> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/merchant-tokenization/ja/bakkuendo/apis/server-api/device-binding.md). # Device Binding ## Delete Device Binding > Delete the binding between a device and a token. ```json {"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Device Binding"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/device-bindings/{tokenId}/{deviceId}":{"delete":{"description":"Delete the binding between a device and a token.","operationId":"deleteDeviceBinding","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/xCorrelationId"},{"$ref":"#/components/parameters/mcCertifiedSolutionId"},{"$ref":"#/components/parameters/tokenId"},{"$ref":"#/components/parameters/credentialId"},{"$ref":"#/components/parameters/deviceId"}],"responses":{"204":{"$ref":"#/components/responses/204"},"400":{"$ref":"#/components/responses/400"},"401":{"$ref":"#/components/responses/401"},"404":{"$ref":"#/components/responses/404"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Device Binding"],"summary":"Delete Device Binding"}}},"components":{"parameters":{"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n
Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true},"xCorrelationId":{"schema":{"type":"string","maxLength":36,"minLength":1},"in":"header","description":"Technical identifier used for troubleshooting. \n
It helps on customer support when needed. \n
Each API request must be identified with a unique correlation Id.\n
It correlates the response and the request and eventually a notification if any. ","name":"x-correlation-id","required":true},"mcCertifiedSolutionId":{"schema":{"type":"string","maxLength":128,"minLength":1},"in":"header","description":"Unique identifier of the Mastercard TAF certified MFA method. \nMust be provided for Mastercard TAF when the binding was created using the Merchant API.\n","name":"mcCertifiedSolutionId"},"tokenId":{"schema":{"type":"string","maxLength":128},"in":"path","description":"The token identifier.","name":"tokenId","required":true},"credentialId":{"schema":{"type":"string","maxLength":128,"minLength":1},"in":"header","description":"The identifier used during Mastercard TAF binding, must be provided for Mastercard TAF when the binding was created using the Merchant API.","name":"credentialId","required":false},"deviceId":{"schema":{"type":"string","maxLength":36},"in":"path","description":"The unique device identifier. Visa deviceId must have 24 characters at maximum.","name":"deviceId","required":true}},"responses":{"204":{"description":"No Content"},"400":{"description":"Bad request - Not Retryable"},"401":{"description":"Unauthorized - Not Retryable"},"404":{"description":"Not Found - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}}} ``` ## Create Binding > Binds a token with a FIDO authenticator as per Mastercard TAF. ```json {"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Device Binding"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/device-bindings":{"post":{"description":"Binds a token with a FIDO authenticator as per Mastercard TAF.","operationId":"createBinding","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/xCorrelationId"}],"responses":{"204":{"$ref":"#/components/responses/204"},"400":{"description":"Bad request - Not Retryable","content":{"application/json":{"schema":{"type":"object","properties":{"errorCode":{"type":"string","maxLength":128,"description":"Optional information that details the error.\n\n|Error Code|Description|\n|-------|-------|\n|INVALID_TOKEN_STATE|The current token state doesn't allow the operation.|\n|INVALID_SIGNATURE|The FIDO signature or IAAV can't be verified by Mastercard.|\n|TSP_NON_RETRYABLE_ERROR|Non retryable errors returned by the TSP.|\n|SCHEME_TECHNICAL_ERROR|Technical error returned by TSP.|\n\n-----------------"},"errorDetails":{"$ref":"#/components/schemas/errorDetails"},"schemeCorrelationId":{"$ref":"#/components/schemas/schemeCorrelationId"}}}}}},"401":{"$ref":"#/components/responses/401"},"404":{"$ref":"#/components/responses/404"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Device Binding"],"summary":"Create Binding","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["tokenId","bindingType","MASTERCARD_TAF_FIDO_IAAV"],"properties":{"tokenId":{"$ref":"#/components/schemas/tokenId"},"bindingType":{"$ref":"#/components/schemas/bindingType"},"MASTERCARD_TAF_FIDO_IAAV":{"$ref":"#/components/schemas/BINDING_MASTERCARD_TAF_FIDO_IAAV"}}}}}}}}},"components":{"parameters":{"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n
Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true},"xCorrelationId":{"schema":{"type":"string","maxLength":36,"minLength":1},"in":"header","description":"Technical identifier used for troubleshooting. \n
It helps on customer support when needed. \n
Each API request must be identified with a unique correlation Id.\n
It correlates the response and the request and eventually a notification if any. ","name":"x-correlation-id","required":true}},"responses":{"204":{"description":"No Content"},"401":{"description":"Unauthorized - Not Retryable"},"404":{"description":"Not Found - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}},"schemas":{"errorDetails":{"type":"string","maxLength":256,"description":"Additional information about the error. This optional parameter has no specific format as it depends on the different TSP API. It is sent for logging and troubleshooting purpose."},"schemeCorrelationId":{"type":"string","maxLength":128,"description":"Identifier used by the schemes for additional support."},"tokenId":{"type":"string","description":"The token identifier.","pattern":"^[a-zA-Z0-9_-]+$","minLength":1,"maxLength":128},"bindingType":{"type":"string","maxLength":64,"description":"The request content depends on the binding type.","enum":["MASTERCARD_TAF_FIDO_IAAV"]},"BINDING_MASTERCARD_TAF_FIDO_IAAV":{"type":"object","description":"List the parameters that are required to bind a token with a FIDO authenticator as per Mastercard TAF.\n\nAt least one 'fidoAuthenticationResponse' or 'fidoRegistrationResponse' must be provided in the request.\n","required":["mcCertifiedSolutionId","credentialId","deviceId","fidoRelyingParty","fidoUserId","isSpcEnabled","mcIaav","verificationTimestamp","mcBindingAssertion"],"properties":{"mcCertifiedSolutionId":{"$ref":"#/components/schemas/mcCertifiedSolutionId"},"credentialId":{"$ref":"#/components/schemas/credentialId"},"deviceId":{"$ref":"#/components/schemas/deviceIdMdes"},"fidoRelyingParty":{"$ref":"#/components/schemas/fidoRelyingParty"},"fidoUserId":{"$ref":"#/components/schemas/fidoUserId"},"isSpcEnabled":{"$ref":"#/components/schemas/isSpcEnabled"},"fidoAuthenticationResponse":{"$ref":"#/components/schemas/fidoAuthenticationResponse"},"fidoRegistrationResponse":{"$ref":"#/components/schemas/fidoRegistrationResponse"},"mcIaav":{"$ref":"#/components/schemas/mcIaav"},"verificationTimestamp":{"$ref":"#/components/schemas/timestamp"},"mcBindingAssertion":{"$ref":"#/components/schemas/mcBindingAssertion"}}},"mcCertifiedSolutionId":{"type":"string","minLength":1,"maxLength":128,"description":"Unique identifier of the Mastercard TAF certified MFA method."},"credentialId":{"type":"string","minLength":1,"maxLength":128,"description":"UUID identifying the FIDO authenticator."},"deviceIdMdes":{"type":"string","description":"The unique device identifier.","minLength":1,"maxLength":36},"fidoRelyingParty":{"type":"string","minLength":1,"maxLength":128,"description":"The FIDO relying party."},"fidoUserId":{"type":"string","minLength":1,"maxLength":128,"description":"The FIDO user identifier."},"isSpcEnabled":{"type":"boolean","description":"Indicates if Secure Payment Confirmation is enabled."},"fidoAuthenticationResponse":{"type":"object","description":"A JSON FIDO public key as per https://www.w3.org/TR/webauthn-3/#iface-pkcredential.\n
Also known as FIDO assertion.\n
Required if fidoRegistrationResponse is not provided.

\nExample:\n
{
\n\"type\": \"public-key\",
\n\"id\": \"h0mC9xtLjggpcvxq4YXepkemUt2oNL5F_-NPpCCcHNE\",
\n\"rawId\": \"h0mC9xtLjggpcvxq4YXepkemUt2oNL5F_-NPpCCcHNE\",
\n\"authenticatorAttachment\": \"platform\",
\n\"response\": {
\n\"clientDataJSON\": \"SZY...In0\",
\n\"authenticatorData\": \"o2Nm...AAA\",
\n\"signature\": \"MEU...VQQ\",
\n\"userHandle\": \"ca7...002\"\n\"transports\": [
\n \"internal\"
\n ]
\n},
\n\"clientExtensionResults\": {}
\n}
"},"fidoRegistrationResponse":{"type":"object","description":"A JSON FIDO public key as per https://www.w3.org/TR/webauthn-3/#iface-pkcredential.\n
Also known as FIDO attestation.\n
Required if fidoAuthenticationResponse is not provided \nExample:\n
{
\n\"type\": \"public-key\",
\n\"id\": \"h0mC9xtLjggpcvxq4YXepkemUt2oNL5F_-NPpCCcHNE\",
\n\"rawId\": \"h0mC9xtLjggpcvxq4YXepkemUt2oNL5F_-NPpCCcHNE\",
\n\"authenticatorAttachment\": \"platform\",
\n\"response\": {
\n\"clientDataJSON\": \"eyJ0...In0\",
\n\"attestationObject\": \"o2Nm...0inQ\",
\n\"transports\": [
\n \"internal\"
\n ]
\n},
\n\"clientExtensionResults\": {}
\n}
"},"mcIaav":{"type":"string","minLength":1,"maxLength":8196,"description":"The issuer IAAV as per Mastercard specifications, so JSON encoded in Base64."},"timestamp":{"type":"string","minLength":1,"maxLength":64,"description":"A timestamp compliant with ISO 8601."},"mcBindingAssertion":{"type":"string","minLength":1,"maxLength":8196,"description":"The binding assertion JWT as per Mastercard specifications."}}}} ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.payments.thalescloud.io/merchant-tokenization/ja/bakkuendo/apis/server-api/device-binding.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.