> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/push-provisioning/integrate-the-d1-api/d1-api-reference/inbound-api-to-d1/card-api.md).
# Card API
## Register Card
> This request is used to register a card with corresponding cards credentials.\
> This operation is applicable for card product supporting:\
> \- No authorisation mode\
> \- Light authorisation mode\
> \
> The cardId used to register the card shall be unique. A cardId can be reused to register another card (having a different PAN) under several conditions:\
> \- The cardId to be reused is linked with a DELETED or REPLACED card\
> \- The cardId to be reused is not associated to a card issued by D1 (a card created using the CREATE card API).\
> \- The cardId to be reused is not associated with a card product used for making transactions\
> \- In any case, it is not possible to register a card PAN already deleted or replaced. Even by reusing a cardId.\
> Reusing a cardId for another consumer is not recommanded. Since the cardId will disappear from the previous consumer cards list.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card","description":"Card APIs."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"consumerId":{"type":"string","description":"Unique identifier of the consumer. ","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"cardProductId":{"type":"string","description":"Unique identifier of the type of card ( defined during the onboarding of D1)","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"state":{"description":"The state of the card
If not provided, the card is considered ACTIVE","type":"string","enum":["ACTIVE","SUSPENDED"]},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}":{"put":{"description":"This request is used to register a card with corresponding cards credentials.\nThis operation is applicable for card product supporting:\n - No authorisation mode\n - Light authorisation mode\n\nThe cardId used to register the card shall be unique. A cardId can be reused to register another card (having a different PAN) under several conditions:\n - The cardId to be reused is linked with a DELETED or REPLACED card\n - The cardId to be reused is not associated to a card issued by D1 (a card created using the CREATE card API).\n - The cardId to be reused is not associated with a card product used for making transactions\n - In any case, it is not possible to register a card PAN already deleted or replaced. Even by reusing a cardId.\nReusing a cardId for another consumer is not recommanded. Since the cardId will disappear from the previous consumer cards list.\n","requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"consumerId":{"$ref":"#/components/schemas/consumerId"},"cardProductId":{"$ref":"#/components/schemas/cardProductId"},"state":{"$ref":"#/components/schemas/state"},"name":{"type":"string","minLength":0,"maxLength":26,"pattern":"^[a-zA-Z. -]{0,26}$","description":"Name of the card holder as it will be printed/embossed on the card.
For virtual card this value will be used exclusively for card display.
Empty string supported."},"secondName":{"type":"string","minLength":0,"maxLength":26,"pattern":"^[a-zA-Z. -]{0,26}$","description":"Optional second card holder name as it will be printed/embossed on the card under the first card holder name.
Not used in case of virtual card."},"encryptedData":{"type":"string","title":"encryptedData","maxLength":8192,"pattern":"^(?:[\\x20-\\x2D\\x2F-\\x7F]*\\.){4}(?:[\\x20-\\x2D\\x2F-\\x7F]*)$","description":"The encryptedData is the encrypted json (cf http://www.json.org/) representation of the Card information.\nThis value is encrypted using the JWE encryption (please refer to the **[Encrypt sensitive data](../../../integrate-the-d1-api/encrypt-sensitive-data)** for more details)\n
Once deciphered, the plaintext contains a json structure with:\n|JSON field parameter name|description|MOC|Format|\n|-------|-------|-------|-------|\n|pan|The funding pan value.|M|string - up to 19 digits|\n|exp|The expiry date of the card.|M|string - 4 digits, following the format MMYY|\n|auxiliaryPan|The auxiliary funding pan value. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - up to 19 digits|\n|auxiliaryExp|The auxiliary expiry date of the card. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - 4 digits, following the format MMYY|\n\nAs D1 is able to compute the CVV2, the cvv parameter is not expected. \n
\n
\n"}},"required":["consumerId","cardProductId","name","encryptedData"]}}}},"responses":{"204":{"description":"Successful card registration"},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | One field is not expected format as defined in this documentation |\n| CRYPTO_ERROR | - | no | Not possible to decrypt the provided encrypted data |\n| FIELD_INVALID_VALUE | - | no | One field value is not allowed for the given field |\n| INVALID_PAN | - | no | PAN is invalid |\n| INVALID_EXPIRY_DATE | Expiry date is invalid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application.\nThe below table defines the possible error:\n | errorCode | error | Retryable | Comments |\n | -------------- | ------------| ----------| -----------------------------------|\n | - | - | no | No error details available |\n | AUTHORIZER_FORBIDDEN | not\\_authorized error message | no | User\\_is\\_not\\_authorized\\_to\\_access\\_this\\_resource |\n | CARD_ALREADY_EXISTS | - | no | CardId already registered in the solution |\n | CARD_INVALID_STATE | - | no | CardId already registered in the solution and has an invalid card state (REPLACED or DELETED) |\n | CONSUMER_INVALID_STATE| - | no | Consumer exists with an invalid consumer state (DELETED) |\n | OPERATION_NOT_ALLOWED | Name of the operation/field that is not allowed in this operation | no | Register is not allowed for this card product |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Register Card","operationId":"registerCard","tags":["Card"]}}}}
```
## Create
> This request is used by the bank backend to request the creation of a card (virtual or physical) with the processor.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card","description":"Card APIs."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"consumerId":{"type":"string","description":"Unique identifier of the consumer. ","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"cardProductId":{"type":"string","description":"Unique identifier of the type of card ( defined during the onboarding of D1)","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"createState":{"description":"The state of the card
If not provided, the card is considered ACTIVE","type":"string","enum":["ACTIVE","INACTIVE"]},"AccountInformation":{"additionalProperties":false,"type":"object","required":["default","number","currencyCode"],"properties":{"default":{"type":"boolean","description":"true if the account is the default consumer account"},"type":{"type":"string","description":"Type of the Account. By default if not provided, it is a 'CHECKING' account.","enum":["CHECKING","SAVINGS"]},"number":{"type":"string","minLength":2,"maxLength":24,"pattern":"^[a-zA-Z0-9_]{2,24}$","description":"Account number used for posting to Core Banking System"},"currencyCode":{"$ref":"#/components/schemas/currencyCode"}}},"currencyCode":{"type":"string","pattern":"^[A-Z]{3}$","description":"Currency Code in ISO 4217 alpha code format"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards":{"post":{"description":"This request is used by the bank backend to request the creation of a card (virtual or physical) with the processor.","requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"consumerId":{"$ref":"#/components/schemas/consumerId"},"cardProductId":{"$ref":"#/components/schemas/cardProductId"},"state":{"$ref":"#/components/schemas/createState"},"name":{"type":"string","minLength":0,"maxLength":26,"pattern":"^[a-zA-Z. -]{0,26}$","description":"Name of the card holder as it will be printed/embossed on the card.
For virtual card this value will be used exclusively for card display.
Empty string supported."},"secondName":{"type":"string","minLength":0,"maxLength":26,"pattern":"^[a-zA-Z. -]{0,26}$","description":"Optional second card holder name as it will be printed/embossed on the card under the first card holder name.
Not used in case of virtual card."},"statusReason":{"type":"string","minLength":0,"maxLength":2,"default":"IN","pattern":"^[a-zA-Z]{0,2}$","description":"This indicates the state of the card once it's created"},"accountList":{"type":"array","description":"This represent the list of account the card will be attached to.
This list is used for the posting","items":{"$ref":"#/components/schemas/AccountInformation"}}},"required":["consumerId","accountList","cardProductId","name"]}}}},"responses":{"201":{"description":"Successful card creation","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","description":"Information related to the created card.","required":["cardId"],"properties":{"cardId":{"$ref":"#/components/schemas/cardId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n| FIELD_INVALID_VALUE | Contains the field in error (first found) | no | One field value is not allowed for the given field |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application.
\nThe below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource |\n| CARD_CREATION_COUNT_EXCEEDED | - | no | The maximum number of cards for the consumer is reached. Creation of additional card is not possible. |\n | OPERATION_NOT_ALLOWED | Name of the operation/field that is not allowed in this operation | no | Card creation is not allowed for this card product |","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CONSUMER | - | no | Consumer does not exist |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Create","operationId":"createCard","tags":["Card"]}}}}
```
## Suspend
> This request is used by the bank backend to request the suspention of a card.\
\
> When a card is suspended:\
> \+ authorization will be declined by the system.\
> \+ end user will not be alble to digitize the card.\
> \+ But authorization with digital card will be still approved by the system.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:suspend":{"post":{"description":"This request is used by the bank backend to request the suspention of a card.
\nWhen a card is suspended:\n + authorization will be declined by the system.\n + end user will not be alble to digitize the card.\n + But authorization with digital card will be still approved by the system.\n","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["CARD_LOST","CARD_STOLEN","CARD_BROKEN","FRAUD","USER_DECISION","ISSUER_DECISION"]}}}}}},"responses":{"200":{"description":"Card was suspended Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"operationId":{"$ref":"#/components/schemas/operationId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource \n| CARD_INVALID_STATE | - | no | Suspension with this state reason is not allowed |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Suspend","tags":["Card Operations"],"operationId":"suspendCard"}}}}
```
## Resume
> This request is used by the bank backend to request the reactivation of a card that has been suspended.\
> The card could have been suspended\
> \- by the bank's backend\
> \- by customer agent\
> \- by end user using the mobile banking application\
> \- or automatically by authorisation system when a payment validation failure retry counter has been exceeded (PIN locked, CVV2 locked or expiry date locked)\
> \
> If the card is locked (PIN locked, CVV2 locked or expiry date), D1 will unlock the card whatever the reason.\
> \
> \*\*Note:\*\* It cannot be used to activate a physical card for the really first time. \
> Please refer to \[activatePhysicalCard]\()
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:resume":{"post":{"description":"This request is used by the bank backend to request the reactivation of a card that has been suspended.\nThe card could have been suspended\n- by the bank's backend\n- by customer agent\n- by end user using the mobile banking application\n- or automatically by authorisation system when a payment validation failure retry counter has been exceeded (PIN locked, CVV2 locked or expiry date locked)\n\nIf the card is locked (PIN locked, CVV2 locked or expiry date), D1 will unlock the card whatever the reason.\n\n**Note:** It cannot be used to activate a physical card for the really first time. \nPlease refer to [activatePhysicalCard](https://thales-dis-dbp.stoplight.io/docs/d1-developer-portal/a2ebfce648687-card-activation)","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["ISSUER_DECISION","USER_DECISION","CARD_FOUND"]}}}}}},"responses":{"200":{"description":"Card resumed Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"operationId":{"$ref":"#/components/schemas/operationId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application.
\nThe below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource |\n| CARD_INVALID_STATE | - | no | Resume with this state reason is not allowed |\n"},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Resume","tags":["Card Operations"],"operationId":"resumeCard"}}}}
```
## Delete
> This request is used by the bank backend to request the deletion of a card. \
> \
> For cards managed by D1 (in oposition to legacy cards that are managed by the issuer), D1 will propagate the deletion/revocation to the processor.\
> \
> \Note:\ The deletion of the card cannot be reverted. In case of card lost consider using the suspend operation first.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:delete":{"post":{"description":"This request is used by the bank backend to request the deletion of a card. \n\nFor cards managed by D1 (in oposition to legacy cards that are managed by the issuer), D1 will propagate the deletion/revocation to the processor.\n\nNote: The deletion of the card cannot be reverted. In case of card lost consider using the suspend operation first.","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["CLOSED_ACCOUNT","CLOSED_CARD","CARD_LOST","CARD_STOLEN","CARD_BROKEN","CARD_NOT_RECEIVED","FRAUD","ISSUER_DECISION"]}}}}}},"responses":{"200":{"description":"Card was deleted Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"operationId":{"$ref":"#/components/schemas/operationId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application.
\nThe below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource |\n| CARD_INVALID_STATE | - | no | Possible error is card already deleted with an other reason |\n"},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Delete","tags":["Card Operations"],"operationId":"deleteCard-v2"}}}}
```
## Replace
> End user can request the bank a replacement of an existing card because the card has been lost or damaged.\
\
> The replaced card is blocked until the new card is activated.\
\
> The new card has a new cardId and a new card credentials (PAN and expiry date).\
\
> In the particular case of Virtual Card, the new Virtual Card is automaticaly activated.\
> \
> \
> D1 manages to re-link automatically digital card from the old card to the new card upon activation.\
> \
> For card registered in D1, the bank backend shall provide new cardId and new card credentials when calling the API.\
> The new cardId used to replace the card shall be unique. The new cardId can be reused from another card (having a different PAN) under several conditions :\
> \- The cardId to be reused is linked with a DELETED or REPLACED card (thus it's not possible to use the current cardId as newCardID when doing a replace)\
> \- The cardId to be reused is not associated to a card issued by D1 (a card created using the CREATE card API).\
> \- The cardId to be reused is not associated with a card product used for making transactions\
> \- In any case, it is not possible to use a card PAN already deleted or replaced. Even by reusing a cardId.\
> Reusing a cardId for another consumer is not recommanded. Since the cardId will disappear from the previous consumer cards list. \
> \
> \
> For card created by D1, D1 will generate a new cardId and new card credentials. Thus the newCardId shall not be provided by the issuer when calling this API.
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"newCardId":{"type":"string","description":"Unique identifier of the new card. Provided in case the card is in REPLACED state.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:replace":{"post":{"description":"End user can request the bank a replacement of an existing card because the card has been lost or damaged.
\nThe replaced card is blocked until the new card is activated.
\nThe new card has a new cardId and a new card credentials (PAN and expiry date).
\nIn the particular case of Virtual Card, the new Virtual Card is automaticaly activated.\n\n\nD1 manages to re-link automatically digital card from the old card to the new card upon activation.\n\nFor card registered in D1, the bank backend shall provide new cardId and new card credentials when calling the API.\nThe new cardId used to replace the card shall be unique. The new cardId can be reused from another card (having a different PAN) under several conditions :\n - The cardId to be reused is linked with a DELETED or REPLACED card (thus it's not possible to use the current cardId as newCardID when doing a replace)\n - The cardId to be reused is not associated to a card issued by D1 (a card created using the CREATE card API).\n - The cardId to be reused is not associated with a card product used for making transactions\n - In any case, it is not possible to use a card PAN already deleted or replaced. Even by reusing a cardId.\nReusing a cardId for another consumer is not recommanded. Since the cardId will disappear from the previous consumer cards list. \n\n\nFor card created by D1, D1 will generate a new cardId and new card credentials. Thus the newCardId shall not be provided by the issuer when calling this API.","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"newCardId":{"$ref":"#/components/schemas/newCardId"},"encryptedData":{"type":"string","title":"encryptedData","maxLength":8192,"pattern":"^(?:[\\x20-\\x2D\\x2F-\\x7F]*\\.){4}(?:[\\x20-\\x2D\\x2F-\\x7F]*)$","description":"The encryptedData has to be provided in case of card registered in D1. It is not needed for card created by D1.
\nThe encryptedData is the encrypted json (cf http://www.json.org/) representation of the Card information.\nThis value is encrypted using the JWE encryption (please refer to the **[Encrypt sensitive data](../../../integrate-the-d1-api/encrypt-sensitive-data)** for more details)\n
Once deciphered, the plaintext contains a json structure with:\n|JSON field parameter name|description|MOC|Format|\n|-------|-------|-------|-------|\n|pan|The funding pan value.|M|string - up to 19 digits|\n|exp|The expiry date of the card.|M|string - 4 digits, following the format MMYY|\n|auxiliaryPan|The auxiliary funding pan value. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - up to 19 digits|\n|auxiliaryExp|The auxiliary expiry date of the card. It shall be provided when cobadge is supported and if the card has an auxiliary pan.|C|string - 4 digits, following the format MMYY|\n\n
\n
\n"},"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["CARD_LOST","CARD_STOLEN","CARD_BROKEN","CARD_NOT_RECEIVED","FRAUD","ISSUER_DECISION"]}},"required":["reason","stateReason"]}}}},"responses":{"200":{"description":"Card was replaced Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","required":["newCardId"],"properties":{"operationId":{"$ref":"#/components/schemas/operationId"},"newCardId":{"$ref":"#/components/schemas/cardId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n| FIELD_INVALID_VALUE | Contains the field in error (first found) | no | One field value is not allowed for the given field |\n| CRYPTO_ERROR | - | no | Not possible to decrypt the provided encrypted data |\n| INVALID_PAN | - | no | PAN is invalid |\n| INVALID_EXPIRY_DATE | Expiry date is invalid | \n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource \n| CARD_INVALID_STATE | - | no | The card to replace is in invalid state (DELETED, REPLACED) |\n| CARD_ALREADY_EXISTS | - | no | The new card referenced by newCardId or new PAN already exists in the solution |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Replace","tags":["Card Operations"],"operationId":"replaceCard-v2"}}}}
```
## Renew
> Card renewal is the process where a new card is provided to end-user. The new card has new expiry date, but cardId and PAN are remaining the same.\
> \
> For card registered in D1, this request is used by the bank backend to inform that card has been renewed. In such case the new expiry date shall be provided. Moreover, the auxiliary expiry date of the card shall also be provided for cobadged cards that have an auxiliary pan. \
> \
> For card created by D1, this request is used by the bank backend to manualy request the renewal of an existing card (a new expiry date will be generated by D1).\
> \
> In the particular case of the Virtual Card, the Virtual Card is automaticaly activated.\
> For Physical Card, the renewed card will remain active until:\
> \- an explicit activation perfomed using the activation operation using the same cardId as the renew card \
> \- an implicit activation following a valid card present transaction (if card product is configured as such)
```json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"parameters":{"issuer-id-path":{"description":"The id of the issuer","in":"path","name":"issuerId","required":true,"schema":{"$ref":"#/components/schemas/issuerId"}},"card-id-path":{"description":"The id of the card","in":"path","name":"cardId","required":true,"schema":{"$ref":"#/components/schemas/cardId"}}},"schemas":{"issuerId":{"maxLength":10,"minLength":10,"type":"string"},"cardId":{"type":"string","description":"Unique identifier of the card.","minLength":1,"maxLength":48,"pattern":"^[A-Za-z0-9_-]{1,48}$"},"cardExpiryDate":{"type":"string","description":"Expiry date of the card in MMYY format","pattern":"^(0[1-9]|1[0-2])\\d{2}$"},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v2/issuers/{issuerId}/cards/{cardId}/operations:renew":{"post":{"description":"Card renewal is the process where a new card is provided to end-user. The new card has new expiry date, but cardId and PAN are remaining the same.\n\nFor card registered in D1, this request is used by the bank backend to inform that card has been renewed. In such case the new expiry date shall be provided. Moreover, the auxiliary expiry date of the card shall also be provided for cobadged cards that have an auxiliary pan. \n\nFor card created by D1, this request is used by the bank backend to manualy request the renewal of an existing card (a new expiry date will be generated by D1).\n\nIn the particular case of the Virtual Card, the Virtual Card is automaticaly activated.\nFor Physical Card, the renewed card will remain active until:\n - an explicit activation perfomed using the activation operation using the same cardId as the renew card \n - an implicit activation following a valid card present transaction (if card product is configured as such)","parameters":[{"$ref":"#/components/parameters/issuer-id-path"},{"$ref":"#/components/parameters/card-id-path"},{"$ref":"#/components/parameters/x-correlation-id"},{"$ref":"#/components/parameters/x-user-id"}],"requestBody":{"content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"newExp":{"$ref":"#/components/schemas/cardExpiryDate"},"newAuxiliaryExp":{"$ref":"#/components/schemas/cardExpiryDate"},"reason":{"$ref":"#/components/schemas/reason"},"stateReason":{"type":"string","description":"The reason why the action has been performed. If not provided, default reason code is ISSUER_DECISION.","enum":["ISSUER_DECISION","USER_DECISION","CARD_EXPIRED"]}}}}}},"responses":{"200":{"description":"Card was renewed Successfully","content":{"application/json":{"schema":{"additionalProperties":false,"type":"object","properties":{"operationId":{"$ref":"#/components/schemas/operationId"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n| FIELD_INVALID_VALUE | Contains the field in error (first found) | no | One field is |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource \n| CARD_INVALID_STATE | - | no | Renewal with this state reason is not allowed |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"summary":"Renew","tags":["Card Operations"],"operationId":"renewCard-v2"}}}}
```
## Get operation
> This request is used by the issuer backend to retrieve the information related to an operation on a card.\
> \
> Operations older than 3 months are removed.
````json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"operationCard":{"title":"operationCard","type":"object","description":"Operation details related to a specific operationId","properties":{"operationId":{"$ref":"#/components/schemas/operationId"},"operation":{"type":"string","description":"The operation type.","enum":["ACTIVATE","CLICK_TO_PAY_ENROLMENT","CLICK_TO_PAY_UPDATE","CLICK_TO_PAY_OPTOUT","CREATE","DELETE","DIGITIZE","DISPLAY","D1_PAY_ENROLMENT","PIN_CHANGE","PIN_DISPLAY","PRODUCE","PUSH","REGISTER","RENEW","REPLACE","RESUME","SUSPEND","UPDATE_ORDER","VERIFY"]},"status":{"type":"string","enum":["SUCCESSFUL","PENDING","FAILED"],"description":"Status of the operation"},"startTime":{"$ref":"#/components/schemas/operationStartTime"},"endTime":{"$ref":"#/components/schemas/operationEndTime"},"requestorType":{"type":"string","enum":["ISSUER","USER","TSP","CCI","D1"]},"requestorId":{"type":"string","description":"Identifier of the principal who initiates the operation\n - consumerId if requestorType is USER\n - issuerId if requestorType is ISSUER\n - cci user id if requestorType is CCI\n - D1 if it's an operation automatically triggered by D1 (can be card suspended due to several authorisation with invalid cvv)"},"reason":{"$ref":"#/components/schemas/reason"},"reasonCode":{"type":"string","enum":["CLOSED_ACCOUNT","CLOSED_CARD","CARD_EXPIRED","CARD_LOST","CARD_FOUND","CARD_STOLEN","CARD_BROKEN","CARD_NOT_RECEIVED","DEVICE_FOUND","DEVICE_LOST","DEVICE_STOLEN","FRAUD","USER_DECISION","ISSUER_DECISION","CVV2_LOCKED","EXPIRY_DATE_LOCKED","PIN_LOCKED"]},"details":{"oneOf":[{"title":"ACTIVATE operation","description":"Container to hold detailed information of ACTIVATE operation","properties":{"sdkType":{"$ref":"#/components/schemas/sdkType"}}},{"title":"DISPLAY operation","description":"Container to hold detailed information of DISPLAY operation","properties":{"sdkType":{"$ref":"#/components/schemas/sdkType"}}},{"title":"REGISTER, SUSPEND, RESUME, DELETE operations","description":"Container to hold any detailed information regarding the executed operation (REGISTER, SUSPEND, RESUME, DELETE)","properties":{"oldState":{"type":"string","enum":["INACTIVE","ACTIVE","SUSPENDED","DELETED"],"description":"Old state of the card"},"newState":{"type":"string","enum":["INACTIVE","ACTIVE","SUSPENDED","DELETED"],"description":"New state of the card"},"consumerState":{"type":"string","enum":["ACTIVE","INACTIVE","DELETED"],"description":"The state of the end user (consumer)"}}},{"title":"RENEW, REPLACE operations","description":"Container to hold detailed information of RENEW, REPLACE operation","properties":{"oldCardId":{"type":"string","description":"Old id of the card","minLength":1,"maxLength":48,"pattern":"[A-Za-z0-9_-]{1,48}"},"newCardId":{"type":"string","description":"New id of the card","minLength":1,"maxLength":48,"pattern":"[A-Za-z0-9_-]{1,48}"},"oldState":{"type":"string","enum":["INACTIVE","ACTIVE","SUSPENDED"],"description":"Old state of the card"},"newState":{"type":"string","enum":["ACTIVE","INACTIVE","SUSPENDED","REPLACED"],"description":"New state of the card"},"consumerState":{"type":"string","enum":["ACTIVE","INACTIVE","DELETED"],"description":"The state of the end user (consumer)"}}},{"title":"D1_PAY_ENROLMENT operation","description":"Container to hole details information of D1 Pay enrolment operation","properties":{"digitalCardId":{"$ref":"#/components/schemas/digitalCardId"},"walletApplicationId":{"$ref":"#/components/schemas/walletApplicationId"}}},{"title":"DIGITIZE operation","description":"Container to hold detailed information regarding the executed operation (DIGITIZE)","properties":{"eligibilityInformation":{"$ref":"#/components/schemas/eligibilityInformation"},"digitizationInformation":{"$ref":"#/components/schemas/digitizationInformation"},"digitalCardId":{"$ref":"#/components/schemas/digitalCardId"}}},{"title":"PIN_CHANGE operation","description":"Container to hold detailed information of PIN_CHANGE operation","properties":{"sdkType":{"$ref":"#/components/schemas/sdkType"},"pinType":{"type":"string","enum":["ISO0","3DES_SECCOS"],"description":"The type of PIN which is used for the card."}}},{"title":"PIN_DISPLAY operation","description":"Container to hold detailed information of PIN_DISPLAY operation","properties":{"sdkType":{"$ref":"#/components/schemas/sdkType"}}},{"title":"PRODUCE operation","description":"Container to hold detailed information of PRODUCE operation","properties":{"issuerRequestId":{"$ref":"#/components/schemas/operationId"},"dueDate":{"type":"string","format":"date","description":"The estimated card production date. It uses the format ```YYYY-MM-DD```."}}},{"title":"PUSH operations","description":"Container to hold detailed information of PUSH operations","properties":{"digitalCardRequestorId":{"type":"string","description":"Id of the token requestor to which we will push the card. Also known as TRID on scheme side.","minLength":11,"maxLength":11,"pattern":"[0-9]{11}"},"digitalCardRequestorName":{"type":"string","description":"Name of the token requestor to which we will push the card.","minLength":1,"maxLength":64,"pattern":"[A-Za-z0-9 _-]{1,64}"},"program":{"type":"string","description":"Protocol or API that was involded in the PUSH operation.","minLength":1,"maxLength":64,"pattern":"[A-Za-z0-9 _-]{1,64}"}}},{"title":"UPDATE_ORDER operation","description":"Container to hold detailed information of UPDATE_ORDER operation","properties":{"pullType":{"$ref":"#/components/schemas/pullType"}}},{"title":"VERIFY operation","description":"Container to hold detailed information of VERIFY operation"}],"type":"object"},"errorCode":{"type":"string","description":"External error code"},"error":{"type":"string","description":"Human readable string representing the error, only present in case of operation failure","maxLength":256,"minLength":0}},"required":["operationId","operation","status","startTime","requestorType","requestorId"]},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"operationStartTime":{"type":"string","title":"Operation Start Time","description":"The time the request has been processed.\nFormat ISO 8601 YYYY-MM-DDThh:mm:ssTZD","minLength":1,"maxLength":64},"operationEndTime":{"type":"string","title":"Operation End Time","description":"The time the operation has been completed.\nFormat ISO 8601 YYYY-MM-DDThh:mm:ssTZD\nnote: This is an optional field and might not be returned for synchronous operations.","minLength":1,"maxLength":64},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"sdkType":{"type":"string","description":"The type of SDK which is used","enum":["APP","NONE","WEB"]},"digitalCardId":{"type":"string","description":"Unique identifier of the digital card.","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"walletApplicationId":{"type":"string","description":"Unique Indentifier of wallet application","maxLength":100},"eligibilityInformation":{"type":"object","description":"Provides details about the eligibility check operation","properties":{"cardBIN":{"type":"string","minLength":6,"maxLength":6},"eligible":{"type":"boolean"},"cardProduct":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":64},"name":{"type":"string","minLength":1,"maxLength":256}}}},"required":["cardBIN","eligible"]},"digitizationInformation":{"type":"object","description":"Provides details about the tokenization (digitization) operation whatever the result is (that is, successful, pending or cancelled)","title":"digitizationInformation","properties":{"digitizationChecks":{"type":"object","required":["issuerVerifications","decisionEngineVerifications","digitalCardRequestorAssessment"],"properties":{"issuerVerifications":{"$ref":"#/components/schemas/issuerVerifications"},"decisionEngineVerifications":{"$ref":"#/components/schemas/decisionEngineVerifications"},"digitalCardRequestorAssessment":{"$ref":"#/components/schemas/digitalCardRequestorAssessment"},"verificationCodes":{"type":"array","maxItems":100,"description":"D1 Verification codes generated by the decision engine during rule evaluation. Following values are possible:\n\t \n|value |description| \n|-----------|----------------------------------| \n|TR_RECOMMENDATION_NOT_AVAILABLE|wallet recommendation is missing|\n|TR_DEVICE_SCORE_NOT_AVAILABLE|device scoring is missing|\n|TR_ACCOUNT_SCORE_NOT_AVAILABLE|account scoring is missing|","items":{"type":"string"}},"matchedRule":{"type":"object","description":"Decision Engine rule triggerig the final decision.\r\n\r\nApplicable only to Decision Engine Version V2","required":["id"],"properties":{"id":{"type":"string","description":"Unique identifier of the matching rule."},"name":{"type":"string","description":"Name of the matching rule."},"scenario":{"type":"object","description":"The actual matching scenario ","required":["id"],"properties":{"id":{"type":"string","description":"Unique identifier of the matched scenario."},"name":{"type":"string","description":"Name of the matched scenario."}}}}}}},"digitizationResult":{"type":"object","required":["flow"],"properties":{"flow":{"type":"string","description":"Tokenization Decision Engine assessment result.\nFollowing values are possible:\n- RED (DECLINE)\n- GREEN (APPROVE)\n- YELLOW (STEP-UP)","minLength":1,"maxLength":64,"enum":["RED","YELLOW","GREEN"]},"score":{"type":"string","minLength":1,"maxLength":1,"pattern":"[1-5]{1,1}$","description":"This is the final score the decision engine has computed considering all the verifications and the scoring from the requestor and/or TSP.\nScore goes from 1 (low trust) to 5 (high trust)."},"idAndVMethods":{"$ref":"#/components/schemas/idAndVMethods"},"digitizationDecisionTimestamp":{"type":"string","minLength":1,"maxLength":64,"description":"The time when the digitization decision has been sent to the TSP.\nThis parameter can be used by the Issuer to manage the notifications to cardholder in case of PENDING status of digitize operation.\nFormat ISO 8601 YYYY-MM-DDThh:mm:ssTZD\n"}}}},"required":["digitizationChecks","digitizationResult"]},"issuerVerifications":{"title":"issuerVerifications","type":"object","properties":{"cardIsExpired":{"$ref":"#/components/schemas/result"},"cardIsLostOrStolen":{"$ref":"#/components/schemas/result"},"wrongCVV":{"$ref":"#/components/schemas/result"},"fraudSuspect":{"$ref":"#/components/schemas/result"},"cardIsInvalid":{"$ref":"#/components/schemas/result"}},"required":["cardIsExpired","cardIsLostOrStolen","wrongCVV","fraudSuspect","cardIsInvalid"]},"result":{"title":"result","type":"object","properties":{"result":{"type":"string","enum":["YES","NO","NOT_APPLICABLE"]}}},"decisionEngineVerifications":{"title":"decisionEngineVerifications","type":"object","properties":{"tooManyDigitizationRequests":{"$ref":"#/components/schemas/result"},"tooManyCVVVerificationFailed":{"$ref":"#/components/schemas/result"},"walletPhoneNumberNotMatchingConsumerPhoneNumber":{"$ref":"#/components/schemas/result"},"digitizationCountExceededOnSameFPAN":{"$ref":"#/components/schemas/result"},"digitizationCountExceededOnSameDevice":{"$ref":"#/components/schemas/result"},"cardIsExpired":{"$ref":"#/components/schemas/result"},"cardIsInvalid":{"$ref":"#/components/schemas/result"},"wrongCVV":{"$ref":"#/components/schemas/result"},"CVVNotProvided":{"$ref":"#/components/schemas/CVVNotProvided"}},"required":["tooManyDigitizationRequests","tooManyCVVVerificationFailed","walletPhoneNumberNotMatchingConsumerPhoneNumber","digitizationCountExceededOnSameFPAN","digitizationCountExceededOnSameDevice","cardIsExpired","cardIsInvalid","wrongCVV","CVVNotProvided"]},"CVVNotProvided":{"title":"CVVNotProvided","type":"object","description":"If CVV has not been provided by the digital card requestor, then D1 verifies if this is incompatible with either the card capture method used or the digital card type requested.","properties":{"incompatibleWithCaptureMethod":{"$ref":"#/components/schemas/captureMethodIncompatible"},"incompatibleWithDigitalCardType":{"$ref":"#/components/schemas/digitalCardTypeIncompatible"}},"required":["incompatibleWithCaptureMethod","incompatibleWithDigitalCardType"]},"captureMethodIncompatible":{"title":"captureMethodIncompatible","type":"object","properties":{"result":{"type":"string","enum":["YES","NO","NOT_APPLICABLE"]}},"description":"If the capture method of the card details is NOT one of the following:\n- BANK_APP (card details from the Banking App)\n- TOKEN (card details derived by the TSP from an existing digital card)\n- ON-FILE (card details from a card stored on file)\n\nthen the absence of CVV is unexpected, the result will be YES"},"digitalCardTypeIncompatible":{"title":"digitalCardTypeIncompatible","type":"object","properties":{"result":{"type":"string","enum":["YES","NO","NOT_APPLICABLE"]}},"description":"If the digital card type required is NOT one of the following:\n- COF (card on file)\n- ECOM (e-Commerce)\n\nthen the absence of CVV is unexpected, the result will be YES"},"digitalCardRequestorAssessment":{"title":"digitalCardRequestorAssessment","type":"object","required":["averageScore","deviceScore","accountScore","recommendation"],"properties":{"averageScore":{"type":"string","description":"Average scoring from the digital card requestor. Following values are possible:\n\nNOT_APPLICABLE (score is based on data from digital card requestor. If the data is not available, average can't be computed).\n1\n2\n3\n4\n5"},"deviceScore":{"type":"string","description":"Following values are possible:\n\nNOT_APPLICABLE (score is based on data from digital card requestor. If the data is not available, score can't be provided).\n1\n2\n3\n4\n5"},"accountScore":{"type":"string","description":"Wallet Provider account scoring, low values means high risk.\nFollowing values are possible:\n\nNOT_APPLICABLE (score is based on data from digital card requestor. If the data is not available, score can't be provided).\n\n1 2 3 4 5"},"recommendation":{"$ref":"#/components/schemas/walletRecommendation"},"reasonCodesRecommendationDescription":{"type":"array","description":"This field shall allow to list the received Wallet Reason Code Recommendation(s).Values are mapped to more user friendly descriptions. The full list of mapped codes is available here: https://docs.payments.thalescloud.io/implement-tokenization/card-tokenization-request/processing-the-decision/decision-engine/data-validation-codes/wallet-reason-codes","uniqueItems":true,"items":{"type":"object"}}}},"walletRecommendation":{"type":"string","description":"Wallet/Digital Card Requestor colour recommended during the card tokenization request\n\nPlease note that in certain situations a recommendation might be not provided by the wallet.","enum":["NOT_APPLICABLE","GREEN","YELLOW","ORANGE","RED"]},"idAndVMethods":{"additionalProperties":false,"type":"object","properties":{"supported":{"type":"array","items":{"type":"string"}},"selected":{"type":"string","minLength":1,"maxLength":64,"description":"The following values are possible:\n- OTP_BY_SMS\n- OTP_BY_EMAIL\n- BANK_APP\n- CUSTOMER_SERVICE"}}},"pullType":{"type":"string","description":"The type of operation performed to update card order","enum":["ACCELERATE","ACCELERATE_AND_REDIRECT","CANCEL","REDIRECT"]},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}}},"paths":{"/v1/issuers/{issuerId}/cards/{cardId}/operations/{operationId}":{"get":{"summary":"Get operation","responses":{"200":{"description":"The card operation.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/operationCard"}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource \n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n| UNKNOWN_OPERATION | - | no | Unknown operationId | \n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"tags":["Card Operations"],"operationId":"get-card-operation-operationId","description":"This request is used by the issuer backend to retrieve the information related to an operation on a card.\n\nOperations older than 3 months are removed."}}}}
````
## Get all operations
> This request is used by the issuer backend to retrieve all operations related to a card. The API specifies the starting point (offset) and the number of operations (limit) to be retrieved. Offset 0 (the default) corresponds to the most recent operation. For example a limit of 5 and an offset of 2 would return the five most recent operations before the most recent two”.\
> \
> If no operations are available for the given cardId, an empty list is returned.\
> \
> Operations that are older than 3 months are removed.
````json
{"openapi":"3.0.0","info":{"title":"D1 Inbound Card API","version":"2.0"},"tags":[{"name":"Card Operations","description":"Different operations that can be done on a card."}],"servers":[{"url":"https://api.d1.thalescloud.io/banking","description":"Production server"},{"url":"https://api.d1-stg.thalescloud.io/banking","description":"Staging server"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"description":"A JWT generated by the [Get Authorization Token API](oauth2-api).
The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.","type":"http","scheme":"bearer","bearerFormat":"JWT"}},"schemas":{"operationCard":{"title":"operationCard","type":"object","description":"Operation details related to a specific operationId","properties":{"operationId":{"$ref":"#/components/schemas/operationId"},"operation":{"type":"string","description":"The operation type.","enum":["ACTIVATE","CLICK_TO_PAY_ENROLMENT","CLICK_TO_PAY_UPDATE","CLICK_TO_PAY_OPTOUT","CREATE","DELETE","DIGITIZE","DISPLAY","D1_PAY_ENROLMENT","PIN_CHANGE","PIN_DISPLAY","PRODUCE","PUSH","REGISTER","RENEW","REPLACE","RESUME","SUSPEND","UPDATE_ORDER","VERIFY"]},"status":{"type":"string","enum":["SUCCESSFUL","PENDING","FAILED"],"description":"Status of the operation"},"startTime":{"$ref":"#/components/schemas/operationStartTime"},"endTime":{"$ref":"#/components/schemas/operationEndTime"},"requestorType":{"type":"string","enum":["ISSUER","USER","TSP","CCI","D1"]},"requestorId":{"type":"string","description":"Identifier of the principal who initiates the operation\n - consumerId if requestorType is USER\n - issuerId if requestorType is ISSUER\n - cci user id if requestorType is CCI\n - D1 if it's an operation automatically triggered by D1 (can be card suspended due to several authorisation with invalid cvv)"},"reason":{"$ref":"#/components/schemas/reason"},"reasonCode":{"type":"string","enum":["CLOSED_ACCOUNT","CLOSED_CARD","CARD_EXPIRED","CARD_LOST","CARD_FOUND","CARD_STOLEN","CARD_BROKEN","CARD_NOT_RECEIVED","DEVICE_FOUND","DEVICE_LOST","DEVICE_STOLEN","FRAUD","USER_DECISION","ISSUER_DECISION","CVV2_LOCKED","EXPIRY_DATE_LOCKED","PIN_LOCKED"]},"details":{"oneOf":[{"title":"ACTIVATE operation","description":"Container to hold detailed information of ACTIVATE operation","properties":{"sdkType":{"$ref":"#/components/schemas/sdkType"}}},{"title":"DISPLAY operation","description":"Container to hold detailed information of DISPLAY operation","properties":{"sdkType":{"$ref":"#/components/schemas/sdkType"}}},{"title":"REGISTER, SUSPEND, RESUME, DELETE operations","description":"Container to hold any detailed information regarding the executed operation (REGISTER, SUSPEND, RESUME, DELETE)","properties":{"oldState":{"type":"string","enum":["INACTIVE","ACTIVE","SUSPENDED","DELETED"],"description":"Old state of the card"},"newState":{"type":"string","enum":["INACTIVE","ACTIVE","SUSPENDED","DELETED"],"description":"New state of the card"},"consumerState":{"type":"string","enum":["ACTIVE","INACTIVE","DELETED"],"description":"The state of the end user (consumer)"}}},{"title":"RENEW, REPLACE operations","description":"Container to hold detailed information of RENEW, REPLACE operation","properties":{"oldCardId":{"type":"string","description":"Old id of the card","minLength":1,"maxLength":48,"pattern":"[A-Za-z0-9_-]{1,48}"},"newCardId":{"type":"string","description":"New id of the card","minLength":1,"maxLength":48,"pattern":"[A-Za-z0-9_-]{1,48}"},"oldState":{"type":"string","enum":["INACTIVE","ACTIVE","SUSPENDED"],"description":"Old state of the card"},"newState":{"type":"string","enum":["ACTIVE","INACTIVE","SUSPENDED","REPLACED"],"description":"New state of the card"},"consumerState":{"type":"string","enum":["ACTIVE","INACTIVE","DELETED"],"description":"The state of the end user (consumer)"}}},{"title":"D1_PAY_ENROLMENT operation","description":"Container to hole details information of D1 Pay enrolment operation","properties":{"digitalCardId":{"$ref":"#/components/schemas/digitalCardId"},"walletApplicationId":{"$ref":"#/components/schemas/walletApplicationId"}}},{"title":"DIGITIZE operation","description":"Container to hold detailed information regarding the executed operation (DIGITIZE)","properties":{"eligibilityInformation":{"$ref":"#/components/schemas/eligibilityInformation"},"digitizationInformation":{"$ref":"#/components/schemas/digitizationInformation"},"digitalCardId":{"$ref":"#/components/schemas/digitalCardId"}}},{"title":"PIN_CHANGE operation","description":"Container to hold detailed information of PIN_CHANGE operation","properties":{"sdkType":{"$ref":"#/components/schemas/sdkType"},"pinType":{"type":"string","enum":["ISO0","3DES_SECCOS"],"description":"The type of PIN which is used for the card."}}},{"title":"PIN_DISPLAY operation","description":"Container to hold detailed information of PIN_DISPLAY operation","properties":{"sdkType":{"$ref":"#/components/schemas/sdkType"}}},{"title":"PRODUCE operation","description":"Container to hold detailed information of PRODUCE operation","properties":{"issuerRequestId":{"$ref":"#/components/schemas/operationId"},"dueDate":{"type":"string","format":"date","description":"The estimated card production date. It uses the format ```YYYY-MM-DD```."}}},{"title":"PUSH operations","description":"Container to hold detailed information of PUSH operations","properties":{"digitalCardRequestorId":{"type":"string","description":"Id of the token requestor to which we will push the card. Also known as TRID on scheme side.","minLength":11,"maxLength":11,"pattern":"[0-9]{11}"},"digitalCardRequestorName":{"type":"string","description":"Name of the token requestor to which we will push the card.","minLength":1,"maxLength":64,"pattern":"[A-Za-z0-9 _-]{1,64}"},"program":{"type":"string","description":"Protocol or API that was involded in the PUSH operation.","minLength":1,"maxLength":64,"pattern":"[A-Za-z0-9 _-]{1,64}"}}},{"title":"UPDATE_ORDER operation","description":"Container to hold detailed information of UPDATE_ORDER operation","properties":{"pullType":{"$ref":"#/components/schemas/pullType"}}},{"title":"VERIFY operation","description":"Container to hold detailed information of VERIFY operation"}],"type":"object"},"errorCode":{"type":"string","description":"External error code"},"error":{"type":"string","description":"Human readable string representing the error, only present in case of operation failure","maxLength":256,"minLength":0}},"required":["operationId","operation","status","startTime","requestorType","requestorId"]},"operationId":{"type":"string","description":"Unique identifier of the operation","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"operationStartTime":{"type":"string","title":"Operation Start Time","description":"The time the request has been processed.\nFormat ISO 8601 YYYY-MM-DDThh:mm:ssTZD","minLength":1,"maxLength":64},"operationEndTime":{"type":"string","title":"Operation End Time","description":"The time the operation has been completed.\nFormat ISO 8601 YYYY-MM-DDThh:mm:ssTZD\nnote: This is an optional field and might not be returned for synchronous operations.","minLength":1,"maxLength":64},"reason":{"type":"string","title":"reason","pattern":"^[a-zA-Z0-9 ]{1,64}$","description":"The reason why the action is performed. \n\nThis a free text field in case the bank wants to send details, that will be returned in the operations list. "},"sdkType":{"type":"string","description":"The type of SDK which is used","enum":["APP","NONE","WEB"]},"digitalCardId":{"type":"string","description":"Unique identifier of the digital card.","minLength":1,"maxLength":64,"pattern":"^[A-Za-z0-9_-]{1,64}$"},"walletApplicationId":{"type":"string","description":"Unique Indentifier of wallet application","maxLength":100},"eligibilityInformation":{"type":"object","description":"Provides details about the eligibility check operation","properties":{"cardBIN":{"type":"string","minLength":6,"maxLength":6},"eligible":{"type":"boolean"},"cardProduct":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":64},"name":{"type":"string","minLength":1,"maxLength":256}}}},"required":["cardBIN","eligible"]},"digitizationInformation":{"type":"object","description":"Provides details about the tokenization (digitization) operation whatever the result is (that is, successful, pending or cancelled)","title":"digitizationInformation","properties":{"digitizationChecks":{"type":"object","required":["issuerVerifications","decisionEngineVerifications","digitalCardRequestorAssessment"],"properties":{"issuerVerifications":{"$ref":"#/components/schemas/issuerVerifications"},"decisionEngineVerifications":{"$ref":"#/components/schemas/decisionEngineVerifications"},"digitalCardRequestorAssessment":{"$ref":"#/components/schemas/digitalCardRequestorAssessment"},"verificationCodes":{"type":"array","maxItems":100,"description":"D1 Verification codes generated by the decision engine during rule evaluation. Following values are possible:\n\t \n|value |description| \n|-----------|----------------------------------| \n|TR_RECOMMENDATION_NOT_AVAILABLE|wallet recommendation is missing|\n|TR_DEVICE_SCORE_NOT_AVAILABLE|device scoring is missing|\n|TR_ACCOUNT_SCORE_NOT_AVAILABLE|account scoring is missing|","items":{"type":"string"}},"matchedRule":{"type":"object","description":"Decision Engine rule triggerig the final decision.\r\n\r\nApplicable only to Decision Engine Version V2","required":["id"],"properties":{"id":{"type":"string","description":"Unique identifier of the matching rule."},"name":{"type":"string","description":"Name of the matching rule."},"scenario":{"type":"object","description":"The actual matching scenario ","required":["id"],"properties":{"id":{"type":"string","description":"Unique identifier of the matched scenario."},"name":{"type":"string","description":"Name of the matched scenario."}}}}}}},"digitizationResult":{"type":"object","required":["flow"],"properties":{"flow":{"type":"string","description":"Tokenization Decision Engine assessment result.\nFollowing values are possible:\n- RED (DECLINE)\n- GREEN (APPROVE)\n- YELLOW (STEP-UP)","minLength":1,"maxLength":64,"enum":["RED","YELLOW","GREEN"]},"score":{"type":"string","minLength":1,"maxLength":1,"pattern":"[1-5]{1,1}$","description":"This is the final score the decision engine has computed considering all the verifications and the scoring from the requestor and/or TSP.\nScore goes from 1 (low trust) to 5 (high trust)."},"idAndVMethods":{"$ref":"#/components/schemas/idAndVMethods"},"digitizationDecisionTimestamp":{"type":"string","minLength":1,"maxLength":64,"description":"The time when the digitization decision has been sent to the TSP.\nThis parameter can be used by the Issuer to manage the notifications to cardholder in case of PENDING status of digitize operation.\nFormat ISO 8601 YYYY-MM-DDThh:mm:ssTZD\n"}}}},"required":["digitizationChecks","digitizationResult"]},"issuerVerifications":{"title":"issuerVerifications","type":"object","properties":{"cardIsExpired":{"$ref":"#/components/schemas/result"},"cardIsLostOrStolen":{"$ref":"#/components/schemas/result"},"wrongCVV":{"$ref":"#/components/schemas/result"},"fraudSuspect":{"$ref":"#/components/schemas/result"},"cardIsInvalid":{"$ref":"#/components/schemas/result"}},"required":["cardIsExpired","cardIsLostOrStolen","wrongCVV","fraudSuspect","cardIsInvalid"]},"result":{"title":"result","type":"object","properties":{"result":{"type":"string","enum":["YES","NO","NOT_APPLICABLE"]}}},"decisionEngineVerifications":{"title":"decisionEngineVerifications","type":"object","properties":{"tooManyDigitizationRequests":{"$ref":"#/components/schemas/result"},"tooManyCVVVerificationFailed":{"$ref":"#/components/schemas/result"},"walletPhoneNumberNotMatchingConsumerPhoneNumber":{"$ref":"#/components/schemas/result"},"digitizationCountExceededOnSameFPAN":{"$ref":"#/components/schemas/result"},"digitizationCountExceededOnSameDevice":{"$ref":"#/components/schemas/result"},"cardIsExpired":{"$ref":"#/components/schemas/result"},"cardIsInvalid":{"$ref":"#/components/schemas/result"},"wrongCVV":{"$ref":"#/components/schemas/result"},"CVVNotProvided":{"$ref":"#/components/schemas/CVVNotProvided"}},"required":["tooManyDigitizationRequests","tooManyCVVVerificationFailed","walletPhoneNumberNotMatchingConsumerPhoneNumber","digitizationCountExceededOnSameFPAN","digitizationCountExceededOnSameDevice","cardIsExpired","cardIsInvalid","wrongCVV","CVVNotProvided"]},"CVVNotProvided":{"title":"CVVNotProvided","type":"object","description":"If CVV has not been provided by the digital card requestor, then D1 verifies if this is incompatible with either the card capture method used or the digital card type requested.","properties":{"incompatibleWithCaptureMethod":{"$ref":"#/components/schemas/captureMethodIncompatible"},"incompatibleWithDigitalCardType":{"$ref":"#/components/schemas/digitalCardTypeIncompatible"}},"required":["incompatibleWithCaptureMethod","incompatibleWithDigitalCardType"]},"captureMethodIncompatible":{"title":"captureMethodIncompatible","type":"object","properties":{"result":{"type":"string","enum":["YES","NO","NOT_APPLICABLE"]}},"description":"If the capture method of the card details is NOT one of the following:\n- BANK_APP (card details from the Banking App)\n- TOKEN (card details derived by the TSP from an existing digital card)\n- ON-FILE (card details from a card stored on file)\n\nthen the absence of CVV is unexpected, the result will be YES"},"digitalCardTypeIncompatible":{"title":"digitalCardTypeIncompatible","type":"object","properties":{"result":{"type":"string","enum":["YES","NO","NOT_APPLICABLE"]}},"description":"If the digital card type required is NOT one of the following:\n- COF (card on file)\n- ECOM (e-Commerce)\n\nthen the absence of CVV is unexpected, the result will be YES"},"digitalCardRequestorAssessment":{"title":"digitalCardRequestorAssessment","type":"object","required":["averageScore","deviceScore","accountScore","recommendation"],"properties":{"averageScore":{"type":"string","description":"Average scoring from the digital card requestor. Following values are possible:\n\nNOT_APPLICABLE (score is based on data from digital card requestor. If the data is not available, average can't be computed).\n1\n2\n3\n4\n5"},"deviceScore":{"type":"string","description":"Following values are possible:\n\nNOT_APPLICABLE (score is based on data from digital card requestor. If the data is not available, score can't be provided).\n1\n2\n3\n4\n5"},"accountScore":{"type":"string","description":"Wallet Provider account scoring, low values means high risk.\nFollowing values are possible:\n\nNOT_APPLICABLE (score is based on data from digital card requestor. If the data is not available, score can't be provided).\n\n1 2 3 4 5"},"recommendation":{"$ref":"#/components/schemas/walletRecommendation"},"reasonCodesRecommendationDescription":{"type":"array","description":"This field shall allow to list the received Wallet Reason Code Recommendation(s).Values are mapped to more user friendly descriptions. The full list of mapped codes is available here: https://docs.payments.thalescloud.io/implement-tokenization/card-tokenization-request/processing-the-decision/decision-engine/data-validation-codes/wallet-reason-codes","uniqueItems":true,"items":{"type":"object"}}}},"walletRecommendation":{"type":"string","description":"Wallet/Digital Card Requestor colour recommended during the card tokenization request\n\nPlease note that in certain situations a recommendation might be not provided by the wallet.","enum":["NOT_APPLICABLE","GREEN","YELLOW","ORANGE","RED"]},"idAndVMethods":{"additionalProperties":false,"type":"object","properties":{"supported":{"type":"array","items":{"type":"string"}},"selected":{"type":"string","minLength":1,"maxLength":64,"description":"The following values are possible:\n- OTP_BY_SMS\n- OTP_BY_EMAIL\n- BANK_APP\n- CUSTOMER_SERVICE"}}},"pullType":{"type":"string","description":"The type of operation performed to update card order","enum":["ACCELERATE","ACCELERATE_AND_REDIRECT","CANCEL","REDIRECT"]},"errorGeneric":{"additionalProperties":false,"type":"object","description":"Generic error returned by the APIs.","properties":{"errorCode":{"type":"string","description":"The type of the error"},"error":{"type":"string","description":"Provide more error details if possible.
For example name of the field with invalid format.
This field is for troubleshooting purposes only, it can change at any time so MUST NOT be parsed, and is not supposed to be human readable so CANNOT be displayed to end users."}}}},"responses":{"ServiceUnavailableError":{"description":"The service is temporarily unavailable. You may retry your request later."}},"parameters":{"offset-query-no-max":{"name":"offset","in":"query","schema":{"type":"integer","minimum":0},"description":"Index from which the query starts returning operations (default value: 0)"},"limit-query":{"name":"limit","in":"query","schema":{"type":"integer","minimum":1,"maximum":50,"default":10},"description":"Upper limit of the query"}}},"paths":{"/v1/issuers/{issuerId}/cards/{cardId}/operations":{"get":{"summary":"Get all operations","responses":{"200":{"description":"List of operations associated to the cardId.","content":{"application/json":{"schema":{"type":"object","properties":{"operations":{"type":"array","items":{"$ref":"#/components/schemas/operationCard"}},"remainingOperations":{"type":"integer"}}}}}},"400":{"description":"Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| FIELD_INVALID_FORMAT | Contains the field in error (first found) | no | JSON not well formatted or
One field is not expected format as defined in this documentation |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"401":{"description":"Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field \"error\" is provided.\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| AUTHORIZER_UNAUTHORIZED | Unauthorized message | no | Access token not valid |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"403":{"description":"Forbidden action detected by WAF or the application. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| AUTHORIZER_FORBIDDEN | not authorized error message | no | User is not authorized to access this resource \n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"404":{"description":"Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:\n| errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | no | No error details available |\n| UNKNOWN_CARD | - | no | Unknown cardId |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"500":{"description":"Internal Server Error. The below table defines the possible error:\n|errorCode | error | Retryable | Comments |\n| -------------- | ------------| ----------| -----------------------------------|\n| - | - | yes | No error details available |\n| INTERNAL_ERROR | error details if any | no | The server has encountered an error when executing the request. |\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorGeneric"}}}},"503":{"$ref":"#/components/responses/ServiceUnavailableError"}},"tags":["Card Operations"],"operationId":"get-all-card-operations-by-cardId","parameters":[{"$ref":"#/components/parameters/offset-query-no-max"},{"$ref":"#/components/parameters/limit-query"}],"description":"This request is used by the issuer backend to retrieve all operations related to a card. The API specifies the starting point (offset) and the number of operations (limit) to be retrieved. Offset 0 (the default) corresponds to the most recent operation. For example a limit of 5 and an offset of 2 would return the five most recent operations before the most recent two”.\n\nIf no operations are available for the given cardId, an empty list is returned.\n\nOperations that are older than 3 months are removed."}}}}
````
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.payments.thalescloud.io/push-provisioning/integrate-the-d1-api/d1-api-reference/inbound-api-to-d1/card-api.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.