Card API
Methods to control cards
Last updated
Methods to control cards
Last updated
This method can be used to send a request to a 3rd party service (eg. OTA or CM) and extract the credit card information from the response (e.g. Booking with card details inside).
Arguments
| Argument | Description |
|---|---|
Any provided Headers or Content Body will be provided to Target endpoint without any changes.
Method will return answer from Target Endpoint. Credit Card data will be masked based at Tokenization Profile settings.
Credit card token can be returned at Header X-PCI-VAULTERA-TOKENS or inside specific node at response body.
Please, read more about Tokenization Profiles.
To get Credit Card information from your Guests, you can use Capture Card Embedded Form.
This method return HTML Page what you can embed into your application to collect Card information from clients.
To generate the Card Capture Form you should generate a Session Token with scope card.
You can find out more information about Capture Card Form here.
Sometimes you would like to save a Card directly with Vaultera PCI. To do that, you can use this method.
Method will return success response with code 200 OK. Response will contain credit card info with masked fields and card_token which can be used for another operations with cards.
This is useful if you wish to move cards from another PCI Service to Vaultera.
To send card to a 3rd party service (e.g. Payment Gateway), you can use the the Send Card method:
Arguments
Query Body is optional and depends to Target Endpoint API. Basically, it should contain structure expected by Target Endpoint. To insert real card data into request you can use Drop Ins.
Method with return response from Target Endpoint.
By PCI DSS rules, we should remove Service Code immediately after the card is Authorized. Some operations at our API call this action automatically. But, because you can catch some problems with Send Card method (3rd party service provide error response), we do not remove Service Code automatically after using the Send Card Method. If your application successfully sent the card info to the 3rd party service, please call Authorize Card method.
Please use this method to remove the service code once you have successfully sent the card to the payment gateway. This is an important part of PCI-DSS.
If card is not longer required for your business processes, you should remove it from storage by calling this method:
To implement the ability to Show Card at your application you can use method Show Card. This method will return HTML Page with credit card information that you can insert into your application.
Arguments
By default, Vaultera PCI will return a HTML page where user can see Card Number, Expiration Date, Card Type and Cardholder Name, but Service Code (CVV, CVC) will be hidden. To be able to see Service code, you should provide the service_code_token which will be used to request Service Code.
Service Code will be hidden by a button, by clicking this button the user will load Service Code and it will be immediately removed from Storage.
Our iframe to show card information makes the user click to see the service code (CVV/CVC). This is helpful because once it is viewed it must be deleted.
| Argument | Description |
|---|---|
method
HTTP Method to send request to target endpoint. One of: get, post, put, delete, patch head, options
url
Encoded URL of Target Endpoint, should use https protocol
profile
Tokenization profile what should be applied to extract Credit Card data from Response
Argument
Descriotion
card_token
Credit Card token at Vaultera
method
HTTP Method to send request to target endpoint. One of: get, post, put, delete, patch, head, options
url
Encoded URL of Target Endpoint, should use https protocol
card_token
Card token at Vaultera.PCI
session_token
One-off Session token with scope show_card
service_code_token
One-off Session token with scope show_service_code to show Card Service Code