> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/d1-v1-api/d1-v1-api-references/consumer-operations/register.md).

# Register

Register APIs.

## Register consumer

> This request is used by the issuer backend to request the registration of the end user (consumer).\<br/>As an input only the consumerId and the state are needed.

```json
{"openapi":"3.0.0","info":{"title":"Inbound Consumer API","version":"1.0"},"tags":[{"name":"Register","description":"Register APIs."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking/v1","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking/v1","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).<br/>The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"responses":{"BadRequest":{"description":"Bad Request, Invalid request URI or header, or unsupported non-standard parameter","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"Unauthorized":{"description":"The provided Authorization header is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}}},"schemas":{"errorGeneric":{"type":"object","description":"Generic error returned by the APIs.","properties":{"error":{"type":"string","description":"Description of the error.<br/>This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}}},"paths":{"/issuers/{issuerId}/consumers/{consumerId}":{"put":{"description":"This request is used by the issuer backend to request the registration of the end user (consumer).<br/>As an input only the consumerId and the state are needed.","requestBody":{"content":{"application/json":{"schema":{"description":"The following object represent the consumer","type":"object","properties":{"state":{"description":"The state of the end user (consumer)<br/>**Note**: Consumer state is deprecated, Thales will no more check the consumer's state. You can still pass it but it will be ignored.","deprecated":true,"type":"string","enum":["INACTIVE","ACTIVE"]}}}}}},"responses":{"204":{"description":"Successful end user registration"},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"404":{"description":"Resource not found, Unknown issuerId.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"$ref":"#/components/responses/InternalServerError"}},"summary":"Register consumer","operationId":"registerConsumer","tags":["Register"]}}}}
```

## Register consumer with cards

> This request is used by the issuer backend to register an end user (consumer) with his associated set of cards.\<br/>\
> The cards must be already created on the Issuer CMS side. This allows D1 to make this end user (consumer) and his or her cards eligible to other D1 services like tokenisation, secure card display, push porvisioning...\<br/>If not provided in this API (in the \*\*encryptedData\*\* parameter), D1 manages to retrieve useful card information from the issuer backend based on the cardId provided by calling \*\*\[get card credentials API]\(<https://thales-dis-dbp.stoplight.io/docs/d1-api-public/8518eb9d80bc7-get-card-credentials)\\*\\>\*.

```json
{"openapi":"3.0.0","info":{"title":"Inbound Consumer API","version":"1.0"},"tags":[{"name":"Register","description":"Register APIs."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking/v1","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking/v1","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).<br/>The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"[A-Za-z0-9_-]{1,48}"},"cardProductId":{"type":"string","description":"Unique identifier of the type of card (defined during the onboarding of D1)","minLength":1,"maxLength":48,"pattern":"[A-Za-z0-9_-]{1,48}"},"clickToPayConsumerInfo":{"title":"Click to Pay ConsumerInfo","type":"object","description":"The consumer details that have to be pushed into the Click to Pay directory.<br/>\nThis optional parameter is only applicable if the issuer wants to use Click to Pay auto-enrolment, and if the card product is elligible to Click to Pay auto-enrolment.","required":["firstName","lastName","language","mobilePhoneNumber"],"properties":{"firstName":{"description":"First name of the end user (consumer).","type":"string","pattern":"^[\\p{L}\\p{N}\\u0600-\\u06FF ,.'_#;:\\/-]{1,35}$","minLength":1,"maxLength":35},"middleName":{"description":"Middle name of the end user (consumer). It is applicable only to Visa.","type":"string","pattern":"^[\\p{L}\\p{N}\\u0600-\\u06FF ,.'_#;:\\/-]{1,35}$","minLength":1,"maxLength":35},"lastName":{"description":"Last name of the end user (consumer).","type":"string","pattern":"^[\\p{L}\\p{N}\\u0600-\\u06FF ,.'_#;:\\/-]{1,35}$","minLength":1,"maxLength":35},"language":{"description":"Language of the end user (consumer). Based on ISO format for language (ISO 639–1) and an alpha-2 country code (ISO 3166–1 alpha-2). The language must be lowercase, and the country must be uppercase ideally. The language and country should be separated using a minus character \"-\"","type":"string","pattern":"^[a-z]{2}-[a-zA-Z]{2}$","minLength":5,"maxLength":5},"mobilePhoneNumber":{"description":"Phonenumber of the end user (consumer). Shall respect the E-164 format.","type":"object","required":["countryCode","phoneNumber"],"properties":{"countryCode":{"description":"Internantional country code of the end user's phonenumber. Shall start with the '+' sign.","type":"string","pattern":"^\\+[0-9]{1,10}$","minLength":2,"maxLength":10},"phoneNumber":{"description":"National phonenumber of the end user. Shall not contain the first '0' of the national phonenumber.","type":"string","pattern":"^[0-9]{1,14}$","minLength":1,"maxLength":14}}},"email":{"description":"Email of the end user (consumer). Mandatory for Mastercard.","type":"string","minLength":6,"maxLength":255,"pattern":"^[a-zA-Z0-9_+&*-]+(?:\\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,15}$"},"residencyAddress":{"description":"Residency address of the end user (consumer). In the context of Click to Pay it will be used as 'billing address' associated to each cards.\n<br/>**Mandatory for Visa**.\n<br/>**Note**: For Mastercard this field is optional, but when set all fields inside must be provided, in accordance with Mastercard specifications. ","type":"object","required":["countryCode"],"properties":{"line1":{"description":"First line of the address.","type":"string","pattern":"^[\\p{L}\\p{N}\\u0600-\\u06FF ,.'_#;:\\/-]{1,64}$","minLength":1,"maxLength":64},"line2":{"description":"Second line of the address.","type":"string","pattern":"^[\\p{L}\\p{N}\\u0600-\\u06FF ,.'_#;:\\/-]{1,64}$","minLength":1,"maxLength":64},"line3":{"description":"Third line of the address.","type":"string","pattern":"^[\\p{L}\\p{N}\\u0600-\\u06FF ,.'_#;:\\/-]{1,64}$","minLength":1,"maxLength":64},"city":{"description":"City.","type":"string","pattern":"^[\\p{L}\\p{N}\\u0600-\\u06FF ,.'_#;:\\/-]{1,32}$","minLength":1,"maxLength":32},"state":{"type":"string","pattern":"^[A-Z0-9]{1,3}$","minLength":1,"maxLength":3,"description":"State. Second part of ISO_3166-2 format, representing the state (country subdivision) based on the country."},"zipCode":{"description":"Country zip Code.","type":"string","pattern":"^[0-9a-zA-Z ]{1,10}$","minLength":1,"maxLength":10},"countryCode":{"type":"string","pattern":"^[A-Z]{2}$","minLength":2,"maxLength":2,"description":"Country code. Based on ISO 3166-1 alpha-2 format."}}}}},"errorGeneric":{"type":"object","description":"Generic error returned by the APIs.","properties":{"error":{"type":"string","description":"Description of the error.<br/>This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"BadRequest":{"description":"Bad Request, Invalid request URI or header, or unsupported non-standard parameter","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"Unauthorized":{"description":"The provided Authorization header is missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"InternalServerError":{"description":"Internal Server Error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}}}},"paths":{"/issuers/{issuerId}/consumers/{consumerId}/cards":{"put":{"description":"This request is used by the issuer backend to register an end user (consumer) with his associated set of cards.<br/>\nThe cards must be already created on the Issuer CMS side. This allows D1 to make this end user (consumer) and his or her cards eligible to other D1 services like tokenisation, secure card display, push porvisioning...<br/>If not provided in this API (in the **encryptedData** parameter), D1 manages to retrieve useful card information from the issuer backend based on the cardId provided by calling **[get card credentials API](https://thales-dis-dbp.stoplight.io/docs/d1-api-public/8518eb9d80bc7-get-card-credentials)**.","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"cards":{"description":"List of cards that are associated with the end user (consumer).                     \nIf you call the API twice with different card lists, it will complete the existing list with the new cards, \nbut it will not update the card if a card has the same cardId.\nA maximum of 20 cards can be associated with an end user via this API.\nIf the array is empty or missing, only the end user is registered.","type":"array","maxItems":20,"items":{"type":"object","properties":{"cardId":{"$ref":"#/components/schemas/cardId"},"accountId":{"description":"Unique identifier of the account. **Note**: This parameter is deprecated. You can still pass it but it will be ignored.","type":"string","deprecated":true,"minLength":1,"maxLength":24,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"cardProductId":{"$ref":"#/components/schemas/cardProductId"},"state":{"description":"The state of the card. If not present the card will be registered in ACTIVE state.","type":"string","enum":["INACTIVE","ACTIVE"]},"encryptedData":{"type":"string","title":"encryptedData","maxLength":8192,"pattern":"^(?:[\\x20-\\x2D\\x2F-\\x7F]*\\.){4}(?:[\\x20-\\x2D\\x2F-\\x7F]*)$","description":"The encryptedData is the encrypted json (cf http://www.json.org/ ) representation of the Card information.<br/>This is an optional information, if not provided Thales will call **[get card credentials API](https://thales-dis-dbp.stoplight.io/docs/d1-api-public/8518eb9d80bc7-get-card-credentials)** to retreive the data.<br/> This value is encrypted using the JWE encryption (please refer to the **[Encrypt sensitive data](../../../integrate-the-d1-api/encrypt-sensitive-data)** for more details)<br/><br/><b>Content</b><br/><br/>Once deciphered, the plaintext contains a json structure with:\n\t\n|JSON field parameter name|description|MOC|Format|\n|-------|-------|-------|-------|\n|pan|The funding pan value.|M|string - from 10 to 19 digits|\n|exp|The expiry date of the card.|M|string - 4 digits, following the format MMYY|\n|auxiliaryPan|The auxiliary funding pan value. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - up to 19 digits|\n|auxiliaryExp|The auxiliary expiry date of the card. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - 4 digits, following the format MMYY|\n|customSuffix|last 4 digits of the display pan which is different than the actual funding pan|O|string - 4 digits|"}},"required":["cardId","cardProductId"]}},"consumerInfo":{"$ref":"#/components/schemas/clickToPayConsumerInfo"}}}}},"description":""},"responses":{"204":{"description":"Successful end user (consumer) & cards registration"},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"description":"Forbidden action. At least one of the registration could not be done. <li>Check the state of the linked end user (consumer).</li><li>Check that the cardId does not belong to an existing end user (consumer).</li><li>Check that the pair \"PAN and EXP\" was not already registered with another cardId.</li><li>Check that the cardId was not already registered with different data.</li>","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Description of the error.<br/>This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."},"errors":{"type":"array","items":{"type":"object","properties":{"cardId":{"$ref":"#/components/schemas/cardId"},"error":{"type":"string","description":"Description of the error.<br/>This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}}}}}}},"500":{"$ref":"#/components/responses/InternalServerError"}},"summary":"Register consumer with cards","operationId":"registerConsumerAndCard","tags":["Register"]}}}}
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.payments.thalescloud.io/d1-v1-api/d1-v1-api-references/consumer-operations/register.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.