Welcome to our new developer portal! Use the "Ask" button to chat with our AI Agent.
Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Inbound APIs (to Thales D1)

OpenAPI specification for APIs your system calls on Thales D1.

D1-Ecom-DCS-IN-oas3.yaml

Get Access Token

post
/oauth2/token

This request is used by the Merchant Gateway backend to get an access token.

Header parameters
x-correlation-idstringRequired

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Body
grant_typeconst: urn:ietf:params:oauth:grant-type:jwt-bearerRequired

Describes the flow.
In our case we have defined the JWT bearer flow, so you will have to set urn:ietf:params:oauth:grant-type:jwt-bearer

assertionstringRequired

The assertion is the entire JWT value.
Please refer to OAuth2 Access Token for more details on how to generate this JWT.
The JWT must contain the following fields:

  • iss: Issuer of the JWT. It shall be the merchant gateway identifier and it will be used to lookup the onboarded public key.
  • exp: The validity must be the expiration time of the assertion within 15 minutes, expressed as the number of seconds from 1970-01-01T0:0:0Z measured in UTC.
Supported alg: ES256.

Example: ey...HRT8LOON8z
Responses
200

Default allowed response

application/json
access_tokenstringOptional

The access_token that will be used to call the APIs.

Example: ey...HRT6LOON7w
expires_innumberOptional

Remaining time in seconds for the access_token to expire.

Example: 900
token_typestringOptional

Type of the access_token that will be used to call the APIs.

Example: Bearer
scopestringOptional

Scope of the access_token.

Example: d1-s2s:api:merchant-gtw
post
/oauth2/token

Create a Merchant

post
/merchant-gateways/{merchantGatewayId}/merchants

Create a merchant.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Access Token API.
The server checks the validity of the provided token to control access to this protected resource.

Path parameters
merchantGatewayIdstring · min: 10 · max: 10Required

Merchant Gateway Identifier.

Example: MGW_000001Pattern: ^[A-Za-z0-9_-]{10}$
Header parameters
x-correlation-idstringRequired

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Body
merchantNamestring · min: 1 · max: 64Required

An unique merchant name that is end user friendly.

Example: My MerchantPattern: ^[A-Za-z0-9-_. ]+$
Responses
post
/merchant-gateways/{merchantGatewayId}/merchants

Create a Token

post
/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens

Create a token from specified card details.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Access Token API.
The server checks the validity of the provided token to control access to this protected resource.

Path parameters
merchantGatewayIdstring · min: 10 · max: 10Required

Merchant Gateway Identifier.

Example: MGW_000001Pattern: ^[A-Za-z0-9_-]{10}$
merchantIdstring · min: 11 · max: 11Required

Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.

Example: 10610027312Pattern: ^[A-Za-z0-9_-]{11}$
Header parameters
x-correlation-idstringRequired

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Body
encryptedDatastringRequired

The user and card information encrypted in a JWE structure (see data encryption section).

Once decrypted, the JWE plaintext contains the following JSON object:

JSON field parameter namedescriptionMOCLength
fpanThe funding pan to tokenize.MFrom 10 to 19
expThe expiry date in format MMYY.M4
nameThe card holder name in the format FIRSTNAME LASTNAME or as written on the card.OUp to 128 char
cvvThe security code.
It can help the issuer in the decision of approving the payment.		O3 or 4

Example: {"fpan":"5123456789012345", "exp":"0822", "name":"JOHN DOE", "cvv":"123"}

Example: ey...4FT8LOON8z
Responses
post
/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens

Delete a token

delete
/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}

Delete a token.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Access Token API.
The server checks the validity of the provided token to control access to this protected resource.

Path parameters
merchantGatewayIdstring · min: 10 · max: 10Required

Merchant Gateway Identifier.

Example: MGW_000001Pattern: ^[A-Za-z0-9_-]{10}$
merchantIdstring · min: 11 · max: 11Required

Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.

Example: 10610027312Pattern: ^[A-Za-z0-9_-]{11}$
tokenIdstring · min: 1 · max: 48Required

Token unique identifier

Example: 01fb32ff-5ed0-497f-8835-6af0916f29c0Pattern: ^[A-Za-z0-9_-]{1,48}$
Header parameters
x-correlation-idstringRequired

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Responses
delete
/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}
No content

Get the token metadata

get
/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}/metadata

Get token metadata.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Access Token API.
The server checks the validity of the provided token to control access to this protected resource.

Path parameters
merchantGatewayIdstring · min: 10 · max: 10Required

Merchant Gateway Identifier.

Example: MGW_000001Pattern: ^[A-Za-z0-9_-]{10}$
merchantIdstring · min: 11 · max: 11Required

Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.

Example: 10610027312Pattern: ^[A-Za-z0-9_-]{11}$
tokenIdstring · min: 1 · max: 48Required

Token unique identifier

Example: 01fb32ff-5ed0-497f-8835-6af0916f29c0Pattern: ^[A-Za-z0-9_-]{1,48}$
Header parameters
x-correlation-idstringRequired

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Responses
200

Get Token Metadata response

application/json

Notice that the card last digits and the card expiry are always returned except if the card has been deleted by the issuer.

cardLastDigitsstringOptional

The card last digits

If the card is a cobagde card with a primary and an auxiliary PAN, then the primary PAN is used to generate the last digits

Example: 0037Pattern: ^[0-9]{4}$
cardExpiryDatestringOptional

Card expiry date in MMYY format

Example: 0928Pattern: ^(0[1-9]|1[0-2])\d{2}$
tokenStatestring · enumRequired

Token state

Possible values:
creationDateTimestring · date-timeRequired

Creation date time as defined by RFC 3339, section 5.6

lastUpdateDateTimestring · date-timeOptional

Last update date time as defined by RFC 3339, section 5.6

get
/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}/metadata

Create Transaction

post
/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}/transactions

Provide all required data to the Merchant/PSP to build a transaction authorisation request.

Authorizations
AuthorizationstringRequired

A JWT generated by the Get Access Token API.
The server checks the validity of the provided token to control access to this protected resource.

Path parameters
merchantGatewayIdstring · min: 10 · max: 10Required

Merchant Gateway Identifier.

Example: MGW_000001Pattern: ^[A-Za-z0-9_-]{10}$
merchantIdstring · min: 11 · max: 11Required

Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.

Example: 10610027312Pattern: ^[A-Za-z0-9_-]{11}$
tokenIdstring · min: 1 · max: 48Required

Token unique identifier

Example: 01fb32ff-5ed0-497f-8835-6af0916f29c0Pattern: ^[A-Za-z0-9_-]{1,48}$
Header parameters
x-correlation-idstringRequired

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$
Body
transactionIdstringRequired

The unique transaction identifier

Example: Rrn123456789Pattern: ^[A-Za-z0-9]{1,12}$
transactionDateTimestringRequired

UTC Transaction date in 'YYYYMMDDhhmmss' format.

Example: 20260225140530Pattern: ^[0-9]{14}$
amountstringRequired

Amount in the smallest unit of currency, right justified with leading zeros

Example: 000000002100Pattern: ^[0-9]{12}$
currencyCodestringRequired

Currency code as per ISO 4217

Example: 978Pattern: ^[0-9]{3}$
Responses
post
/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}/transactions
PreviousD1 API referenceNextOutbound APIs (from Thales D1)

Last updated

Was this helpful?