> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/merchant-tokenization/ja/bakkuendo/apis/server-api/token-management.md).

# Token Management

## Create Token

> \*\*\<span style="color:red">Important:\</span>\*\* Use this operation only when the end user is interacting with the merchant website or application and when a fast response time is important. It takes in average 2-3 seconds to obtain a token with this operation. For all other use cases, it is preferred to use the operation '\*\*createAsyncToken\*\*'.\
> \
> Create a network token from card details.\
> \
> ETP contacts the Scheme TSP to get the network token.

```json
{"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/tokens":{"post":{"description":"**<span style=\"color:red\">Important:</span>** Use this operation only when the end user is interacting with the merchant website or application and when a fast response time is important. It takes in average 2-3 seconds to obtain a token with this operation. For all other use cases, it is preferred to use the operation '**createAsyncToken**'.\n\nCreate a network token from card details.\n\nETP contacts the Scheme TSP to get the network token.","operationId":"createToken","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/xCorrelationId"}],"responses":{"201":{"description":"Created","content":{"application/json":{"schema":{"type":"object","properties":{"tokenId":{"$ref":"#/components/schemas/tokenId"},"cardBin":{"$ref":"#/components/schemas/cardBin"},"cardLastDigits":{"$ref":"#/components/schemas/cardLastDigits"},"cardExpiryDate":{"$ref":"#/components/schemas/cardExpiryDate"},"tokenLastDigits":{"$ref":"#/components/schemas/tokenLastDigits"},"tokenExpiryDate":{"$ref":"#/components/schemas/tokenExpiryDate"},"tokenState":{"$ref":"#/components/schemas/tokenState"},"par":{"$ref":"#/components/schemas/par"},"vProvisionedTokenId":{"$ref":"#/components/schemas/vProvisionedTokenId"},"cardProduct":{"$ref":"#/components/schemas/cardProduct"},"color":{"$ref":"#/components/schemas/color"},"creationTimestamp":{"$ref":"#/components/schemas/creationTimestamp"}},"required":["tokenId","tokenState","creationTimestamp"]}}}},"400":{"description":"Bad request - Not Retryable","content":{"application/json":{"schema":{"type":"object","properties":{"errorCode":{"type":"string","maxLength":128,"description":"Optional information that details the error.\n\n-----------------\n|Error Code|Description|\n|-------|-------|\n|CRYPTO_ERROR|The server could not decrypt the data sent in the request.|\n|UNKNOWN_CARD|The server is not able to identify the card scheme and so the associated TSP.|\n|TSP_NON_RETRYABLE_ERROR|Non retryable errors returned by the TSP.|\n|INVALID_PAN_DATA|The PAN data is invalid.|\n|VISA_VCES_INVALID_EXP_DATE|Card exp date is not present or is expired and Visa VCES is not activated.|\n|PAN_NOT_ELIGIBLE|The Issuer considers the PAN as not eligible for tokenization.|\n|UNKNOWN_MERCHANT|The merchantId is probably wrong.|\n|ISSUER_DECLINED|The Issuer declined the tokenization.|\n|SCHEME_TECHNICAL_ERROR|Technical error returned by TSP.|\n\n-----------------"},"errorDetails":{"$ref":"#/components/schemas/errorDetails"},"schemeCorrelationId":{"$ref":"#/components/schemas/schemeCorrelationId"}}}}}},"401":{"$ref":"#/components/responses/401"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Token Management"],"summary":"Create Token","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["merchantId","encryptedData","source","language","country"],"properties":{"merchantId":{"$ref":"#/components/schemas/merchantId"},"encryptedData":{"$ref":"#/components/schemas/encryptedUserInfoSync"},"source":{"$ref":"#/components/schemas/sourceSync"},"risk":{"$ref":"#/components/schemas/risk"},"language":{"$ref":"#/components/schemas/language"},"country":{"$ref":"#/components/schemas/country"},"device":{"$ref":"#/components/schemas/device"}}}}}}}}},"components":{"parameters":{"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n</br> Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true},"xCorrelationId":{"schema":{"type":"string","maxLength":36,"minLength":1},"in":"header","description":"Technical identifier used for troubleshooting. \n</br>It helps on customer support when needed. \n</br>Each API request must be identified with a unique correlation Id.\n</br>It correlates the response and the request and eventually a notification if any. ","name":"x-correlation-id","required":true}},"schemas":{"tokenId":{"type":"string","description":"The token identifier.","pattern":"^[a-zA-Z0-9_-]+$","minLength":1,"maxLength":128},"cardBin":{"type":"string","description":"The card bin returned by the scheme, just available for VISA and Mastercard SCOF.","minLength":6,"maxLength":8},"cardLastDigits":{"type":"string","maxLength":5,"description":"The card last digits."},"cardExpiryDate":{"type":"string","maxLength":4,"description":"The card expiry date in format MMYY."},"tokenLastDigits":{"type":"string","maxLength":5,"description":"The token last digits."},"tokenExpiryDate":{"type":"string","maxLength":4,"description":"The token expiry date in format MMYY. This information can be missing. It is intended for display only at this step.<br>Rely on token expiry date in create transaction response for storage."},"tokenState":{"type":"string","maxLength":64,"description":"Token state.</br>PCI token state can only be 'ACTIVE' or 'DELETED'.","enum":["ACTIVE","SUSPENDED","DELETED","PENDING"]},"par":{"type":"string","maxLength":29,"description":"Payment Account Reference returned by the Scheme TSP."},"vProvisionedTokenId":{"type":"string","description":"Specific to Visa. Another token identifier that shall be used only with Visa Cloud Token Framework.","minLength":1,"maxLength":36},"cardProduct":{"type":"object","description":"Information about the card product.","required":["cardType","scheme"],"properties":{"issuerName":{"$ref":"#/components/schemas/issuerName"},"cardType":{"$ref":"#/components/schemas/cardType"},"scheme":{"$ref":"#/components/schemas/scheme"},"supportVisaCTF":{"$ref":"#/components/schemas/supportVisaCTF"},"supportMastercardTAF":{"$ref":"#/components/schemas/supportMastercardTAF"},"supportMastercardLiabilityShift":{"$ref":"#/components/schemas/supportMastercardLiabilityShift"},"cardDescription":{"$ref":"#/components/schemas/cardDescription"},"cardArts":{"$ref":"#/components/schemas/cardArts"},"termsAndConditionsUrl":{"$ref":"#/components/schemas/termsAndConditionsUrl"},"privacyPolicyUrl":{"$ref":"#/components/schemas/privacyPolicyUrl"}}},"issuerName":{"type":"string","maxLength":128,"description":"The card issuer name."},"cardType":{"type":"string","description":"The card type.","maxLength":32,"enum":["CREDIT","DEBIT","PREPAID","UNKNOWN"]},"scheme":{"type":"string","description":"The card primary scheme.","maxLength":32,"enum":["MASTERCARD","VISA","AMEX","DISCOVER","ELO","UNKNOWN"]},"supportVisaCTF":{"type":"boolean","description":"Indicate if Visa Cloud Token Framework is available."},"supportMastercardTAF":{"type":"boolean","description":"Indicate if Mastercard Token Authentication Framework is available."},"supportMastercardLiabilityShift":{"type":"boolean","description":"For Mastercard indicates whether the Multi Factor Authentication method & account PAN are eligible for Fraud Liability Protection"},"cardDescription":{"type":"string","maxLength":256,"description":"The card description."},"cardArts":{"type":"object","properties":{"foregroundColor":{"type":"string","maxLength":6,"description":"Color used for the text displayed on the card (last digits, expiry date). Hexadecimal RGB color format."},"backgroundColor":{"type":"string","maxLength":6,"description":"Color used for card background. Hexadecimal RGB color format."},"cardBackgroundImageId":{"type":"string","maxLength":128,"description":"Asset identifier of the card background image. It doesn't contain the issuer/brand/co-brand logo."},"issuerLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the issuer logo."},"brandLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the primary brand logo."},"cobrandLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the cobrand logo."},"completeCardImageId":{"type":"string","maxLength":128,"description":"Asset identifier of the complete card image. Shall be preferred over the other assets when present."},"cardIconId":{"type":"string","maxLength":128,"description":"Asset identifier of the card icon."},"cardImageUrl":{"type":"string","maxLength":512,"description":"HTTP location of the card image. If present, no other identifier is provided and getAsset operation is not needed."}}},"termsAndConditionsUrl":{"type":"string","maxLength":512,"description":"Card issuer terms and conditions URL."},"privacyPolicyUrl":{"type":"string","maxLength":512,"description":"Card issuer privacy policy URL."},"color":{"type":"string","maxLength":32,"description":"Deprecated.","enum":["GREEN"]},"creationTimestamp":{"type":"string","maxLength":64,"description":"Token creation timestamp compliant with ISO 8601."},"errorDetails":{"type":"string","maxLength":256,"description":"Additional information about the error. This optional parameter has no specific format as it depends on the different TSP API. It is sent for logging and troubleshooting purpose."},"schemeCorrelationId":{"type":"string","maxLength":128,"description":"Identifier used by the schemes for additional support."},"merchantId":{"type":"string","description":"Identifier of the merchant provided by Thales at on-boarding.","minLength":1,"maxLength":128},"encryptedUserInfoSync":{"type":"string","minLength":1,"maxLength":8196,"description":"The user and card information encrypted in a JWE structure (see security section in the documentation).\n\nOnce decrypted, the JWE plaintext contains the following JSON object:\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|fpan|The funding pan to tokenize. </br>Value expected when 'source' parameter is 'MANUAL' or 'ON_FILE'.|C|Up to 19|\n|exp|The expiry date in format MMYY. </br>Value expected when 'source' parameter is 'MANUAL' or 'ON_FILE'. </br>Optional when VCES feature is activated for VISA|C|4|\n|token|Token number. </br>Value expected when 'source' parameter is 'TOKEN'.|C|Up to 19|\n|name|The card holder name in the format FIRSTNAME LASTNAME or as written on the card. MDES limits the length to 27 characters so ETP may truncate the provided value.</br>This parameter is <font color=\"red\">mandatory</font> for Discover card tokenization.|O|256|\n|cvv|The security code.</br>It can help the issuer in the decision of approving the payment.|O|3 or 4|\n|accountId|The card holder account identifier defined by the Merchant. </br>It can help the issuer in the decision of approving the payment.|O|24|\n|email|The card holder email.</br>This parameter is <font color=\"red\">mandatory</font> for AMEX card tokenization.|O|128|\n\nExample: {\"fpan\":\"5123456789012345\", \"exp\":\"0822\", \"name\":\"JOHN DOE\", \"cvv\":\"123\", \"accountId\":\"johndoe\", \"email\":\"john@doe.com\"}"},"sourceSync":{"type":"string","maxLength":32,"description":"The card info entry mode.</br>'MANUAL' It can help the issuer in the decision of approving the payment. </br>'TOKEN' is allowed just for Visa, used by token per token feature","enum":["CARD_ON_FILE","MANUAL","TOKEN"]},"risk":{"type":"object","description":"Parameters linked to the risk level evaluated by the Token Requestor.       </br>It can help the issuer in the decision of approving the payment.","properties":{"accountScore":{"$ref":"#/components/schemas/accountScore"}}},"accountScore":{"type":"integer","minimum":1,"maximum":5,"description":"Risk level associated to the account.\nIf provided, the value is forwarded to Mastercard TSP (MDES) or Visa TSP (VTS).\n\n|Value|Description|\n|-------|-------|\n|1| High risk level:<li>No successful authentication within last 30 days.</li><li>Suspect behavior (frequent token delete).</li><li>Fraudulent activity due to illegitimate consumer behavior identified.</li>|\n|2|Risky account:<li>Recent password reset.</li><li>Recent unusual number of failed logins.</li>|\n|3|Neutral account:<li>New account or no known good or bad history.</li>|\n|4|Trusted account:<li>Account tenure of at least 6 months AND positive financial activity each month for at least three months.</li>|\n|5|Highly trusted account:<li>Consumer successfully authenticated within last 30 days.</li><li>Account tenure of at least 12 months AND positive financial activity each month for at least six months.</li>|"},"language":{"type":"string","default":"en","minLength":2,"maxLength":2,"description":"Card holder language in ISO-639-1 two-letter language code."},"country":{"type":"string","minLength":2,"maxLength":2,"description":"Card holder country in ISO-3166-1 alpha-2 two-letter country code."},"device":{"type":"object","description":"Information about the card holder's device.</br> It can help the issuer in the decision of approving the payment.","properties":{"ipAddress":{"$ref":"#/components/schemas/ipAddress"},"location":{"$ref":"#/components/schemas/location"}}},"ipAddress":{"type":"string","minLength":1,"maxLength":64,"description":"The card holder's device IP address in format IPv4 or IPv6. The parameter is <font color=\"red\">mandatory</font> for AMEX card digitization in case the 'source' is 'MANUAL'. </br>For the other schemes, it is optional and is sent to Visa or Mastercard if format is IPv4."},"location":{"type":"string","minLength":1,"maxLength":32,"description":"The card holder's device location.</br>\n</br>Format requirements:\n* Latitude is between -90 and 90 degrees.\n* Longitude is between -180 and 180 degrees.\n* For positive value, the sign '+' shall not be provided.\n* Values are provided in decimal degrees with a precision of 4 decimal places.\n* Latitude and longitude are separated by a comma.\n* Spaces are not allowed.\n\nExamples: \n* '47.0880,2.3635'\n* '51.5306,-133.7224'\n* '-10.0000,-111.0000'"}},"responses":{"401":{"description":"Unauthorized - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}}}
```

## Create Async Token

> Create a network token from card details. \
> \
> ETP contacts the Scheme TSP to get the network token.\
> \
> The process is asynchronous. It takes few seconds to get the callback except for VISA where it takes from 10 minutes to several hours.\
> \
> A notification 'notifyTokenCreation' is sent to the Merchant/PSP to complete the token creation process.\
> \
> The notification shares the same 'x-correlation-id' as in the create token request.<br>

```json
{"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/async-tokens":{"post":{"description":"Create a network token from card details. \n\nETP contacts the Scheme TSP to get the network token.\n\nThe process is asynchronous. It takes few seconds to get the callback except for VISA where it takes from 10 minutes to several hours.\n\nA notification 'notifyTokenCreation' is sent to the Merchant/PSP to complete the token creation process.\n\nThe notification shares the same 'x-correlation-id' as in the create token request.\n","operationId":"createAsyncToken","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/xCorrelationId"}],"responses":{"202":{"$ref":"#/components/responses/202"},"400":{"description":"Bad request - Not Retryable","content":{"application/json":{"schema":{"type":"object","properties":{"errorCode":{"type":"string","maxLength":128,"description":"Optional information that details the error.\n\n-----------------\n|Error Code|Description|\n|-------|-------|\n|CRYPTO_ERROR|The server could not decrypt the data sent in the request.|\n|UNKNOWN_CARD|The server is not able to identify the card scheme and so the associated TSP.|\n|VISA_VCES_INVALID_EXP_DATE|Card exp date is not present or is expired and Visa VCES is not activated.|\n|UNKNOWN_MERCHANT|The merchantId is probably wrong.|\n\n-----------------"},"errorDetails":{"$ref":"#/components/schemas/errorDetails"},"schemeCorrelationId":{"$ref":"#/components/schemas/schemeCorrelationId"}}}}}},"401":{"$ref":"#/components/responses/401"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Token Management"],"summary":"Create Async Token","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["merchantId","encryptedData","source","language","country"],"properties":{"merchantId":{"$ref":"#/components/schemas/merchantId"},"encryptedData":{"$ref":"#/components/schemas/encryptedUserInfoAsync"},"source":{"$ref":"#/components/schemas/sourceAsync"},"risk":{"$ref":"#/components/schemas/risk"},"language":{"$ref":"#/components/schemas/language"},"country":{"$ref":"#/components/schemas/country"},"device":{"$ref":"#/components/schemas/device"}}}}}}}}},"components":{"parameters":{"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n</br> Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true},"xCorrelationId":{"schema":{"type":"string","maxLength":36,"minLength":1},"in":"header","description":"Technical identifier used for troubleshooting. \n</br>It helps on customer support when needed. \n</br>Each API request must be identified with a unique correlation Id.\n</br>It correlates the response and the request and eventually a notification if any. ","name":"x-correlation-id","required":true}},"responses":{"202":{"description":"Accepted"},"401":{"description":"Unauthorized - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}},"schemas":{"errorDetails":{"type":"string","maxLength":256,"description":"Additional information about the error. This optional parameter has no specific format as it depends on the different TSP API. It is sent for logging and troubleshooting purpose."},"schemeCorrelationId":{"type":"string","maxLength":128,"description":"Identifier used by the schemes for additional support."},"merchantId":{"type":"string","description":"Identifier of the merchant provided by Thales at on-boarding.","minLength":1,"maxLength":128},"encryptedUserInfoAsync":{"type":"string","minLength":1,"maxLength":8196,"description":"The user and card information encrypted in a JWE structure (see security section in the documentation).\n\nOnce decrypted, the JWE plaintext contains the following JSON object:\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|fpan|The funding pan to tokenize.|M|Up to 19|\n|exp|The expiry date in the format MMYY. </br>Optional when VCES feature is activated for VISA|C|4|\n|name|The card holder name in the format FIRSTNAME LASTNAME or as written on the card. MDES limits the length to 27 characters so ETP may truncate the provided value.</br>This parameter is <font color=\"red\">mandatory</font> for Discover card tokenization.|O|256|\n|cvv|The security code.</br>It can help the issuer in the decision of approving the payment.|O|3 or 4|\n|accountId|The card holder account identifier defined by the Merchant. </br>It can help the issuer in the decision of approving the payment.|O|24|\n|email|The card holder email.</br>This parameter is <font color=\"red\">mandatory</font> for AMEX card tokenization.|O|128|\n\nExample: {\"fpan\":\"5123456789012345\", \"exp\":\"0822\", \"name\":\"JOHN DOE\", \"cvv\":\"123\", \"accountId\":\"johndoe\", \"email\":\"john@doe.com\"}"},"sourceAsync":{"type":"string","maxLength":32,"description":"The card info entry mode.</br>'MANUAL' It can help the issuer in the decision of approving the payment.","enum":["CARD_ON_FILE","MANUAL"]},"risk":{"type":"object","description":"Parameters linked to the risk level evaluated by the Token Requestor.       </br>It can help the issuer in the decision of approving the payment.","properties":{"accountScore":{"$ref":"#/components/schemas/accountScore"}}},"accountScore":{"type":"integer","minimum":1,"maximum":5,"description":"Risk level associated to the account.\nIf provided, the value is forwarded to Mastercard TSP (MDES) or Visa TSP (VTS).\n\n|Value|Description|\n|-------|-------|\n|1| High risk level:<li>No successful authentication within last 30 days.</li><li>Suspect behavior (frequent token delete).</li><li>Fraudulent activity due to illegitimate consumer behavior identified.</li>|\n|2|Risky account:<li>Recent password reset.</li><li>Recent unusual number of failed logins.</li>|\n|3|Neutral account:<li>New account or no known good or bad history.</li>|\n|4|Trusted account:<li>Account tenure of at least 6 months AND positive financial activity each month for at least three months.</li>|\n|5|Highly trusted account:<li>Consumer successfully authenticated within last 30 days.</li><li>Account tenure of at least 12 months AND positive financial activity each month for at least six months.</li>|"},"language":{"type":"string","default":"en","minLength":2,"maxLength":2,"description":"Card holder language in ISO-639-1 two-letter language code."},"country":{"type":"string","minLength":2,"maxLength":2,"description":"Card holder country in ISO-3166-1 alpha-2 two-letter country code."},"device":{"type":"object","description":"Information about the card holder's device.</br> It can help the issuer in the decision of approving the payment.","properties":{"ipAddress":{"$ref":"#/components/schemas/ipAddress"},"location":{"$ref":"#/components/schemas/location"}}},"ipAddress":{"type":"string","minLength":1,"maxLength":64,"description":"The card holder's device IP address in format IPv4 or IPv6. The parameter is <font color=\"red\">mandatory</font> for AMEX card digitization in case the 'source' is 'MANUAL'. </br>For the other schemes, it is optional and is sent to Visa or Mastercard if format is IPv4."},"location":{"type":"string","minLength":1,"maxLength":32,"description":"The card holder's device location.</br>\n</br>Format requirements:\n* Latitude is between -90 and 90 degrees.\n* Longitude is between -180 and 180 degrees.\n* For positive value, the sign '+' shall not be provided.\n* Values are provided in decimal degrees with a precision of 4 decimal places.\n* Latitude and longitude are separated by a comma.\n* Spaces are not allowed.\n\nExamples: \n* '47.0880,2.3635'\n* '51.5306,-133.7224'\n* '-10.0000,-111.0000'"}}}}
```

## Create PCI Token

> Create a PCI token from card details.\
> \
> The Scheme TSP is not involved in the creation of the token.\
> \
> ETP stores securely the card details and returns a token identifier to the Merchant/PSP.\
> \
> In case of successful response, the Merchant/PSP can directly request for a transaction. No notification is sent (contrary to network tokens).

```json
{"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/pci-tokens":{"post":{"description":"Create a PCI token from card details.\n\nThe Scheme TSP is not involved in the creation of the token.\n\nETP stores securely the card details and returns a token identifier to the Merchant/PSP.\n\nIn case of successful response, the Merchant/PSP can directly request for a transaction. No notification is sent (contrary to network tokens).","operationId":"createPciToken","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/xCorrelationId"}],"responses":{"201":{"description":"Created","content":{"application/json":{"schema":{"type":"object","required":["tokenId","cardLastDigits","cardExpiryDate","tokenState","creationTimestamp"],"properties":{"tokenId":{"$ref":"#/components/schemas/tokenId"},"cardLastDigits":{"$ref":"#/components/schemas/cardLastDigits"},"cardExpiryDate":{"$ref":"#/components/schemas/cardExpiryDate"},"tokenState":{"$ref":"#/components/schemas/tokenState"},"cardProduct":{"type":"object","description":"Information about the card product.","required":["scheme"],"properties":{"scheme":{"$ref":"#/components/schemas/scheme"}}},"creationTimestamp":{"$ref":"#/components/schemas/creationTimestamp"}}}}}},"400":{"description":"Bad request - Not Retryable","content":{"application/json":{"schema":{"type":"object","properties":{"errorCode":{"type":"string","maxLength":128,"description":"Optional information that details the error.\n\n-----------------\n|Error Code|Description|\n|-------|-------|\n|CRYPTO_ERROR|The server could not decrypt the data sent in the request.|\n|UNKNOWN_MERCHANT|The merchantId is probably wrong.|\n\n-----------------"},"errorDetails":{"$ref":"#/components/schemas/errorDetails"},"schemeCorrelationId":{"$ref":"#/components/schemas/schemeCorrelationId"}}}}}},"401":{"$ref":"#/components/responses/401"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Token Management"],"summary":"Create PCI Token","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["merchantId","encryptedData"],"properties":{"merchantId":{"$ref":"#/components/schemas/merchantId"},"encryptedData":{"$ref":"#/components/schemas/encryptedUserInfoPci"}}}}}}}}},"components":{"parameters":{"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n</br> Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true},"xCorrelationId":{"schema":{"type":"string","maxLength":36,"minLength":1},"in":"header","description":"Technical identifier used for troubleshooting. \n</br>It helps on customer support when needed. \n</br>Each API request must be identified with a unique correlation Id.\n</br>It correlates the response and the request and eventually a notification if any. ","name":"x-correlation-id","required":true}},"schemas":{"tokenId":{"type":"string","description":"The token identifier.","pattern":"^[a-zA-Z0-9_-]+$","minLength":1,"maxLength":128},"cardLastDigits":{"type":"string","maxLength":5,"description":"The card last digits."},"cardExpiryDate":{"type":"string","maxLength":4,"description":"The card expiry date in format MMYY."},"tokenState":{"type":"string","maxLength":64,"description":"Token state.</br>PCI token state can only be 'ACTIVE' or 'DELETED'.","enum":["ACTIVE","SUSPENDED","DELETED","PENDING"]},"scheme":{"type":"string","description":"The card primary scheme.","maxLength":32,"enum":["MASTERCARD","VISA","AMEX","DISCOVER","ELO","UNKNOWN"]},"creationTimestamp":{"type":"string","maxLength":64,"description":"Token creation timestamp compliant with ISO 8601."},"errorDetails":{"type":"string","maxLength":256,"description":"Additional information about the error. This optional parameter has no specific format as it depends on the different TSP API. It is sent for logging and troubleshooting purpose."},"schemeCorrelationId":{"type":"string","maxLength":128,"description":"Identifier used by the schemes for additional support."},"merchantId":{"type":"string","description":"Identifier of the merchant provided by Thales at on-boarding.","minLength":1,"maxLength":128},"encryptedUserInfoPci":{"type":"string","minLength":1,"maxLength":8196,"description":"The user and card information encrypted in a JWE structure (see security section in the documentation).\n\nOnce decrypted, the JWE plaintext contains the following JSON object:\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|fpan|The funding pan to tokenize.|M|Up to 19|\n|exp|The expiry date in the format MMYY.|M|4|\n\nExample: {\"fpan\":\"5123456789012345\", \"exp\":\"0822\"}"}},"responses":{"401":{"description":"Unauthorized - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}}}
```

## Create Push Token

> Create a network token from information provided by the Issuer to the Merchant application in a push provisioning use case (Visa and Mastercard only).

```json
{"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/push-tokens":{"post":{"description":"Create a network token from information provided by the Issuer to the Merchant application in a push provisioning use case (Visa and Mastercard only).","operationId":"createPushToken","parameters":[{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/xCorrelationId"}],"responses":{"201":{"description":"Created","content":{"application/json":{"schema":{"type":"object","properties":{"tokenId":{"$ref":"#/components/schemas/tokenId"},"cardLastDigits":{"$ref":"#/components/schemas/cardLastDigits"},"cardExpiryDate":{"$ref":"#/components/schemas/cardExpiryDate"},"tokenLastDigits":{"$ref":"#/components/schemas/tokenLastDigits"},"tokenExpiryDate":{"$ref":"#/components/schemas/tokenExpiryDate"},"tokenState":{"$ref":"#/components/schemas/tokenState"},"par":{"$ref":"#/components/schemas/par"},"cardProduct":{"$ref":"#/components/schemas/cardProductPush"},"encryptedData":{"$ref":"#/components/schemas/encryptedIssuerInfoPushProvisioning"},"returnUriType":{"$ref":"#/components/schemas/returnUriType"},"returnUri":{"$ref":"#/components/schemas/returnUri"},"creationTimestamp":{"$ref":"#/components/schemas/creationTimestamp"}},"required":["tokenId","tokenState","creationTimestamp"]}}}},"400":{"description":"Bad request - Not Retryable","content":{"application/json":{"schema":{"type":"object","properties":{"errorCode":{"type":"string","maxLength":128,"description":"Optional information that details the error.\n\n-----------------\n|Error Code|Description|\n|-------|-------|\n|CRYPTO_ERROR|The server could not decrypt the data sent in the request.|\n|INVALID_PAN_DATA|The PAN data is invalid.|\n|PAN_NOT_ELIGIBLE|The Issuer considers the PAN as not eligible for tokenization.|\n|UNKNOWN_MERCHANT|The merchantId is probably wrong.|\n|ISSUER_DECLINED|The Issuer declined the tokenization.|\n\n-----------------"},"errorDetails":{"$ref":"#/components/schemas/errorDetails"},"schemeCorrelationId":{"$ref":"#/components/schemas/schemeCorrelationId"}}}}}},"401":{"$ref":"#/components/responses/401"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Token Management"],"summary":"Create Push Token","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["merchantId","pushProvisioningPayload","scheme","language","country","device"],"properties":{"merchantId":{"$ref":"#/components/schemas/merchantId"},"pushProvisioningPayload":{"$ref":"#/components/schemas/pushProvisioningPayload"},"scheme":{"$ref":"#/components/schemas/schemePushProvisioning"},"encryptedData":{"$ref":"#/components/schemas/encryptedMerchantInfoPushProvisioning"},"risk":{"$ref":"#/components/schemas/risk"},"language":{"$ref":"#/components/schemas/language"},"country":{"$ref":"#/components/schemas/country"},"device":{"$ref":"#/components/schemas/devicePushProvisioning"}}}}}}}}},"components":{"parameters":{"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n</br> Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true},"xCorrelationId":{"schema":{"type":"string","maxLength":36,"minLength":1},"in":"header","description":"Technical identifier used for troubleshooting. \n</br>It helps on customer support when needed. \n</br>Each API request must be identified with a unique correlation Id.\n</br>It correlates the response and the request and eventually a notification if any. ","name":"x-correlation-id","required":true}},"schemas":{"tokenId":{"type":"string","description":"The token identifier.","pattern":"^[a-zA-Z0-9_-]+$","minLength":1,"maxLength":128},"cardLastDigits":{"type":"string","maxLength":5,"description":"The card last digits."},"cardExpiryDate":{"type":"string","maxLength":4,"description":"The card expiry date in format MMYY."},"tokenLastDigits":{"type":"string","maxLength":5,"description":"The token last digits."},"tokenExpiryDate":{"type":"string","maxLength":4,"description":"The token expiry date in format MMYY. This information can be missing. It is intended for display only at this step.<br>Rely on token expiry date in create transaction response for storage."},"tokenState":{"type":"string","maxLength":64,"description":"Token state.</br>PCI token state can only be 'ACTIVE' or 'DELETED'.","enum":["ACTIVE","SUSPENDED","DELETED","PENDING"]},"par":{"type":"string","maxLength":29,"description":"Payment Account Reference returned by the Scheme TSP."},"cardProductPush":{"type":"object","description":"Information about the card product.","required":["cardType","scheme"],"properties":{"issuerName":{"$ref":"#/components/schemas/issuerName"},"cardType":{"$ref":"#/components/schemas/cardType"},"scheme":{"$ref":"#/components/schemas/scheme"},"supportVisaCTF":{"$ref":"#/components/schemas/supportVisaCTF"},"cardDescription":{"$ref":"#/components/schemas/cardDescription"},"cardArts":{"$ref":"#/components/schemas/cardArts"},"termsAndConditionsUrl":{"$ref":"#/components/schemas/termsAndConditionsUrl"},"privacyPolicyUrl":{"$ref":"#/components/schemas/privacyPolicyUrl"}}},"issuerName":{"type":"string","maxLength":128,"description":"The card issuer name."},"cardType":{"type":"string","description":"The card type.","maxLength":32,"enum":["CREDIT","DEBIT","PREPAID","UNKNOWN"]},"scheme":{"type":"string","description":"The card primary scheme.","maxLength":32,"enum":["MASTERCARD","VISA","AMEX","DISCOVER","ELO","UNKNOWN"]},"supportVisaCTF":{"type":"boolean","description":"Indicate if Visa Cloud Token Framework is available."},"cardDescription":{"type":"string","maxLength":256,"description":"The card description."},"cardArts":{"type":"object","properties":{"foregroundColor":{"type":"string","maxLength":6,"description":"Color used for the text displayed on the card (last digits, expiry date). Hexadecimal RGB color format."},"backgroundColor":{"type":"string","maxLength":6,"description":"Color used for card background. Hexadecimal RGB color format."},"cardBackgroundImageId":{"type":"string","maxLength":128,"description":"Asset identifier of the card background image. It doesn't contain the issuer/brand/co-brand logo."},"issuerLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the issuer logo."},"brandLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the primary brand logo."},"cobrandLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the cobrand logo."},"completeCardImageId":{"type":"string","maxLength":128,"description":"Asset identifier of the complete card image. Shall be preferred over the other assets when present."},"cardIconId":{"type":"string","maxLength":128,"description":"Asset identifier of the card icon."},"cardImageUrl":{"type":"string","maxLength":512,"description":"HTTP location of the card image. If present, no other identifier is provided and getAsset operation is not needed."}}},"termsAndConditionsUrl":{"type":"string","maxLength":512,"description":"Card issuer terms and conditions URL."},"privacyPolicyUrl":{"type":"string","maxLength":512,"description":"Card issuer privacy policy URL."},"encryptedIssuerInfoPushProvisioning":{"type":"string","maxLength":8196,"description":"The user information encrypted in a JWE structure (see security section in the documentation).\n\nOnce decrypted, the JWE plaintext contains the following JSON object:\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|name|The card holder name in format FIRSTNAME LASTNAME.|O|256|\n|address.line1|The card holder address.|O|256|\n|address.line2|The card holder address.|O|256|\n|address.city|The card holder address.|O|256|\n|address.countrySubdivision|The card holder address.|O|32|\n|address.postalCode|The card holder address.|O|32|\n|address.country|The Card holder country in ISO-3166-1 alpha-2 two-letter country code.|O|2|\n|email|The card holder email.|O|128|\n|phoneNumber|The card holder phone number.|O|128|\n|personalId|A card holder personal identifier that may be required in some regions.|O|128|"},"returnUriType":{"type":"string","maxLength":32,"description":"Issuer application/website URI type depending on the device. This parameter could be returned only for VISA.","enum":["ANDROID","IOS","WEB"]},"returnUri":{"type":"string","maxLength":512,"description":"Issuer application/website URI. This parameter could be returned only for VISA."},"creationTimestamp":{"type":"string","maxLength":64,"description":"Token creation timestamp compliant with ISO 8601."},"errorDetails":{"type":"string","maxLength":256,"description":"Additional information about the error. This optional parameter has no specific format as it depends on the different TSP API. It is sent for logging and troubleshooting purpose."},"schemeCorrelationId":{"type":"string","maxLength":128,"description":"Identifier used by the schemes for additional support."},"merchantId":{"type":"string","description":"Identifier of the merchant provided by Thales at on-boarding.","minLength":1,"maxLength":128},"pushProvisioningPayload":{"type":"string","description":"The push provisioning payload provided by the Issuer to the merchant application.\n\nFor Mastercard, it corresponds to the 'pushAccountReceipt'.\n\nFor Visa, it corresponds to the 'encPaymentInstrument'.","minLength":1,"maxLength":8196},"schemePushProvisioning":{"type":"string","description":"The card primary scheme.","maxLength":32,"enum":["MASTERCARD","VISA"]},"encryptedMerchantInfoPushProvisioning":{"type":"string","minLength":1,"maxLength":8196,"description":"The user information encrypted in a JWE structure (see security section in the documentation).\n\nOnce decrypted, the JWE plaintext contains the following JSON object:\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|accountId|The card holder account identifier defined by the Merchant.|O|24|\n|email|The card holder email.|O|128|\n\nExample: {\"accountId:\"johndoe\", \"email\":\"john@doe.com\"}"},"risk":{"type":"object","description":"Parameters linked to the risk level evaluated by the Token Requestor.       </br>It can help the issuer in the decision of approving the payment.","properties":{"accountScore":{"$ref":"#/components/schemas/accountScore"}}},"accountScore":{"type":"integer","minimum":1,"maximum":5,"description":"Risk level associated to the account.\nIf provided, the value is forwarded to Mastercard TSP (MDES) or Visa TSP (VTS).\n\n|Value|Description|\n|-------|-------|\n|1| High risk level:<li>No successful authentication within last 30 days.</li><li>Suspect behavior (frequent token delete).</li><li>Fraudulent activity due to illegitimate consumer behavior identified.</li>|\n|2|Risky account:<li>Recent password reset.</li><li>Recent unusual number of failed logins.</li>|\n|3|Neutral account:<li>New account or no known good or bad history.</li>|\n|4|Trusted account:<li>Account tenure of at least 6 months AND positive financial activity each month for at least three months.</li>|\n|5|Highly trusted account:<li>Consumer successfully authenticated within last 30 days.</li><li>Account tenure of at least 12 months AND positive financial activity each month for at least six months.</li>|"},"language":{"type":"string","default":"en","minLength":2,"maxLength":2,"description":"Card holder language in ISO-639-1 two-letter language code."},"country":{"type":"string","minLength":2,"maxLength":2,"description":"Card holder country in ISO-3166-1 alpha-2 two-letter country code."},"devicePushProvisioning":{"type":"object","description":"Information about the card holder's device.","required":["ipAddress"],"properties":{"ipAddress":{"$ref":"#/components/schemas/ipAddressSimpleDesc"},"location":{"$ref":"#/components/schemas/location"}}},"ipAddressSimpleDesc":{"type":"string","minLength":1,"maxLength":64,"description":"The card holder's device IP address in format IPv4."},"location":{"type":"string","minLength":1,"maxLength":32,"description":"The card holder's device location.</br>\n</br>Format requirements:\n* Latitude is between -90 and 90 degrees.\n* Longitude is between -180 and 180 degrees.\n* For positive value, the sign '+' shall not be provided.\n* Values are provided in decimal degrees with a precision of 4 decimal places.\n* Latitude and longitude are separated by a comma.\n* Spaces are not allowed.\n\nExamples: \n* '47.0880,2.3635'\n* '51.5306,-133.7224'\n* '-10.0000,-111.0000'"}},"responses":{"401":{"description":"Unauthorized - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}}}
```

## Get Token

> Retrieve information about a token.\
> \
> For EMV Tokens, the information provided depends on what the Issuer has declared in the Scheme TSP.\
> \
> For PCI Tokens, only "basic" information related to the card is provided:\
> \<li>Card last digits.\
> \<li>Card expiry date.\
> \<li>Card Scheme if recognized.<br>

```json
{"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/tokens/{tokenId}":{"get":{"description":"Retrieve information about a token.\n\nFor EMV Tokens, the information provided depends on what the Issuer has declared in the Scheme TSP.\n\nFor PCI Tokens, only \"basic\" information related to the card is provided:\n<li>Card last digits.\n<li>Card expiry date.\n<li>Card Scheme if recognized.\n","operationId":"getToken","parameters":[{"$ref":"#/components/parameters/tokenId"},{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/xCorrelationId"}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object","required":["tokenState","creationTimestamp"],"properties":{"merchantId":{"$ref":"#/components/schemas/merchantId"},"cardBin":{"$ref":"#/components/schemas/cardBin"},"cardLastDigits":{"$ref":"#/components/schemas/cardLastDigits"},"cardExpiryDate":{"$ref":"#/components/schemas/cardExpiryDate"},"tokenState":{"$ref":"#/components/schemas/tokenState"},"tokenLastDigits":{"$ref":"#/components/schemas/tokenLastDigits"},"tokenExpiryDate":{"$ref":"#/components/schemas/tokenExpiryDate"},"par":{"$ref":"#/components/schemas/par"},"vProvisionedTokenId":{"$ref":"#/components/schemas/vProvisionedTokenId"},"deviceBindings":{"$ref":"#/components/schemas/deviceBindings"},"cardProduct":{"$ref":"#/components/schemas/cardProduct"},"creationTimestamp":{"$ref":"#/components/schemas/creationTimestamp"},"lastUpdateTimestamp":{"$ref":"#/components/schemas/lastUpdateTimestamp"}}}}}},"400":{"$ref":"#/components/responses/400"},"401":{"$ref":"#/components/responses/401"},"404":{"$ref":"#/components/responses/404"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Token Management"],"summary":"Get Token"}}},"components":{"parameters":{"tokenId":{"schema":{"type":"string","maxLength":128},"in":"path","description":"The token identifier.","name":"tokenId","required":true},"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n</br> Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true},"xCorrelationId":{"schema":{"type":"string","maxLength":36,"minLength":1},"in":"header","description":"Technical identifier used for troubleshooting. \n</br>It helps on customer support when needed. \n</br>Each API request must be identified with a unique correlation Id.\n</br>It correlates the response and the request and eventually a notification if any. ","name":"x-correlation-id","required":true}},"schemas":{"merchantId":{"type":"string","description":"Identifier of the merchant provided by Thales at on-boarding.","minLength":1,"maxLength":128},"cardBin":{"type":"string","description":"The card bin returned by the scheme, just available for VISA and Mastercard SCOF.","minLength":6,"maxLength":8},"cardLastDigits":{"type":"string","maxLength":5,"description":"The card last digits."},"cardExpiryDate":{"type":"string","maxLength":4,"description":"The card expiry date in format MMYY."},"tokenState":{"type":"string","maxLength":64,"description":"Token state.</br>PCI token state can only be 'ACTIVE' or 'DELETED'.","enum":["ACTIVE","SUSPENDED","DELETED","PENDING"]},"tokenLastDigits":{"type":"string","maxLength":5,"description":"The token last digits."},"tokenExpiryDate":{"type":"string","maxLength":4,"description":"The token expiry date in format MMYY. This information can be missing. It is intended for display only at this step.<br>Rely on token expiry date in create transaction response for storage."},"par":{"type":"string","maxLength":29,"description":"Payment Account Reference returned by the Scheme TSP."},"vProvisionedTokenId":{"type":"string","description":"Specific to Visa. Another token identifier that shall be used only with Visa Cloud Token Framework.","minLength":1,"maxLength":36},"deviceBindings":{"type":"array","description":"The list of device identifiers bound to the token.","items":{"$ref":"#/components/schemas/deviceId"},"uniqueItems":true},"deviceId":{"type":"string","description":"The unique device identifier. Visa deviceId must have 24 characters at maximum.","minLength":1,"maxLength":36},"cardProduct":{"type":"object","description":"Information about the card product.","required":["cardType","scheme"],"properties":{"issuerName":{"$ref":"#/components/schemas/issuerName"},"cardType":{"$ref":"#/components/schemas/cardType"},"scheme":{"$ref":"#/components/schemas/scheme"},"supportVisaCTF":{"$ref":"#/components/schemas/supportVisaCTF"},"supportMastercardTAF":{"$ref":"#/components/schemas/supportMastercardTAF"},"supportMastercardLiabilityShift":{"$ref":"#/components/schemas/supportMastercardLiabilityShift"},"cardDescription":{"$ref":"#/components/schemas/cardDescription"},"cardArts":{"$ref":"#/components/schemas/cardArts"},"termsAndConditionsUrl":{"$ref":"#/components/schemas/termsAndConditionsUrl"},"privacyPolicyUrl":{"$ref":"#/components/schemas/privacyPolicyUrl"}}},"issuerName":{"type":"string","maxLength":128,"description":"The card issuer name."},"cardType":{"type":"string","description":"The card type.","maxLength":32,"enum":["CREDIT","DEBIT","PREPAID","UNKNOWN"]},"scheme":{"type":"string","description":"The card primary scheme.","maxLength":32,"enum":["MASTERCARD","VISA","AMEX","DISCOVER","ELO","UNKNOWN"]},"supportVisaCTF":{"type":"boolean","description":"Indicate if Visa Cloud Token Framework is available."},"supportMastercardTAF":{"type":"boolean","description":"Indicate if Mastercard Token Authentication Framework is available."},"supportMastercardLiabilityShift":{"type":"boolean","description":"For Mastercard indicates whether the Multi Factor Authentication method & account PAN are eligible for Fraud Liability Protection"},"cardDescription":{"type":"string","maxLength":256,"description":"The card description."},"cardArts":{"type":"object","properties":{"foregroundColor":{"type":"string","maxLength":6,"description":"Color used for the text displayed on the card (last digits, expiry date). Hexadecimal RGB color format."},"backgroundColor":{"type":"string","maxLength":6,"description":"Color used for card background. Hexadecimal RGB color format."},"cardBackgroundImageId":{"type":"string","maxLength":128,"description":"Asset identifier of the card background image. It doesn't contain the issuer/brand/co-brand logo."},"issuerLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the issuer logo."},"brandLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the primary brand logo."},"cobrandLogoId":{"type":"string","maxLength":128,"description":"Asset identifier of the cobrand logo."},"completeCardImageId":{"type":"string","maxLength":128,"description":"Asset identifier of the complete card image. Shall be preferred over the other assets when present."},"cardIconId":{"type":"string","maxLength":128,"description":"Asset identifier of the card icon."},"cardImageUrl":{"type":"string","maxLength":512,"description":"HTTP location of the card image. If present, no other identifier is provided and getAsset operation is not needed."}}},"termsAndConditionsUrl":{"type":"string","maxLength":512,"description":"Card issuer terms and conditions URL."},"privacyPolicyUrl":{"type":"string","maxLength":512,"description":"Card issuer privacy policy URL."},"creationTimestamp":{"type":"string","maxLength":64,"description":"Token creation timestamp compliant with ISO 8601."},"lastUpdateTimestamp":{"type":"string","maxLength":64,"description":"Token last update timestamp compliant with ISO 8601. Provided only in case the token was updated after its creation."}},"responses":{"400":{"description":"Bad request - Not Retryable"},"401":{"description":"Unauthorized - Not Retryable"},"404":{"description":"Not Found - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}}}
```

## Delete Token

> Delete a token.

```json
{"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/tokens/{tokenId}":{"delete":{"description":"Delete a token.","operationId":"eraseToken","parameters":[{"$ref":"#/components/parameters/tokenId"},{"$ref":"#/components/parameters/authorization"},{"$ref":"#/components/parameters/xCorrelationId"}],"responses":{"204":{"$ref":"#/components/responses/204"},"400":{"$ref":"#/components/responses/400"},"401":{"$ref":"#/components/responses/401"},"404":{"$ref":"#/components/responses/404"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Token Management"],"summary":"Delete Token"}}},"components":{"parameters":{"tokenId":{"schema":{"type":"string","maxLength":128},"in":"path","description":"The token identifier.","name":"tokenId","required":true},"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n</br> Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true},"xCorrelationId":{"schema":{"type":"string","maxLength":36,"minLength":1},"in":"header","description":"Technical identifier used for troubleshooting. \n</br>It helps on customer support when needed. \n</br>Each API request must be identified with a unique correlation Id.\n</br>It correlates the response and the request and eventually a notification if any. ","name":"x-correlation-id","required":true}},"responses":{"204":{"description":"No Content"},"400":{"description":"Bad request - Not Retryable"},"401":{"description":"Unauthorized - Not Retryable"},"404":{"description":"Not Found - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}}}
```

## Get Asset

> Returns an asset ressource (image, text). \</br>\</br> The assetId associated to an asset never changes so the response can be cached by the API consumer.

```json
{"openapi":"3.1.1","info":{"title":"Thales ETP Server API","version":"1.78"},"tags":[{"name":"Token Management"}],"servers":[{"url":"https://thales.api.com/tsh-cof"}],"paths":{"/assets/{assetId}":{"get":{"description":"Returns an asset ressource (image, text). </br></br> The assetId associated to an asset never changes so the response can be cached by the API consumer.","operationId":"getAsset","parameters":[{"$ref":"#/components/parameters/assetId"},{"$ref":"#/components/parameters/authorization"}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/asset"}}}},"400":{"$ref":"#/components/responses/400"},"401":{"$ref":"#/components/responses/401"},"404":{"$ref":"#/components/responses/404"},"429":{"$ref":"#/components/responses/429"},"500":{"$ref":"#/components/responses/500"},"503":{"$ref":"#/components/responses/503"}},"tags":["Token Management"],"summary":"Get Asset"}}},"components":{"parameters":{"assetId":{"schema":{"type":"string","maxLength":128},"in":"path","description":"The unique asset identifier.","name":"assetId","required":true},"authorization":{"schema":{"type":"string","maxLength":512,"minLength":1},"in":"header","description":"Technical identifier pre-defined at on-boarding that identifies the API\nconsumer.\nFormat shall be the string 'APIKEY' followed by a space and the\napi key value.\n</br> Example: APIKEY c03f88fe-01ba-11e8-ba89-0ed5f89f718b\n","name":"authorization","required":true}},"schemas":{"asset":{"type":"object","required":["mediaType","encodedData"],"properties":{"mediaType":{"type":"string","maxLength":64,"description":"The media type of the asset.","enum":["application/pdf","image/pdf","image/png","image/jpeg","image/svg","text/plain","text/html"]},"encodedData":{"type":"string","description":"The asset encoded in base64."},"height":{"type":"string","maxLength":10,"description":"The asset height specified in pixels."},"width":{"type":"string","maxLength":10,"description":"The asset width specified in pixels."}}}},"responses":{"400":{"description":"Bad request - Not Retryable"},"401":{"description":"Unauthorized - Not Retryable"},"404":{"description":"Not Found - Not Retryable"},"429":{"description":"Too Many Requests - Retryable"},"500":{"description":"Internal Server Error - Not Retryable"},"503":{"description":"Service Unavailable - Retryable"}}}}
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.payments.thalescloud.io/merchant-tokenization/ja/bakkuendo/apis/server-api/token-management.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.