> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/ecom/ja/d1-apiwosuru/d1-apirifarensu/apithales-d1-heno.md). # 入力 API(Thales D1 への) [D1-Ecom-DCS-IN-oas3.yaml](https://openapi.gitbook.com/o/fwy1mtbRONGA2YDKDBr0/spec/D1-Ecom-DCS-IN-oas3.yaml) ## Get Access Token > This request is used by the Merchant Gateway backend to get an access token. ```json {"openapi":"3.1.0","info":{"title":"d1-ecom_dcs-inbound-api","version":"1.0"},"tags":[{"name":"Oauth2"}],"servers":[{"url":"https://api.d1.thalescloud.io/authz/v1","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/authz/v1","description":"Staging server"}],"paths":{"/oauth2/token":{"post":{"tags":["Oauth2"],"summary":"Get Access Token","description":"This request is used by the Merchant Gateway backend to get an access token.","operationId":"getAccessToken","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/auth2Request"}}}},"responses":{"200":{"description":"Default allowed response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/auth2Response"}}}},"400":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------| \n| INVALID_FIELD | Contains the field in error (first found) |\n| MISSING_FIELD | Contains the missing field (first found) | \n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}}}}}},"components":{"parameters":{},"schemas":{"auth2Request":{"type":"object","additionalProperties":false,"properties":{"grant_type":{"$ref":"#/components/schemas/grant_type"},"assertion":{"$ref":"#/components/schemas/assertion"}},"required":["grant_type","assertion"]},"grant_type":{"const":"urn:ietf:params:oauth:grant-type:jwt-bearer","description":"Describes the flow.
In our case we have defined the JWT bearer flow, so you will have to set urn:ietf:params:oauth:grant-type:jwt-bearer"},"assertion":{"type":"string","description":"The assertion is the entire JWT value.
Please refer to [OAuth2 Access Token](/docs/d1-ecom-dcs/f228b234b4203-backend-oauth-2-access-token) for more details on how to generate this JWT.
The JWT must contain the following fields: Supported alg: ES256."},"auth2Response":{"type":"object","additionalProperties":false,"properties":{"access_token":{"$ref":"#/components/schemas/access_token"},"expires_in":{"$ref":"#/components/schemas/expires_in"},"token_type":{"$ref":"#/components/schemas/token_type"},"scope":{"$ref":"#/components/schemas/scope"}}},"access_token":{"type":"string","description":"The access_token that will be used to call the APIs."},"expires_in":{"type":"number","description":"Remaining time in seconds for the access_token to expire."},"token_type":{"type":"string","description":"Type of the access_token that will be used to call the APIs."},"scope":{"type":"string","description":"Scope of the access_token."},"error":{"type":"object","additionalProperties":false,"properties":{"errorCode":{"type":"string","description":"The type of error"},"error":{"type":"string","description":"Provide additional information about the error if possible.
\nUsed for logging and troubleshooting purpose. It can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}}}} ``` ## Create a Merchant > Create a merchant. ```json {"openapi":"3.1.0","info":{"title":"d1-ecom_dcs-inbound-api","version":"1.0"},"tags":[{"name":"Merchant Onboarding"}],"servers":[{"url":"https://api.d1.thalescloud.io/ecom-dcs","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/ecom-dcs","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","description":"A JWT generated by the [Get Access Token API](reference/d1-ecom_dcs-inbound-api.yaml/paths/~1oauth2~1token/post).
\nThe server checks the validity of the provided token to control access to this protected resource.","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"merchant-gateway-id-path":{"name":"merchantGatewayId","in":"path","description":"The merchant gateway identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantGatewayId"}}},"schemas":{"merchantGatewayId":{"type":"string","description":"Merchant Gateway Identifier.","pattern":"^[A-Za-z0-9_-]{10}$","minLength":10,"maxLength":10},"createMerchantRequest":{"type":"object","additionalProperties":false,"properties":{"merchantName":{"$ref":"#/components/schemas/merchantName"}},"required":["merchantName"]},"merchantName":{"type":"string","description":"An unique merchant name that is end user friendly.","pattern":"^[A-Za-z0-9-_. ]+$","minLength":1,"maxLength":64},"createMerchantResponse":{"type":"object","additionalProperties":false,"properties":{"merchantId":{"$ref":"#/components/schemas/merchantId"},"creationDateTime":{"$ref":"#/components/schemas/creationDateTime"}},"required":["merchantId","creationDateTime"]},"merchantId":{"type":"string","description":"Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.","pattern":"^[A-Za-z0-9_-]{11}$","minLength":11,"maxLength":11},"creationDateTime":{"type":"string","description":"Creation date time as defined by RFC 3339, section 5.6","format":"date-time"},"error":{"type":"object","additionalProperties":false,"properties":{"errorCode":{"type":"string","description":"The type of error"},"error":{"type":"string","description":"Provide additional information about the error if possible.
\nUsed for logging and troubleshooting purpose. It can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"401":{"description":"Unauthorized - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}},"paths":{"/merchant-gateways/{merchantGatewayId}/merchants":{"post":{"tags":["Merchant Onboarding"],"summary":"Create a Merchant","description":"Create a merchant.","operationId":"createMerchant","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/merchant-gateway-id-path"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/createMerchantRequest"}}}},"responses":{"201":{"description":"Created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/createMerchantResponse"}}}},"400":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------| \n| FIELD_INVALID_FORMAT | JSON not well formatted or one field is not expected format as defined in this documentation (first found) |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"401":{"$ref":"#/components/responses/401"},"403":{"description":"Forbidden - Not Retryable\n |Error Code|Description|\n |-------|-------| \n | AUTHORIZER_FORBIDDEN | User is not authorized to access this resource |\n\n -----------------"},"500":{"description":"Server Error - Not Retryable\n\n|Error Code|Description|\n|-------|-------| \n| INTERNAL_ERROR | Internal D1 error |\n| TSP_ERROR | An error occurred with TSP |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"503":{"$ref":"#/components/responses/503"}}}}}} ``` ## Create a Token > Create a token from specified card details. ````json {"openapi":"3.1.0","info":{"title":"d1-ecom_dcs-inbound-api","version":"1.0"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://api.d1.thalescloud.io/ecom-dcs","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/ecom-dcs","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","description":"A JWT generated by the [Get Access Token API](reference/d1-ecom_dcs-inbound-api.yaml/paths/~1oauth2~1token/post).
\nThe server checks the validity of the provided token to control access to this protected resource.","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"merchant-gateway-id-path":{"name":"merchantGatewayId","in":"path","description":"The merchant gateway identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantGatewayId"}},"merchant-id-path":{"name":"merchantId","in":"path","description":"The merchant identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantId"}}},"schemas":{"merchantGatewayId":{"type":"string","description":"Merchant Gateway Identifier.","pattern":"^[A-Za-z0-9_-]{10}$","minLength":10,"maxLength":10},"merchantId":{"type":"string","description":"Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.","pattern":"^[A-Za-z0-9_-]{11}$","minLength":11,"maxLength":11},"createTokenRequest":{"type":"object","additionalProperties":false,"properties":{"encryptedData":{"$ref":"#/components/schemas/encryptedCardAndUserData"}},"required":["encryptedData"]},"encryptedCardAndUserData":{"type":"string","description":"The user and card information encrypted in a JWE structure (see data encryption section).\n\nOnce decrypted, the JWE plaintext contains the following JSON object:\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|fpan|The funding pan to tokenize.|M|From 10 to 19|\n|exp|The expiry date in format MMYY.|M|4| \n|name|The card holder name in the format FIRSTNAME LASTNAME or as written on the card.|O|Up to 128 char|\n|cvv|The security code.
It can help the issuer in the decision of approving the payment.|O|3 or 4|\n\n**Example**: ```{\"fpan\":\"5123456789012345\", \"exp\":\"0822\", \"name\":\"JOHN DOE\", \"cvv\":\"123\"}```"},"createTokenResponse":{"type":"object","additionalProperties":false,"properties":{"tokenId":{"$ref":"#/components/schemas/tokenId"},"cardLastDigits":{"$ref":"#/components/schemas/cardLastDigits"},"cardExpiryDate":{"$ref":"#/components/schemas/cardExpiryDate"},"tokenState":{"$ref":"#/components/schemas/tokenState"},"encryptedTokenData":{"$ref":"#/components/schemas/encryptedTokenData"},"creationDateTime":{"$ref":"#/components/schemas/creationDateTime"}},"required":["tokenId","cardLastDigits","cardExpiryDate","tokenState","encryptedTokenData","creationDateTime"]},"tokenId":{"type":"string","description":"Token unique identifier","pattern":"^[A-Za-z0-9_-]{1,48}$","minLength":1,"maxLength":48},"cardLastDigits":{"type":"string","description":"The card last digits\n\nIf the card is a cobagde card with a primary and an auxiliary PAN, then the primary PAN is used to generate the last digits\n","pattern":"^[0-9]{4}$"},"cardExpiryDate":{"type":"string","description":"Card expiry date in MMYY format","pattern":"^(0[1-9]|1[0-2])\\d{2}$"},"tokenState":{"type":"string","enum":["ACTIVE","SUSPENDED","DELETED"],"description":"Token state"},"encryptedTokenData":{"type":"string","description":"The token data encrypted in a JWE structure (see data encryption section).\n\nOnce decrypted, the JWE plaintext contains the following JSON object:\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|dpan|The token pan value.|M|From 10 to 19|\n|exp|The token expiry date in format MMYY.|M|4| \n\n**Example**: ```{\"dpan\":\"5123456789012345\", \"exp\":\"0822\"}```"},"creationDateTime":{"type":"string","description":"Creation date time as defined by RFC 3339, section 5.6","format":"date-time"},"error":{"type":"object","additionalProperties":false,"properties":{"errorCode":{"type":"string","description":"The type of error"},"error":{"type":"string","description":"Provide additional information about the error if possible.
\nUsed for logging and troubleshooting purpose. It can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"401":{"description":"Unauthorized - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}},"paths":{"/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens":{"post":{"tags":["Token Management"],"summary":"Create a Token","description":"Create a token from specified card details.","operationId":"createToken","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/merchant-gateway-id-path"},{"$ref":"#/components/parameters/merchant-id-path"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/createTokenRequest"}}}},"responses":{"201":{"description":"Created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/createTokenResponse"}}}},"400":{"description":"Bad Request - Not Retryable\n|Error Code|Description|\n|-------|-------| \n| FIELD_INVALID_FORMAT | JSON not well formatted or one field is not expected format as defined in this documentation (first found) |\n| CRYPTO_ERROR | Unable to decrypt payload |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"401":{"$ref":"#/components/responses/401"},"403":{"description":"Forbidden - Not Retryable\n\n|Error Code|Description|\n|-------|-------| \n| AUTHORIZER_FORBIDDEN | User is not authorized to access this resource | \n|PAN_NOT_ELIGIBLE|The PAN is not eligible for tokenization. For a cobadge card having an auxiliary PAN, this error is returned if the auxiliary PAN has never been registered by the card issuer into D1.| \n|ISSUER_DECLINED|The Issuer declined the tokenization.|\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"404":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------|\n|UNKNOWN_ISSUER|Not able to identify the card issuer. The PAN used in the request does not match any card registered in D1 by an issuer.|\n|UNKNOWN_MERCHANT|Not able to identify the merchant.|\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"500":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------|\n| INTERNAL_ERROR | Internal D1 error |\n| TSP_ERROR | An error occurred with TSP |\n| ISSUER_ERROR | An error occurred with Issuer |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"503":{"$ref":"#/components/responses/503"}}}}}} ```` ## Delete a token > Delete a token. ```json {"openapi":"3.1.0","info":{"title":"d1-ecom_dcs-inbound-api","version":"1.0"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://api.d1.thalescloud.io/ecom-dcs","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/ecom-dcs","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","description":"A JWT generated by the [Get Access Token API](reference/d1-ecom_dcs-inbound-api.yaml/paths/~1oauth2~1token/post).
\nThe server checks the validity of the provided token to control access to this protected resource.","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"merchant-gateway-id-path":{"name":"merchantGatewayId","in":"path","description":"The merchant gateway identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantGatewayId"}},"merchant-id-path":{"name":"merchantId","in":"path","description":"The merchant identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantId"}},"token-id-path":{"name":"tokenId","in":"path","description":"The token identifier","required":true,"schema":{"$ref":"#/components/schemas/tokenId"}}},"schemas":{"merchantGatewayId":{"type":"string","description":"Merchant Gateway Identifier.","pattern":"^[A-Za-z0-9_-]{10}$","minLength":10,"maxLength":10},"merchantId":{"type":"string","description":"Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.","pattern":"^[A-Za-z0-9_-]{11}$","minLength":11,"maxLength":11},"tokenId":{"type":"string","description":"Token unique identifier","pattern":"^[A-Za-z0-9_-]{1,48}$","minLength":1,"maxLength":48},"error":{"type":"object","additionalProperties":false,"properties":{"errorCode":{"type":"string","description":"The type of error"},"error":{"type":"string","description":"Provide additional information about the error if possible.
\nUsed for logging and troubleshooting purpose. It can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"204":{"description":"No Content"},"401":{"description":"Unauthorized - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}},"paths":{"/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}":{"delete":{"tags":["Token Management"],"summary":"Delete a token","description":"Delete a token.","operationId":"deleteToken","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/merchant-gateway-id-path"},{"$ref":"#/components/parameters/merchant-id-path"},{"$ref":"#/components/parameters/token-id-path"}],"responses":{"204":{"$ref":"#/components/responses/204"},"400":{"description":"Bad Request - Not Retryable\n|Error Code|Description|\n|-------|-------| \n| FIELD_INVALID_FORMAT | JSON not well formatted or one field is not expected format as defined in this documentation (first found) |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"401":{"$ref":"#/components/responses/401"},"403":{"description":"Forbidden - Not Retryable\n |Error Code|Description|\n |-------|-------| \n | AUTHORIZER_FORBIDDEN | User is not authorized to access this resource |\n\n -----------------"},"404":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------|\n|UNKNOWN_TOKEN|Not able to identify the token.|\n|UNKNOWN_MERCHANT|Not able to identify the merchant.|\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"500":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------|\n| INTERNAL_ERROR | Internal D1 error |\n| TSP_ERROR | An error occurred with TSP |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"503":{"$ref":"#/components/responses/503"}}}}}} ``` ## Get the token metadata > Get token metadata. ```json {"openapi":"3.1.0","info":{"title":"d1-ecom_dcs-inbound-api","version":"1.0"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://api.d1.thalescloud.io/ecom-dcs","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/ecom-dcs","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","description":"A JWT generated by the [Get Access Token API](reference/d1-ecom_dcs-inbound-api.yaml/paths/~1oauth2~1token/post).
\nThe server checks the validity of the provided token to control access to this protected resource.","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"merchant-gateway-id-path":{"name":"merchantGatewayId","in":"path","description":"The merchant gateway identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantGatewayId"}},"merchant-id-path":{"name":"merchantId","in":"path","description":"The merchant identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantId"}},"token-id-path":{"name":"tokenId","in":"path","description":"The token identifier","required":true,"schema":{"$ref":"#/components/schemas/tokenId"}}},"schemas":{"merchantGatewayId":{"type":"string","description":"Merchant Gateway Identifier.","pattern":"^[A-Za-z0-9_-]{10}$","minLength":10,"maxLength":10},"merchantId":{"type":"string","description":"Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.","pattern":"^[A-Za-z0-9_-]{11}$","minLength":11,"maxLength":11},"tokenId":{"type":"string","description":"Token unique identifier","pattern":"^[A-Za-z0-9_-]{1,48}$","minLength":1,"maxLength":48},"getTokenMetadataResponse":{"type":"object","description":"Notice that the card last digits and the card expiry are always returned except if the card has been deleted by the issuer.","additionalProperties":false,"properties":{"cardLastDigits":{"$ref":"#/components/schemas/cardLastDigits"},"cardExpiryDate":{"$ref":"#/components/schemas/cardExpiryDate"},"tokenState":{"$ref":"#/components/schemas/tokenState"},"creationDateTime":{"$ref":"#/components/schemas/creationDateTime"},"lastUpdateDateTime":{"type":"string","description":"Last update date time as defined by RFC 3339, section 5.6","format":"date-time"}},"required":["tokenState","creationDateTime"]},"cardLastDigits":{"type":"string","description":"The card last digits\n\nIf the card is a cobagde card with a primary and an auxiliary PAN, then the primary PAN is used to generate the last digits\n","pattern":"^[0-9]{4}$"},"cardExpiryDate":{"type":"string","description":"Card expiry date in MMYY format","pattern":"^(0[1-9]|1[0-2])\\d{2}$"},"tokenState":{"type":"string","enum":["ACTIVE","SUSPENDED","DELETED"],"description":"Token state"},"creationDateTime":{"type":"string","description":"Creation date time as defined by RFC 3339, section 5.6","format":"date-time"},"error":{"type":"object","additionalProperties":false,"properties":{"errorCode":{"type":"string","description":"The type of error"},"error":{"type":"string","description":"Provide additional information about the error if possible.
\nUsed for logging and troubleshooting purpose. It can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"401":{"description":"Unauthorized - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}},"paths":{"/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}/metadata":{"get":{"tags":["Token Management"],"summary":"Get the token metadata","description":"Get token metadata.","operationId":"getTokenMetadata","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/merchant-gateway-id-path"},{"$ref":"#/components/parameters/merchant-id-path"},{"$ref":"#/components/parameters/token-id-path"}],"responses":{"200":{"description":"Get Token Metadata response","content":{"application/json":{"schema":{"$ref":"#/components/schemas/getTokenMetadataResponse"}}}},"400":{"description":"Bad Request - Not Retryable\n|Error Code|Description|\n|-------|-------| \n| FIELD_INVALID_FORMAT | JSON not well formatted or one field is not expected format as defined in this documentation (first found) |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"401":{"$ref":"#/components/responses/401"},"403":{"description":"Forbidden - Not Retryable\n |Error Code|Description|\n |-------|-------| \n | AUTHORIZER_FORBIDDEN | User is not authorized to access this resource |\n\n -----------------"},"404":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------|\n|UNKNOWN_TOKEN|Not able to identify the token.|\n|UNKNOWN_MERCHANT|Not able to identify the merchant.|\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"500":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------|\n| INTERNAL_ERROR | Internal D1 error |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"503":{"$ref":"#/components/responses/503"}}}}}} ``` ## Create Transaction > Provide all required data to the Merchant/PSP to build a transaction authorisation request. ````json {"openapi":"3.1.0","info":{"title":"d1-ecom_dcs-inbound-api","version":"1.0"},"tags":[{"name":"Transaction Management"}],"servers":[{"url":"https://api.d1.thalescloud.io/ecom-dcs","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/ecom-dcs","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","description":"A JWT generated by the [Get Access Token API](reference/d1-ecom_dcs-inbound-api.yaml/paths/~1oauth2~1token/post).
\nThe server checks the validity of the provided token to control access to this protected resource.","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"merchant-gateway-id-path":{"name":"merchantGatewayId","in":"path","description":"The merchant gateway identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantGatewayId"}},"merchant-id-path":{"name":"merchantId","in":"path","description":"The merchant identifier","required":true,"schema":{"$ref":"#/components/schemas/merchantId"}},"token-id-path":{"name":"tokenId","in":"path","description":"The token identifier","required":true,"schema":{"$ref":"#/components/schemas/tokenId"}}},"schemas":{"merchantGatewayId":{"type":"string","description":"Merchant Gateway Identifier.","pattern":"^[A-Za-z0-9_-]{10}$","minLength":10,"maxLength":10},"merchantId":{"type":"string","description":"Merchant Identifier (aka Token Requestor ID) generated by the scheme TSP for that merchant.","pattern":"^[A-Za-z0-9_-]{11}$","minLength":11,"maxLength":11},"tokenId":{"type":"string","description":"Token unique identifier","pattern":"^[A-Za-z0-9_-]{1,48}$","minLength":1,"maxLength":48},"createTransactionRequest":{"type":"object","additionalProperties":false,"properties":{"transactionId":{"type":"string","description":"The unique transaction identifier","pattern":"^[A-Za-z0-9]{1,12}$"},"transactionDateTime":{"type":"string","description":"UTC Transaction date in 'YYYYMMDDhhmmss' format.","pattern":"^[0-9]{14}$"},"amount":{"type":"string","description":"Amount in the smallest unit of currency, right justified with leading zeros","pattern":"^[0-9]{12}$"},"currencyCode":{"type":"string","description":"Currency code as per ISO 4217","pattern":"^[0-9]{3}$"}},"required":["transactionId","transactionDateTime","amount","currencyCode"]},"createTransactionResponse":{"type":"object","additionalProperties":false,"properties":{"encryptedData":{"type":"string","description":"The payment credentials data encrypted in a JWE structure (see security section in the documentation).\n\nOnce decrypted, the JWE plaintext contains the following JSON object:\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|dpan|The token PAN value|M|Up to 19|\n|exp|The token expiry date in the format MMYY|M|4|\n|cryptogram|The payment cryptogram to use with the token for a payment|M|Up to 256|\n\n**Example**: ```{\"dpan:\"9580981500100002\", \"exp\":\"1222\", \"cryptogram\": \"45f8grzty7f4f5gs5s2c\"}``` "}},"required":["encryptedData"]},"error":{"type":"object","additionalProperties":false,"properties":{"errorCode":{"type":"string","description":"The type of error"},"error":{"type":"string","description":"Provide additional information about the error if possible.
\nUsed for logging and troubleshooting purpose. It can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"401":{"description":"Unauthorized - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}},"paths":{"/merchant-gateways/{merchantGatewayId}/merchants/{merchantId}/tokens/{tokenId}/transactions":{"post":{"tags":["Transaction Management"],"summary":"Create Transaction","description":"Provide all required data to the Merchant/PSP to build a transaction authorisation request.","operationId":"createTransaction","parameters":[{"$ref":"#/components/parameters/x-correlation-id-header"},{"$ref":"#/components/parameters/merchant-gateway-id-path"},{"$ref":"#/components/parameters/merchant-id-path"},{"$ref":"#/components/parameters/token-id-path"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/createTransactionRequest"}}}},"responses":{"201":{"description":"Created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/createTransactionResponse"}}}},"400":{"description":"Bad Request - Not Retryable\n|Error Code|Description|\n|-------|-------| \n| FIELD_INVALID_FORMAT | JSON not well formatted or one field is not expected format as defined in this documentation (first found) |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"401":{"$ref":"#/components/responses/401"},"403":{"description":"Forbidden - Not Retryable\n |Error Code|Description|\n |-------|-------| \n | AUTHORIZER_FORBIDDEN | User is not authorized to access this resource |\n | OPERATION_NOT_ALLOWED | Invalid token state |\n\n -----------------"},"404":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------|\n|UNKNOWN_TOKEN|Not able to identify the token.|\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"500":{"description":"Bad Request - Not Retryable\n\n|Error Code|Description|\n|-------|-------|\n| INTERNAL_ERROR | Internal D1 error |\n| TSP_ERROR | An error occurred with TSP |\n\n-----------------","content":{"application/json":{"schema":{"$ref":"#/components/schemas/error"}}}},"503":{"$ref":"#/components/responses/503"}}}}}} ```` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.payments.thalescloud.io/ecom/ja/d1-apiwosuru/d1-apirifarensu/apithales-d1-heno.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.