":"true if cardHolderName match with walletUserName, false otherwise"},"provisioningAttemptsOnDeviceIn24Hours":{"type":"string","description":"Number of provisioning attempts\non this device within 24 hours. If\nthe number of attempts surpass\n99 it will stay at 99.\nFor example: “99”.\n","minLength":1,"maxLength":2},"walletDistinctCardholderNames":{"type":"string","description":"Number of Distinct cardholder\nnames used in provisioning from\nthis wallet.\nFor example: “99”.\n","minLength":1,"maxLength":2},"walletAccountCountry":{"type":"string","description":"Country of accountholder.\nCountry in ISO 3166-1 alpha-2\nformat, e.g. \"US\".\n","minLength":1,"maxLength":2},"suspendedCardsInAccount":{"type":"string","description":"Number of cards suspended in\naccount. If the number of days\nsurpass it will stay at 99.\nFor example: “99”.\n","minLength":1,"maxLength":2},"daysSinceLastAccountActivity":{"type":"string","description":"Number of days since last activity\non account. If the number of\ndays surpass 9999, it will stay at\n9999.\nFor example: “9999”.\n","minLength":1,"maxLength":4},"numberOfActiveTokens":{"type":"string","description":"Number of active tokens on this\naccount. If the number of tokens\nsurpass limit it will stay at 99.\nFor example: “99”.\n","minLength":1,"maxLength":2},"deviceWithActiveTokens":{"type":"string","description":"Number of devices for this user\nwith same card. If the number\nof tokens surpass limit it will stay\nat 99.\nFor example: “99”.\n","minLength":1,"maxLength":2},"activeTokensOnAllDeviceForAccount":{"type":"string","description":"Number of active tokens for this\nuser across all devices. If the\nnumber of tokens surpass limit it\nwill stay at 9999.\nFor example: “9999”.\n","minLength":1,"maxLength":4},"daysSinceConsumerDataLastAccountChange":{"type":"string","description":"Number of days since account\nsettings were changed (e.g.\npassword change). If the number\nof days surpass it will stay at\n9999.\nFor example: “9999”.\n","minLength":1,"maxLength":4},"numberOfTransactionsInLast12Months":{"type":"string","description":"Number of transaction on this\naccount in the last 12 months.\nIf the number of transaction\nsurpass limit it will stay at 9999.\nFor example: “9999”.\n","minLength":1,"maxLength":4},"accountEmailLife":{"type":"string","description":"Number of months passed since the  account's email was last updated.\n\n**This field is sent in case of UPI and DISCOVER schemes. For other schemes, this field is not sent.**","minLength":1,"maxLength":4}}},"deviceInformation":{"type":"object","properties":{"tokenStorageId":{"$ref":"#/components/schemas/tokenStorageId"},"tokenStorageType":{"$ref":"#/components/schemas/tokenStorageType"},"manufacturer":{"type":"string","description":"Device manufacturer name","maxLength":32,"minLength":1},"brand":{"type":"string","description":"Device brand","maxLength":16,"minLength":1},"model":{"type":"string","description":"Device model","maxLength":16,"minLength":1},"tac":{"type":"string","description":"Type Allocation Code of the device","maxLength":8,"minLength":1},"osVersion":{"type":"string","description":"Device OS version","maxLength":16,"minLength":1},"firmwareVersion":{"type":"string","description":"Device firmware version","maxLength":16,"minLength":1},"phoneNumber":{"type":"string","description":"DEvice Phone number","maxLength":20,"minLength":1},"fourLastDigitPhoneNumber":{"type":"string","description":"The 4 last digit of the device phone number","maxLength":4,"minLength":1},"deviceName":{"type":"string","description":"Device name that the device owner may use to identify it","maxLength":128,"minLength":1},"deviceId":{"type":"string","description":"Stable hardware identifier.\nUsed only for risk signal as there are some rare cases when deviceId can be reused across multiple devices or can change\n","maxLength":64,"minLength":1},"androidIdLastTwo":{"type":"string","description":"Last 2 hex characters of the Android Id.","maxLength":2,"minLength":1},"deviceParentId":{"type":"string","description":"Parent device tokenStorageId. It is used in case of wearable device","maxLength":64,"minLength":1},"language":{"type":"string","description":"Selected language on the device in ISO 639-3","maxLength":3,"minLength":1},"deviceStateFlags":{"type":"string","description":"Hexa string containing the device state flags defined in [VCON] section 7.2. There is one bit per flag.\nConditional - Mandatory in case of HCE\n","maxLength":2,"minLength":1},"serialNumber":{"type":"string","description":"Serial number of the mobile device","minLength":1,"maxLength":64},"timeZone":{"type":"string","description":"Device time zone\nTimezone abbreviation.\nExample: PST, GMT, GMT+05:00\n","maxLength":10,"minLength":1},"timeZoneSetting":{"type":"string","description":"who set the timezone.\n\nDescription:\n-NETWORK_SET\n-CONSUMER_SET","maxLength":32},"simSerialNumber":{"type":"string","description":"SIM serial number","maxLength":24,"minLength":1},"IMEI":{"type":"string","description":"Phone IMEI","maxLength":24,"minLength":1},"phoneLostTime":{"type":"string","description":"If available, the period, in day, the phone has been lost","maxLength":4,"minLength":1},"networkOperator":{"type":"string","description":"The network operator name","maxLength":16,"minLength":1},"networkType":{"type":"string","description":"Type of network use for enrollment\n\nDescription:\n-CELLULAR\n-WIFI","maxLength":32}}},"tokenStorageId":{"type":"string","description":"Unique token storage identifier","minLength":1,"maxLength":128},"tokenStorageType":{"type":"string","description":"Identifies the type of token storage location, possible values are:\n- HCE\n- SPAY_PHONE\n- SPAY_TABLET\n- SPAY_WATCH\n- SPAY_TV\n- IPHONE\n- IWATCH\n- IPAD\n- MAC_BOOK\n- ANDROID_PHONE\n- ANDROID_TABLET\n- ANDROID_WATCH\n- MOBILE_PHONE\n- TABLET\n- WATCH\n- MOBILE_PHONE_OR_TABLET\n- BRACELET\n- PC\n- HOUSEHOLD\n- WEARABLE\n- AUTOMOBILE\n- REALITY\n- UNKNOWN","maxLength":32}}}}
```

## notify issuer about any virtual card (token) change

> This method is used by TSH to notify issuer in two main cases.\
> \
> The more generic case whereas the token has been updated due to:\
> \- state change (activated/suspended/resumed/deleted)\
> \- belonging card has been updated\
> \- token renewed (token PAN and/or expiry date renewed)\
> \
> The more specific case of COF tokenization, that is applicable only for VISA:\
> \* device binding/unbinding\
> \* step-up authentication flow requested by the merchant has been executed and result is notified<br>

```json
{"openapi":"3.1.1","info":{"title":"Gemalto TSH Issuer Gateway  API","version":"2.8.7"},"tags":[{"name":"Notify Virtual Card Change"}],"servers":[{"url":"https://issuer.host.com/issuer/igwapi/v2.0"}],"paths":{"/notifyVirtualCardChange":{"post":{"summary":"notify issuer about any virtual card (token) change","description":"This method is used by TSH to notify issuer in two main cases.\n\nThe more generic case whereas the token has been updated due to:\n- state change (activated/suspended/resumed/deleted)\n- belonging card has been updated\n- token renewed (token PAN and/or expiry date renewed)\n\nThe more specific case of COF tokenization, that is applicable only for VISA:\n* device binding/unbinding\n* step-up authentication flow requested by the merchant has been executed and result is notified\n","operationId":"notifyVirtualCardChange","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/x-issuer-id-header"}],"responses":{"200":{"description":"Successful (no response body)"},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter","content":{"application/json":{"schema":{"type":"object","description":"Error Information Response","required":["responseCode"],"properties":{"responseCode":{"type":"number","description":"Error Response code to the request\n|Error code | Description|\n|-------|-------|\n|911|Operation failed|\n|921|Unexpected server error|\n"},"errorMessage":{"maxLength":256,"type":"string","description":"Textual error message"}}}}}},"500":{"description":"Internal Server Error"}},"tags":["Notify Virtual Card Change"],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/notifyVirtualCardChangeReq"}}},"description":"notifyVirtualCardChange request payload","required":true}}}},"components":{"parameters":{},"schemas":{"notifyVirtualCardChangeReq":{"type":"object","required":["issuerCardRefId","virtualCardId","walletProviderId","isPrimary"],"properties":{"issuerCardRefId":{"$ref":"#/components/schemas/issuerCardRefId"},"virtualCardId":{"$ref":"#/components/schemas/virtualCardId"},"walletCardRefId":{"$ref":"#/components/schemas/walletCardRefId"},"walletVirtualCardId":{"type":"string","description":"Wallet virtual card identifier\nFor ApplePay, it corresponds to the DPANID and is always provided if defined.","minLength":1,"maxLength":128},"walletProviderId":{"$ref":"#/components/schemas/walletProviderId"},"tokenRequestor":{"$ref":"#/components/schemas/tokenRequestorDgt"},"tokenStorageId":{"$ref":"#/components/schemas/tokenStorageId"},"isPrimary":{"type":"boolean","description":"It is a boolean information that inform if the Virtual card is a primary virtual card or if it is an Auxiliary virtual card"},"action":{"type":"string","description":"This corresponds to the action performed on the token\n\nHere is the possible value:\n- ACTIVATE : Token First Activation\n- SUSPEND : Token suspended via lifecycle operation\n- RESUME : Token resumed via lifecycle operation\n- DELETE : Token deleted on the TSP\n- DELETE_FROM_APP : Token deleted on the wallet application (MDES only)\n- UPDATE : When the funding PAN value is updated (ex: card renewal)\n- RENEW : When a token is renewed (ex: if the token expire, the TSP renew the token and re-provision it automaticaly)\n- ERASE : Token erased following a GDPR action\n- DEVICE_BOUND : Token bound to a device (VISA & MASTERCARD only)\n- DEVICE_UNBOUND : Token unbound from a device (VISA only)\n- CARDHOLDER_STEPUP_OTP, CARDHOLDER_STEPUP_ISSUER_APP, CARDHOLDER_STEPUP_CALL_CENTER: in case of cardholder authentication flow (VISA only)\n- CARDHOLDER_STEPUP_APPROVED: in case of cardholder authentication flow performed via 3D Secure (VISA only)\n","maxLength":128},"deviceBindingReference":{"type":"string","maxLength":64,"description":"Provided only in case of DEVICE_BOUND / DEVICE_UNBOUND action. \r\nNote that this field corresponds to the **deviceIndex** for VTS and to the **bindId** for MDES.\r\nFor MDES Device Binding, in case of error, this field will include the **authCorrelationId** to help with trouble-shooting. "},"tokenInfo":{"$ref":"#/components/schemas/tokenInfo"},"publicKeyIdentifier":{"type":"string","maxLength":32,"minLength":1,"description":"Identifier of the key used to encrypt tokenInfo.<br/>Provided by Issuer to Thales during onboarding."},"errorCode":{"type":"number","description":"Error code provided in case of operation failure initiated by the issuer<br/>\n|error code |description|\n|------------|-----------|\n|221 |The device was not reachable after retries|\n|322 |Time to live of the operation expired|\n|432|Current token state does not allow this operation|\n|520 |Stepup cardholder authentication failed|\n|911 |Operation Failed|\n|921 |Unexpected error|\n\nThis list is not exhaustive. Error codes not listed shall be considered as a generic error."},"source":{"type":"string","description":"The source actor that initiate the state change.\n\nDescription:\n-WALLET\n-TSP\n-ISSUER","maxLength":32},"tokenType":{"$ref":"#/components/schemas/tokenType"},"tokenAssuranceLevel":{"$ref":"#/components/schemas/Issuer-gateway-issuer-to-tsh_Oas2_TokenAssuranceLevel"},"authenticatorInfo":{"type":"object","description":"Contains cardholder information authenticator data required for payment transactions. Only present when action is DEVICE_BOUND. This field applies ONLY to MASTERCARD","required":["id","methodId"],"properties":{"id":{"type":"string","minLength":1,"maxLength":5,"description":"Authenticating entity identifier"},"name":{"type":"string","minLength":1,"maxLength":25,"description":"Authenticator Name"},"methodId":{"type":"string","minLength":1,"maxLength":5,"description":"Certified multi-factor authentication method id used to authenticate cardholder after binding"}}}}},"issuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/>"},"virtualCardId":{"description":"Unique identifier of the virtual card","type":"string","maxLength":64,"minLength":1},"walletCardRefId":{"type":"string","description":"Wallet card unique identifier\nConditional: If provided by Wallet provider.\n","minLength":1,"maxLength":128},"walletProviderId":{"type":"string","description":"Wallet Provider identifier, defined by Thales.\n\n<b>When TSH acts as OEM Pay broker:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|APPLE_PAY |Apple Pay Wallet|\n|SPAYHCE |Samsung Pay Wallet|\n|ANDROID_PAY |Google Pay Wallet|\n\n\n<b>When TSH acts as ITSP:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|WALLET|Generic NFC/QR Code Wallet provider |\n|ECOM |Generic Merchant Wallet Provider ID managing CoF token |\n\nNOTE:\nIt is possible to assign a specific \"walletProviderId\" for a given TRID. This configuration can be achieved during the project on-boarding phase only.\n\nPlease check the \"Wallet Provider ID Mapping\" page in the \"API Reference\" section.","minLength":1,"maxLength":128},"tokenRequestorDgt":{"type":"object","description":"**Applies to ITSP solution only**","properties":{"id":{"type":"string","maxLength":11,"description":"Token Requestor Identifier provided and allocated by Scheme TSP.\\\nFor the same requestor, the identifier changes across the different Schemes."},"originalTokenRequestorId":{"type":"string","maxLength":11,"description":"VISA Only\\\nApplies in case of token for token provisioning"},"walletId":{"type":"string","maxLength":100,"description":"This field applies ONLY to MasterCard, Discover and American Express.\n\nWallet Application Identifier provided and allocated by Scheme TSP"},"merchantId":{"type":"string","maxLength":32,"description":"VISA only\\\nUnique identifier for merchant"},"name":{"type":"string","maxLength":256,"description":"Readable name of the token requestor"},"tspId":{"type":"string","maxLength":11,"description":"VISA Only\\\nID that identifies in an unique way the couple Token Requestor - Token Service Provider. Generated by the scheme.\\\nNamed by VTS \"tokenRequestorTspID\""}}},"tokenStorageId":{"type":"string","description":"Unique token storage identifier","minLength":1,"maxLength":128},"tokenInfo":{"type":"string","maxLength":8196,"minLength":1,"description":"Additional information about the token of the virtual card\nThis field is conditional to the TSP and provided only during enrolment. \n\nOnly supported in case of token managed by VTS or MDES\nThe tokenInfo is the json (cf http://www.json.org/ ) representation of the Token.\n\nThis value is encrypted using the PKCS#7 encryption scheme defined in RFC 2315/5652 using following encryption parameters:<br/>\n* The content encryption algorithm used is AES256/CBC/PKCS7Padding using a randomly generated AES key.\n* The key encryption algorithm is either RSAES-PKCS1-v1_5 (RSA/NONE/PKCS1Padding) or RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256), using the certificate provided during onboarding.<br/>\nThe key encryption algorithm is defined during onboarding and is by default (if ommitted) the RSA/NONE/PKCS1Padding for legacy purpose.<br/>\nIt is recommended to configure RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256) for new issuers.\n\n* The encryption result is then encoded using base64.<br/>\n* The public key length in the certificate can be 2048-bit or 4096-bit.\n\nOnce deciphered, the cardInfo contains the following information:<br/>\n|JSON field parameter name |description |MOC |Length |\n|--------------------------|------------|----|-------|\n|pan |The token PAN |M |Up to 19 |\n|exp |The expiry date in the format MMYY.<br/>It is not provided for UPI scheme. |C |4 |\n|originalToken | The device-based token used to request the digitization |O|Up to 19|\n|originalTokenReferenceID | The unique reference of the original Token |O|Up to 32|\n|originalTokenAssuranceLevel | The assurance level of the orginal Token - RFU|O|2|\n\n**NOTE**\n\noriginalToken,originalTokenReferenceID and originalTokenAssuranceLevel are provided ONLY by VISA in case of a Token for Token digitization flow.\n","contentEncoding":"base64"},"tokenType":{"type":"string","maxLength":16,"description":"The type of token the TSP has created or for which the request is sent.\nIt applies to VISA, MasterCard and UPI.\nFollowing values are supported:\n- SE (token for a secure element)\n- HCE (token for Host Card Emulated device)\n- COF (token for a card on file)\n- ECOM (token for ecommerce)\n- QRC (token for QRCode)"},"Issuer-gateway-issuer-to-tsh_Oas2_TokenAssuranceLevel":{"type":"string","title":"tokenAssuranceLevel","maxLength":2,"description":"The token assurance level indicates the level of assurance of the token.\nThis is given by the ID&V method that has been used to authenticate the consumer on the specific token for example when the token is created (during the digitization flow) or, in case of a COF token, when a binding flow is executed.\n\nFollowing values are supported:\n- 00 (ID&V not performed)\n- 10 (Card Issuer Account Verification)\n- 11 (Card Issuer Interactive Verification - 1 Factor)\n- 12 (Card Issuer Interactive Verification - 2 Factor)\n- 13 (Card Issuer Oriented Non-Interactive Cardholder Authentication)\n- 14 (Card Issuer Asserted Authentication)\n\nNOTE: applies only to VISA"}}}}
```

## Provides ID\&V OTP

> This method is used by TSH to request issuer to\
> \* send an OTP generated by Thales or the by scheme to customer/cardholder.\
> \*  to generate and send an OTP (in such case the otpValue is not provided).\
> \*  to trigger in-app verification ID\&V via Push Notification in MDES Post Tokenization (in such case the otpValue is not provided)\
> \
> \*\*In case of VTS/MDES ITSP, the OTP is always generated by the scheme\*\*<br>

```json
{"openapi":"3.1.1","info":{"title":"Gemalto TSH Issuer Gateway  API","version":"2.8.7"},"tags":[{"name":"Send OTP"}],"servers":[{"url":"https://issuer.host.com/issuer/igwapi/v2.0"}],"paths":{"/sendOTP":{"post":{"summary":"Provides ID&V OTP","description":"This method is used by TSH to request issuer to\n* send an OTP generated by Thales or the by scheme to customer/cardholder.\n*  to generate and send an OTP (in such case the otpValue is not provided).\n*  to trigger in-app verification ID&V via Push Notification in MDES Post Tokenization (in such case the otpValue is not provided)\n\n**In case of VTS/MDES ITSP, the OTP is always generated by the scheme**\n","operationId":"sendOTP","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/x-issuer-id-header"}],"responses":{"200":{"description":"Successful (no response body)"},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter","content":{"application/json":{"schema":{"type":"object","description":"Error Information Response","required":["responseCode"],"properties":{"responseCode":{"type":"number","description":"Error Response code to the request\n|Error code | Description|\n|-------|-------|\n|501|Invalid method ID|\n|502|Communication Channel not available|\n|503|Method ID not valid anymore (for example if the number of user reach the maximum OTP attempts)|\n|911|Operation failed|\n|921|Unexpected server error|"},"errorMessage":{"maxLength":256,"type":"string","description":"Textual error message"}}}}}},"500":{"description":"Internal Server Error"}},"tags":["Send OTP"],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/sendOTPReq"}}},"description":"sendOTP request payload","required":true}}}},"components":{"parameters":{},"schemas":{"sendOTPReq":{"type":"object","required":["walletProviderId","issuerCardRefId"],"properties":{"walletProviderId":{"$ref":"#/components/schemas/walletProviderId"},"tokenRequestor":{"$ref":"#/components/schemas/tokenRequestor"},"issuerCardRefId":{"$ref":"#/components/schemas/issuerCardRefId"},"deviceBindingReference":{"type":"string","maxLength":64,"description":"Reference of the binding between the device and the token.\nProvided in case the OTP must be sent in the process of a Device Biding flow.\nThis field is provided only when the flow is going through VTS (Note that this field corresponds to the deviceIndex)."},"otpValue":{"type":"string","minLength":4,"maxLength":10,"description":"The otp value to be send by the issuer.\nThe value is mandatory for VTS.\nFor MDES it won't be provided in case of In-App Verification via Push Notification\n"},"expirationDate":{"type":"string","minLength":4,"maxLength":32,"description":"The expiration time for OTP.\nex.  2015-05-18T14:40:32.000Z\n\nCYY-MM-DDTHH:MM:SSz\nValue will be in GMT.\n"},"otpMethodId":{"type":"string","minLength":1,"maxLength":32,"description":"The identifier of OTP method selected by end user\n\nThis identifier is defined by the issuer and shared with TSH in response of the requestCardDigitization\n\nIt corresponds to the id field defined in the idvMethod of the requestCardDigitization.response.idvMethodList.idvMethod\n"}}},"walletProviderId":{"type":"string","description":"Wallet Provider identifier, defined by Thales.\n\n<b>When TSH acts as OEM Pay broker:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|APPLE_PAY |Apple Pay Wallet|\n|SPAYHCE |Samsung Pay Wallet|\n|ANDROID_PAY |Google Pay Wallet|\n\n\n<b>When TSH acts as ITSP:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|WALLET|Generic NFC/QR Code Wallet provider |\n|ECOM |Generic Merchant Wallet Provider ID managing CoF token |\n\nNOTE:\nIt is possible to assign a specific \"walletProviderId\" for a given TRID. This configuration can be achieved during the project on-boarding phase only.\n\nPlease check the \"Wallet Provider ID Mapping\" page in the \"API Reference\" section.","minLength":1,"maxLength":128},"tokenRequestor":{"type":"object","description":"**Applies to ITSP solution only**","properties":{"id":{"type":"string","maxLength":11,"description":"Token Requestor Identifier provided and allocated by Scheme TSP.\\\nFor the same requestor, the identifier changes across the different Schemes."},"originalTokenRequestorId":{"type":"string","maxLength":11,"description":"VISA Only\\\nApplies in case of token for token provisioning"},"walletId":{"type":"string","maxLength":100,"description":"This field applies ONLY to MasterCard, Discover and American Express\n\nWallet Application Identifier provided and allocated by Scheme TSP"},"merchantId":{"type":"string","maxLength":32,"description":"VISA only\\\nUnique identifier for merchant"},"name":{"type":"string","maxLength":256,"description":"Readable name of the token requestor"}}},"issuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/>"}}}}
```

## notify issuer about STIP (StandIn Process) triggering

> This method is used by TSH to notify the issuer that the scheme go in stand in process on behalf of the issuer.\<br/>\
> It provides information about the funding card as well as the token created during this process, and its current status.\<br/>\
> \<br/>\
> \*\*\*This method applies to VISA ITSP solution only\*\*\*<br>

````json
{"openapi":"3.1.1","info":{"title":"Gemalto TSH Issuer Gateway  API","version":"2.8.7"},"tags":[],"servers":[{"url":"https://issuer.host.com/issuer/igwapi/v2.0"}],"paths":{"/notifyStandInProcess":{"post":{"summary":"notify issuer about STIP (StandIn Process) triggering","description":"This method is used by TSH to notify the issuer that the scheme go in stand in process on behalf of the issuer.<br/>\nIt provides information about the funding card as well as the token created during this process, and its current status.<br/>\n<br/>\n***This method applies to VISA ITSP solution only***\n","operationId":"notifyStandInProcess","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/x-issuer-id-header"}],"responses":{"200":{"description":"notifyStandInProcess response payload","content":{"application/json":{"schema":{"$ref":"#/components/schemas/notifyStandInProcessRes"}}}},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter","content":{"application/json":{"schema":{"type":"object","description":"Error Information Response","required":["responseCode"],"properties":{"responseCode":{"type":"number","description":"Error Response code to the request\n|Error code | Description|\n|-------|-------|\n|111|Missing mandatory parameter|\n|112|Bad parameter format|\n|158|Card is expired|\n|161|Invalid CVV2|\n|164|FPAN Provisioning Count Exceeded|\n|166|Invalid FPAN|\n|911|Operation failed|\n|921|Unexpected server error|"},"errorMessage":{"maxLength":256,"type":"string","description":"Textual error message"}}}}}},"500":{"description":"Internal Server Error"}},"tags":["Notify Stand In Process"],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/notifyStandInProcessReq"}}},"description":"notifyStandInProcess request payload","required":true}}}},"components":{"parameters":{},"schemas":{"notifyStandInProcessRes":{"type":"object","properties":{"issuerCardRefId":{"$ref":"#/components/schemas/issuerCardRefId"}},"required":["issuerCardRefId"]},"issuerCardRefId":{"type":"string","maxLength":48,"description":"The unique identifier of the funding card.<br/> This value is generated and manage by the issuer.<br/> This value can be updated in case of funding PAN replacement by the issuer.<br/>"},"notifyStandInProcessReq":{"type":"object","properties":{"cipheredCardInfo":{"$ref":"#/components/schemas/cipheredCardInfo"},"virtualCardId":{"$ref":"#/components/schemas/virtualCardId"},"tokenStorageId":{"$ref":"#/components/schemas/tokenStorageId"},"deviceInformation":{"$ref":"#/components/schemas/deviceInformation"},"isPrimary":{"type":"boolean","description":"It is a boolean information that inform if the Virtual card is a primary virtual card or if it is an Auxiliary virtual card"},"enrollmentStep":{"type":"string","description":"Inform at which step the STIP notification has been recevied by TSH during the enrollment.\n\nDescription:\n-NEW_SESSION\n-CARD_ELIGIBILITY_IN_PROGRESS\n-CARD_ELEGIBILITY_DONE\n-CARD_DIGITIZATION_IN_PROGRESS\n-CARD_DIGITIZATION_DONE\n-SEND_OTP_IN_PROGRESS\n-SEND_OTP_DONE\n-NOTIFY_CARD_STATUS_IN_PROGRESS\n-NOTIFY_CARD_STATUS_DONE","maxLength":128},"status":{"type":"string","description":"Current token state.\n\nDescription:\n-SUSPENDED\n-RESUMED\n-DELETED\n-UPDATED\n-INACTIVE","maxLength":32},"tokenInfo":{"type":"string","maxLength":8196,"minLength":1,"description":"Additional information about the token of the virtual card\nThis field is conditional to the TSP and provided only during enrolment. \nOnly supported in case of token managed by VTS or MDES\n","contentEncoding":"base64"},"publicKeyIdentifier":{"type":"string","maxLength":32,"minLength":1,"description":"Identifier of the key used to encrypt tokenInfo.<br/>Provided by Issuer to Thales during onboarding."},"walletProviderId":{"$ref":"#/components/schemas/walletProviderId"},"tokenRequestor":{"$ref":"#/components/schemas/tokenRequestorDgt"},"walletCardRefId":{"$ref":"#/components/schemas/walletCardRefId"},"source":{"type":"string","description":"The source actor that initiate the state change.\n\nDescription:\n-WALLET\n-TSP\n-ISSUER","maxLength":32},"cvvValidated":{"description":"true if the TSP has verify the CVV2 on behalf of the issuer\nfalse if TSP failed to verify the CVV2\nnot provided if TSP doesn't manage to verify the CVV2","type":"boolean"},"tokenAssuranceLevel":{"$ref":"#/components/schemas/Issuer-gateway-issuer-to-tsh_Oas2_TokenAssuranceLevel"}},"required":["cipheredCardInfo","virtualCardId","deviceInformation","isPrimary","enrollmentStep","walletProviderId","source"]},"cipheredCardInfo":{"maxLength":8196,"minLength":1,"type":"string","description":"TSH sends Card information as a JSON.\n\nThis value is encrypted using the PKCS#7 encryption scheme defined in RFC 2315/5652 using following encryption parameters:<br/>\n* The content encryption algorithm used is AES256/CBC/PKCS7Padding using a randomly generated AES key.\n* The key encryption algorithm is either RSAES-PKCS1-v1_5 (RSA/NONE/PKCS1Padding) or RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256), using the certificate provided during onboarding.<br/>\nThe key encryption algorithm is defined during onboarding and is by default (if ommitted) the RSA/NONE/PKCS1Padding for legacy purpose.<br/>\nIt is recommended to configure RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256) for new issuers.\n\n* The encryption result is then encoded using base64.<br/>\n* The public key length in the certificate can be 2048-bit or 4096-bit.\n\nOnce deciphered, the cardInfo contains the following information:<br/>\n\n|JSON field parameter name |description |MOC |Length |\n|--------------------------|------------|----|-------|\n|fpan |The funding pan to digitize |M |Up to 19 |\n|exp |The expiry date in the format MMYY |O |4 |\n|cvv |Depending of the OEM and scheme, this value is provided or not |O |3 or 4 |\n|additionalCardInfos | Optional JSON Open format, in order to add additional card info - project dependent|O|Up to 8177|\n|originalToken | The device-based token used to request the digitization |O|Up to 19|\n|originalTokenReferenceID | The unique reference of the original Token |O|Up to 32|\n|originalTokenAssuranceLevel | The assurance level of the orginal Token - RFU|O|2|\n\n<br/>\n\n\n**Examples:**\n\n``` javascript\n  Example 1\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n  }\n\n  Example 2\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    “cvv\":\"765”\n  }\n\n  Example 3\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    “cvv\":\"765”,\n    \"additionalCardInfos\": {\n      \"archiveReference\": “90217095220928”\n    }\n  }\n\n  Example 4\n  {\n    \"fpan\":\"1234567891234567\",\n    \"exp\":\"1218\",\n    \"additionalCardInfos\": {\n      \"pin\": “06123456FFFFFFFF”\n    }\n  }\n\t\t\n\tExample 5: Token for Token digitization\n\t{\n\t\t\"fpan\":\"1234567891234567\",\n\t\t\"exp\":\"1218\",\n\t\t“cvv\":\"765”,\n\t\t\"originalToken\":\"4532111111111112\",\n\t\t\"originalTokenReferenceID\":\"DNITHE381835220225004085\",\n\t\t\"originalTokenAssuranceLevel\":\"\"\n\t}\n\t\t\n```\n\n*Note*: \n1. **This parameter is optional**, If it not provided, the Issuer must rely on the **issuerCardRefId** to find the funding card to digitize. **cipheredCardInfo**  and **issuerCardRefId** are exclusive.<br/>\n2. **pin** is sent inside **additionalCardInfos** only in case of UPI scheme. It is generally sent for Debit cards.<br/>\n3. originalToken,originalTokenReferenceID and originalTokenAssuranceLevel are provided ONLY by VISA in case of a Token for Token digitization flow.<br/>\n"},"virtualCardId":{"description":"Unique identifier of the virtual card","type":"string","maxLength":64,"minLength":1},"tokenStorageId":{"type":"string","description":"Unique token storage identifier","minLength":1,"maxLength":128},"deviceInformation":{"type":"object","properties":{"tokenStorageId":{"$ref":"#/components/schemas/tokenStorageId"},"tokenStorageType":{"$ref":"#/components/schemas/tokenStorageType"},"manufacturer":{"type":"string","description":"Device manufacturer name","maxLength":32,"minLength":1},"brand":{"type":"string","description":"Device brand","maxLength":16,"minLength":1},"model":{"type":"string","description":"Device model","maxLength":16,"minLength":1},"tac":{"type":"string","description":"Type Allocation Code of the device","maxLength":8,"minLength":1},"osVersion":{"type":"string","description":"Device OS version","maxLength":16,"minLength":1},"firmwareVersion":{"type":"string","description":"Device firmware version","maxLength":16,"minLength":1},"phoneNumber":{"type":"string","description":"DEvice Phone number","maxLength":20,"minLength":1},"fourLastDigitPhoneNumber":{"type":"string","description":"The 4 last digit of the device phone number","maxLength":4,"minLength":1},"deviceName":{"type":"string","description":"Device name that the device owner may use to identify it","maxLength":128,"minLength":1},"deviceId":{"type":"string","description":"Stable hardware identifier.\nUsed only for risk signal as there are some rare cases when deviceId can be reused across multiple devices or can change\n","maxLength":64,"minLength":1},"androidIdLastTwo":{"type":"string","description":"Last 2 hex characters of the Android Id.","maxLength":2,"minLength":1},"deviceParentId":{"type":"string","description":"Parent device tokenStorageId. It is used in case of wearable device","maxLength":64,"minLength":1},"language":{"type":"string","description":"Selected language on the device in ISO 639-3","maxLength":3,"minLength":1},"deviceStateFlags":{"type":"string","description":"Hexa string containing the device state flags defined in [VCON] section 7.2. There is one bit per flag.\nConditional - Mandatory in case of HCE\n","maxLength":2,"minLength":1},"serialNumber":{"type":"string","description":"Serial number of the mobile device","minLength":1,"maxLength":64},"timeZone":{"type":"string","description":"Device time zone\nTimezone abbreviation.\nExample: PST, GMT, GMT+05:00\n","maxLength":10,"minLength":1},"timeZoneSetting":{"type":"string","description":"who set the timezone.\n\nDescription:\n-NETWORK_SET\n-CONSUMER_SET","maxLength":32},"simSerialNumber":{"type":"string","description":"SIM serial number","maxLength":24,"minLength":1},"IMEI":{"type":"string","description":"Phone IMEI","maxLength":24,"minLength":1},"phoneLostTime":{"type":"string","description":"If available, the period, in day, the phone has been lost","maxLength":4,"minLength":1},"networkOperator":{"type":"string","description":"The network operator name","maxLength":16,"minLength":1},"networkType":{"type":"string","description":"Type of network use for enrollment\n\nDescription:\n-CELLULAR\n-WIFI","maxLength":32}}},"tokenStorageType":{"type":"string","description":"Identifies the type of token storage location, possible values are:\n- HCE\n- SPAY_PHONE\n- SPAY_TABLET\n- SPAY_WATCH\n- SPAY_TV\n- IPHONE\n- IWATCH\n- IPAD\n- MAC_BOOK\n- ANDROID_PHONE\n- ANDROID_TABLET\n- ANDROID_WATCH\n- MOBILE_PHONE\n- TABLET\n- WATCH\n- MOBILE_PHONE_OR_TABLET\n- BRACELET\n- PC\n- HOUSEHOLD\n- WEARABLE\n- AUTOMOBILE\n- REALITY\n- UNKNOWN","maxLength":32},"walletProviderId":{"type":"string","description":"Wallet Provider identifier, defined by Thales.\n\n<b>When TSH acts as OEM Pay broker:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|APPLE_PAY |Apple Pay Wallet|\n|SPAYHCE |Samsung Pay Wallet|\n|ANDROID_PAY |Google Pay Wallet|\n\n\n<b>When TSH acts as ITSP:</b>\n|walletProviderId  |Description|\n|-------|-------|\n|WALLET|Generic NFC/QR Code Wallet provider |\n|ECOM |Generic Merchant Wallet Provider ID managing CoF token |\n\nNOTE:\nIt is possible to assign a specific \"walletProviderId\" for a given TRID. This configuration can be achieved during the project on-boarding phase only.\n\nPlease check the \"Wallet Provider ID Mapping\" page in the \"API Reference\" section.","minLength":1,"maxLength":128},"tokenRequestorDgt":{"type":"object","description":"**Applies to ITSP solution only**","properties":{"id":{"type":"string","maxLength":11,"description":"Token Requestor Identifier provided and allocated by Scheme TSP.\\\nFor the same requestor, the identifier changes across the different Schemes."},"originalTokenRequestorId":{"type":"string","maxLength":11,"description":"VISA Only\\\nApplies in case of token for token provisioning"},"walletId":{"type":"string","maxLength":100,"description":"This field applies ONLY to MasterCard, Discover and American Express.\n\nWallet Application Identifier provided and allocated by Scheme TSP"},"merchantId":{"type":"string","maxLength":32,"description":"VISA only\\\nUnique identifier for merchant"},"name":{"type":"string","maxLength":256,"description":"Readable name of the token requestor"},"tspId":{"type":"string","maxLength":11,"description":"VISA Only\\\nID that identifies in an unique way the couple Token Requestor - Token Service Provider. Generated by the scheme.\\\nNamed by VTS \"tokenRequestorTspID\""}}},"walletCardRefId":{"type":"string","description":"Wallet card unique identifier\nConditional: If provided by Wallet provider.\n","minLength":1,"maxLength":128},"Issuer-gateway-issuer-to-tsh_Oas2_TokenAssuranceLevel":{"type":"string","title":"tokenAssuranceLevel","maxLength":2,"description":"The token assurance level indicates the level of assurance of the token.\nThis is given by the ID&V method that has been used to authenticate the consumer on the specific token for example when the token is created (during the digitization flow) or, in case of a COF token, when a binding flow is executed.\n\nFollowing values are supported:\n- 00 (ID&V not performed)\n- 10 (Card Issuer Account Verification)\n- 11 (Card Issuer Interactive Verification - 1 Factor)\n- 12 (Card Issuer Interactive Verification - 2 Factor)\n- 13 (Card Issuer Oriented Non-Interactive Cardholder Authentication)\n- 14 (Card Issuer Asserted Authentication)\n\nNOTE: applies only to VISA"}}}}
````

## check if Issuer is healthy

> This method is used by TSH to monitor Issuer health

```json
{"openapi":"3.1.1","info":{"title":"Gemalto TSH Issuer Gateway  API","version":"2.8.7"},"tags":[{"name":"Health Check"}],"servers":[{"url":"https://issuer.host.com/issuer/igwapi/v2.0"}],"paths":{"/healthCheck":{"get":{"summary":"check if Issuer is healthy","description":"This method is used by TSH to monitor Issuer health","operationId":"healthCheck","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/x-issuer-id-header"}],"responses":{"204":{"description":"succesfull"},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter"},"500":{"description":"Internal Server Error"}},"tags":["Health Check"]}}},"components":{"parameters":{}}}
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.payments.thalescloud.io/classic-tokenization/ja/apirifarensu/ishuagtoweiapi/autobaundoishua.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.