Welcome to our new developer portal! Use the "Ask" button to chat with our AI Agent.
Ctrlk

Operations

Different operations that can be done on a card.

Resume

post
/issuers/{issuerId}/cards/{cardId}/operations:resume

This request is used by the issuer backend to request the reactivation of a card that has been suspended.

This operation is only applicable to the card, and needs to be consistent with the other states. For instance, it's useless/forbidden to resume a card from a deactivated end user.

For registered cards that are managed directly by the issuer, the issuer has the responsability to call the processor first then D1 to make sure the states are always synched.

Note: It cannot be used to activate a physical card for the very first time. For that, please refer to activatePhysicalCard

Autorizaciones
AuthorizationstringRequerido

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Parámetros de ruta
issuerIdstring · mín: 10 · máx: 10Requerido

The id of the issuer

cardIdstring · mín: 1 · máx: 48Requerido

Unique identifier of the card.

Pattern: [A-Za-z0-9_-]{1,48}
Parámetros de encabezado
x-correlation-idstring · mín: 1 · máx: 64Opcional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for purposes other than logging and troubleshooting.

Pattern: [a-zA-Z0-9_\-\. ]{1,64}
Cuerpo
reasonstringOpcional

The reason why the action is performed.

This a free text field in case the Issuer wants to send details, that will be returned in the operations list.

Example: customer was contacted on June 28Pattern: ^[a-zA-Z0-9 ]{1,64}$
reasonCodestring · enumOpcional

The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.

Valores posibles:
Respuestas
200

Card resumed successfully

application/json

Operation result information.

operationIdstring · mín: 1 · máx: 64Opcional

Unique identifier of the operation

Pattern: [A-Za-z0-9_-]{1,64}
statusstring · enumOpcional

Status of the operation

Valores posibles:
post
/issuers/{issuerId}/cards/{cardId}/operations:resume

Suspend

post
/issuers/{issuerId}/cards/{cardId}/operations:suspend

This request is used by the issuer backend to request the deactivation of a card that has been lost for instance.

For registered cards that are managed directly by the issuer, the issuer has the responsability to call the processor first then D1 to make sure the states are always synched.

Autorizaciones
AuthorizationstringRequerido

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Parámetros de ruta
issuerIdstring · mín: 10 · máx: 10Requerido

The id of the issuer

cardIdstring · mín: 1 · máx: 48Requerido

Unique identifier of the card.

Pattern: [A-Za-z0-9_-]{1,48}
Parámetros de encabezado
x-correlation-idstring · mín: 1 · máx: 64Opcional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for purposes other than logging and troubleshooting.

Pattern: [a-zA-Z0-9_\-\. ]{1,64}
Cuerpo
reasonstringOpcional

The reason why the action is performed.

This a free text field in case the Issuer wants to send details, that will be returned in the operations list.

Example: customer was contacted on June 28Pattern: ^[a-zA-Z0-9 ]{1,64}$
reasonCodestring · enumOpcional

The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.

Valores posibles:
Respuestas
200

Card was suspended successfully

application/json

Operation result information.

operationIdstring · mín: 1 · máx: 64Opcional

Unique identifier of the operation

Pattern: [A-Za-z0-9_-]{1,64}
statusstring · enumOpcional

Status of the operation

Valores posibles:
post
/issuers/{issuerId}/cards/{cardId}/operations:suspend

Delete

post
/issuers/{issuerId}/cards/{cardId}/operations:delete

This request is used by the issuer backend to request the deletion of a card.

Note: The deletion of the card cannot be reversed. In the case of lost cards, consider using the Suspend operation first.

Autorizaciones
AuthorizationstringRequerido

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Parámetros de ruta
issuerIdstring · mín: 10 · máx: 10Requerido

The id of the issuer

cardIdstring · mín: 1 · máx: 48Requerido

Unique identifier of the card.

Pattern: [A-Za-z0-9_-]{1,48}
Parámetros de encabezado
x-correlation-idstring · mín: 1 · máx: 64Opcional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for purposes other than logging and troubleshooting.

Pattern: [a-zA-Z0-9_\-\. ]{1,64}
Cuerpo
reasonstringOpcional

The reason why the action is performed.

This a free text field in case the Issuer wants to send details, that will be returned in the operations list.

Example: customer was contacted on June 28Pattern: ^[a-zA-Z0-9 ]{1,64}$
reasonCodestring · enumOpcional

The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.

Valores posibles:
Respuestas
200

Card was deleted successfully

application/json

Operation result information.

operationIdstring · mín: 1 · máx: 64Opcional

Unique identifier of the operation

Pattern: [A-Za-z0-9_-]{1,64}
statusstring · enumOpcional

Status of the operation

Valores posibles:
post
/issuers/{issuerId}/cards/{cardId}/operations:delete

Renew

post
/issuers/{issuerId}/cards/{cardId}/operations:renew

This request is used by the issuer backend to renew/replace an existing card after card expiration or card loss.

The 'newCardId' is used by D1 to fetch the new PAN and/or new expiry date to be updated from the CMS if those information are not provided in encryptedData parameter.

Limitation: Card product update is currently not supported.

Autorizaciones
AuthorizationstringRequerido

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Parámetros de ruta
issuerIdstring · mín: 10 · máx: 10Requerido

The id of the issuer

cardIdstring · mín: 1 · máx: 48Requerido

Unique identifier of the card.

Pattern: [A-Za-z0-9_-]{1,48}
Parámetros de encabezado
x-correlation-idstring · mín: 1 · máx: 64Opcional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for purposes other than logging and troubleshooting.

Pattern: [a-zA-Z0-9_\-\. ]{1,64}
Cuerpo
newCardIdstring · mín: 1 · máx: 48Requerido

Unique identifier of the card.

Pattern: [A-Za-z0-9_-]{1,48}
newCardProductIdstring · mín: 1 · máx: 48Opcional

Reserved for future use; card product update is currently not supported.

Pattern: [A-Za-z0-9_-]{1,48}
newCardStatestring · enumRequerido

New state of the card after renew

Valores posibles:
encryptedDatastring · máx: 8192Opcional

The encryptedData is the encrypted json (cf http://www.json.org/ ) representation of the new card information.
This field is mandatory for AMEX cards and optional information for all the other schemes, if not provided Thales will call get card credentials API to retrieve the data.
This value is encrypted using the JWE encryption (please refer to the Encrypt sensitive data for more details)

Content

Once deciphered, the plaintext contains a json structure with:

JSON field parameter namedescriptionMOCFormat
panThe funding pan value.Mstring - from 10 to 19 digits
expThe expiry date of the card.Mstring - 4 digits, following the format MMYY
psnPAN Sequence number.Ostring - 2 digits (only applicable to AMEX scheme)
auxiliaryPanThe auxiliary funding pan value. It shall be provided when cobadge is supported and if the card has an auxiliary pan.Cstring - up to 19 digits
auxiliaryExpThe auxiliary expiry date of the card. It shall be provided when cobadge is supported and if the card has an auxiliary pan.Cstring - 4 digits, following the format MMYY
Example: encryptedData with card pan and card expPattern: ^(?:[\x20-\x2D\x2F-\x7F]*\.){4}(?:[\x20-\x2D\x2F-\x7F]*)$
reasonstringOpcional

The reason why the action is performed.

This a free text field in case the Issuer wants to send details, that will be returned in the operations list.

Example: customer was contacted on June 28Pattern: ^[a-zA-Z0-9 ]{1,64}$
reasonCodestring · enumOpcional

The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.

Valores posibles:
Respuestas
200

Card was renewed successfully

application/json

Operation result information.

operationIdstring · mín: 1 · máx: 64Opcional

Unique identifier of the operation

Pattern: [A-Za-z0-9_-]{1,64}
statusstring · enumOpcional

Status of the operation

Valores posibles:
post
/issuers/{issuerId}/cards/{cardId}/operations:renew

Get all operations

get
/issuers/{issuerId}/cards/{cardId}/operations

This request is used by the issuer backend to retrieve all operations related to a card. The API specifies the starting point (offset) and the number of operations (limit) to be retrieved. Offset 0 (the default) corresponds to the most recent operation. For example a limit of 5 and an offset of 2 would return the five most recent operations before the most recent two”.

If no operations are available for the given cardId, an empty list is returned.

Operations that are older than 3 months are removed.

Autorizaciones
AuthorizationstringRequerido

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Parámetros de ruta
issuerIdstring · mín: 10 · máx: 10Requerido

The id of the issuer

cardIdstring · mín: 1 · máx: 48Requerido

Unique identifier of the card.

Pattern: [A-Za-z0-9_-]{1,48}
Parámetros de consulta
offsetintegerOpcional

Index from which the query starts returning operations – Offset 0 (the default) corresponds to the most recent operation.

limitinteger · mín: 1 · máx: 50Opcional

Number of operations to be returned

Default: 10
Parámetros de encabezado
x-correlation-idstring · mín: 1 · máx: 64Opcional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for purposes other than logging and troubleshooting.

Pattern: [a-zA-Z0-9_\-\. ]{1,64}
Respuestas
200

OK

application/json
remainingOperationsintegerOpcional
get
/issuers/{issuerId}/cards/{cardId}/operations

Get operation

get
/issuers/{issuerId}/cards/{cardId}/operations/{operationId}

This request is used by the issuer backend to retrieve the information related to an operation on a card.

Operations older than 3 months are removed.

Autorizaciones
AuthorizationstringRequerido

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Parámetros de ruta
issuerIdstring · mín: 10 · máx: 10Requerido

The id of the issuer

cardIdstring · mín: 1 · máx: 48Requerido

Unique identifier of the card.

Pattern: [A-Za-z0-9_-]{1,48}
operationIdstring · mín: 1 · máx: 64Requerido

Unique identifier of the operation

Pattern: [A-Za-z0-9_-]{1,64}
Parámetros de consulta
digitalCardInfobooleanOpcional

Flag indicating whether digital card details (including the device data used to digitize and the requestor data) should be provided in the response. Only applicable to DIGITIZE Operations

Default: false
Parámetros de encabezado
x-correlation-idstring · mín: 1 · máx: 64Opcional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for purposes other than logging and troubleshooting.

Pattern: [a-zA-Z0-9_\-\. ]{1,64}
Respuestas
200

OK

application/json

Operation details related to a specific operationId in GetCardOperation API

operationIdstring · mín: 1 · máx: 64Requerido

Unique identifier of the operation

Pattern: [A-Za-z0-9_-]{1,64}
operationstring · enumRequerido

The operation type.

Valores posibles:
statusstring · enumRequerido

Status of the operation

Valores posibles:
startTimestring · mín: 1 · máx: 64Requerido

The time the request has been processed. Format ISO 8601 YYYY-MM-DDThh:mm:ssTZD

Example: 2022-06-16T06:28:02.492Z
endTimestring · mín: 1 · máx: 64Opcional

The time the operation has been completed. Format ISO 8601 YYYY-MM-DDThh:mm:ssTZD note: This is an optional field and might not be returned for synchronous operations.

Example: 2022-06-16T06:28:32.492Z
requestorTypestring · enumRequeridoValores posibles:
requestorIdstringRequerido

Identifier of the principal who initiates the operation

  • consumerId if requestorType is USER
  • issuerId if requestorType is ISSUER
  • cci user id if requestorType is CCI
  • D1 if it's an operation automatically triggered by D1 (can be card suspended due to several authorisation with invalid cvv)
reasonstringOpcional

The reason why the action is performed.

This a free text field in case the Issuer wants to send details, that will be returned in the operations list.

Example: customer was contacted on June 28Pattern: ^[a-zA-Z0-9 ]{1,64}$
reasonCodestring · enumOpcionalValores posibles:
detailsone ofOpcional
o
o
o
o
o
o
o
o
o
o
errorCodestringOpcional

External error code

errorstring · máx: 256Opcional

Human readable string representing the error, only present in case of operation failure

get
/issuers/{issuerId}/cards/{cardId}/operations/{operationId}
AnteriorRegister and ViewSiguiente3 D Secure Operations

Última actualización

¿Te fue útil?