Data formats, transport, compatibility rules, and deprecation policy for the D1 API.
Requests and responses use JSON. String encoding is UTF-8 unless stated otherwise.
All interfaces use HTTPS. Mutual TLS (mTLS) and OAuth 2.0 are required.
These rules help you build integrations that keep working as the D1 API evolves.
Accept unknown fields. Thales can add Optional parameters in headers, URLs, and bodies. Your integration must not break when new fields appear.
“Strict validation” rejects requests or responses that contain fields not in your current spec version.
Treat error message strings as informational. Do not depend on a fixed format.
Expect requirement changes over time:
Parameters in D1 responses can change from Optional to Required.
Parameters in issuer requests can change from Required to Optional.
Ignore JSON field order.
Accept new enum values.
Expect new API operations (resources and HTTP methods).
Expect new HTTP status codes in responses.
Thales provides notice at least 9 months before end of life for any deprecated API parameter or API operation.
After the deprecation period ends, you must stop using deprecated parameters and operations in all environments, including Production.
Thales may shorten the deprecation period, without limitation to the following conditions:
A significant security risk
A substantial economic or material technical impact
Requirements from applicable law or payment networks
Deprecated API parameters and operations are marked as deprecated in the documentation.
Last updated
Was this helpful?
Was this helpful?