Retrieve a token

Retrieve a token with specified identifier string.

SecurityPublishableApiKey
Request
path Parameters
token
required
string

The token identifier string.

Responses
200

Token was retrieved.

Response Schema: application/json
method
required
string

The token payment method.

required
object

The payment card instrument details.

expMonth
required
integer

Payment Card expiration month.

expYear
required
integer

Payment Card expiration year.

bin
string <bin>

Payment Card BIN (the PAN's first 6 digits).

last4
string

Payment Card PAN's last 4 digits.

brand
string

Payment card brand.

Enum: "Visa" "MasterCard" "American Express" "Discover" "Maestro" "Solo" "Electron" "JCB" "Voyager" "Diners Club" … 4 more
object

The billing address object. Required to perform payments. For payment-card updates, billingAddress can be ignored.

firstName
string or null <= 45 characters ^[\w\s\-\pL,.']+$

Contact's first name.

lastName
string or null <= 45 characters ^[\w\s\-\pL,.']+$

Contact's last name.

organization
string or null <= 255 characters ^[\w\s\-\pL,.'&]+$

The contact's organization.

address
string or null <= 60 characters ^[\w\s\-\/\pL,.#;:()']+$

First line of the contact's street address.

address2
string or null <= 60 characters ^[\w\s\-\/\pL,.#;:()']+$

Second line of the contact's street address.

city
string or null <= 45 characters ^[\w\s\-\pL,.']+$

Contact's city of residence.

region
string or null <= 45 characters ^[\w\s\-\/\pL,.#;:()']+$

Contact's region of residence.

country
string or null <= 2 characters ^[A-Z]{2}$

Contact's country of residence in ISO 3166 alpha-2 country code. For examples, see ISO.org.

postalCode
string or null <= 10 characters ^[\w\s\-]+$

Contact's postal code.

Array of objects (ContactPhoneNumbers)

List of phone numbers associated with the contact.

Array
label
required
string <= 45 characters

Phone number label or name.

value
required
string <= 50 characters

Phone number value.

primary
boolean

Specifies whether the phone number is the contact's primary phone number.

Array of objects (ContactEmails)

List of email addresses associated with the contact.

Array
label
required
string <= 45 characters

Email label or name.

value
required
string <email> <= 255 characters

Email address value.

primary
boolean

Specifies whether the email address is the contact's primary email address.

dob
string or null <date>

Contact's date of birth in ISO-8601 YYYY-MM-DD format.

jobTitle
string or null <= 255 characters ^[\w\s\-\/\pL,.#;:()']+$

The contact's job title.

hash
string <= 40 characters

Use this value to compare contacts for identical attribute values.

id
string <= 50 characters

The token identifier string.

isUsed
boolean
Default: false

Whether the token was already used.

object (Risk metadata)

Risk metadata used for 3D Secure and risk scoring.

ipAddress
string <ipv4 or ipv6>

Customer's IP address.

fingerprint
string <= 50 characters

Customer's fingerprint.

object (HttpHeaders)

The HTTP headers.

property name*
additional property
string
object (Browser data)

Browser data used for 3D Secure and risk scoring.

colorDepth
required
integer [ 1 .. 48 ]

Browser color depth in bits per pixel. This value is obtained using the screen.colorDepth property.

isJavaEnabled
required
boolean

Specifies whether Java is enabled in a browser. This value is obtained from the navigator.javaEnabled property.

language
required
string <= 8 characters

Browser language settings. This value is obtained from the navigator.language property.

screenWidth
required
integer [ 0 .. 65535 ]

Width of the browser screen. This value is obtained from the screen.width property.

screenHeight
required
integer [ 0 .. 65535 ]

Height of the browser screen. This value is obtained from the screen.height property.

timeZoneOffset
required
integer [ -1410 .. 1410 ]

Browser time zone offset in minutes from UTC. A positive offset indicates that the local time is behind UTC. A negative offset indicates that the local time is ahead of UTC. You can find this value using the (new Date()).getTimezoneOffset() property.

object (Extra data)

Third party data used for risk scoring.

kountFraudSessionId
string [ 10 .. 32 ]

Alpha-numeric fraudSessionId as provided by the Kount SDK.

payPalMerchantSessionId
string [ 1 .. 64 ]

MerchantSessionID as generated by the PayPal Fraudnet SDK.

threatMetrixSessionId
string [ 1 .. 128 ] [a-zA-Z0-9_-]+

Temporary identifier that is unique to the visitor's session and passed to ThreatMetrix.

isProxy
boolean

Specifies whether the customer's IP address is related to a proxy.

isVpn
boolean

Specifies whether the customer's IP address is related to a VPN.

isTor
boolean

Specifies whether the customer's IP address is related to TOR.

isHosting
boolean

Specifies whether the customer's IP address is related to hosting.

vpnServiceName
string

VPN service name, if available.

isp
string

Internet Service Provider (ISP) name, if available.

country
string <= 2 characters

Country ISO Alpha-2 code of the specified IP address.

region
string

Region of the specified IP address.

city
string

City of the specified IP address.

latitude
number <double>

Latitude of the specified IP address.

longitude
number <double>

Longitude of the specified IP address.

postalCode
string <= 10 characters

Postal code of the specified IP address.

timeZone
string

Time zone of the specified IP address.

accuracyRadius
integer

Accuracy radius of the specified IP address, in kilometers.

distance
integer

Distance between the customer's IP address and the billing address geolocation, in kilometers.

hasMismatchedBillingAddressCountry
boolean

Specifies whether the customer's billing address country and geo-IP address are not the same.

hasMismatchedBankCountry
boolean

Specifies whether the customer's bank country and geo-IP address are not the same.

hasMismatchedTimeZone
boolean

Specifies whether the customer's browser time zone and the IP address associated time zone are not the same.

hasMismatchedHolderName
boolean

Specifies whether the customer's billing address name and primary address name are not the same.

hasFakeName
boolean

Specifies whether the holder name seems fake.

isHighRiskCountry
boolean

Specifies whether the geo-IP country, or the customer's billing country, is considered a high risk country.

paymentInstrumentVelocity
integer

Number of transactions for this payment instrument, based on fingerprint, in the last 24 hours.

declinedPaymentInstrumentVelocity
integer

Number of declined transactions for this payment instrument fingerprint in the last 24 hours.

deviceVelocity
integer

Number of transactions for this device, based on fingerprint, in the last 24 hours.

ipVelocity
integer

Number of transactions for this IP address in the last 24 hours.

emailVelocity
integer

Number of transactions for this email address in the last 24 hours.

billingAddressVelocity
integer

Number of transactions for this billing address in the last 24 hours.

score
integer

Computed risk score based on all factors.

createdTime
string <date-time>

Token created time.

updatedTime
string <date-time> (UpdatedTime)

Read-only timestamp. This value updates when the resource is updated.

usageTime
string <date-time>

Token usage time.

expirationTime
string <date-time>

Token expiration time.

Array of objects (Self) non-empty

Related resource links.

Array (non-empty)
href
required
string

Link URL.

rel
required
string

Type of link.

Value: "self"
401

Unauthorized access. Invalid credentials used.

403

Access forbidden.

404

Resource not found.

get/tokens/{token}
Request samples
$paymentCardToken = $client->paymentCardTokens()->load('tokenId');
Response samples
application/json
{
  • "method": "payment-card",
  • "paymentInstrument": {
    },
  • "billingAddress": {
    },
  • "id": "4f6cf35x-2c4y-483z-a0a9-158621f77a21",
  • "isUsed": false,
  • "riskMetadata": {
    },
  • "createdTime": "2019-08-24T14:15:22Z",
  • "updatedTime": "2019-08-24T14:15:22Z",
  • "usageTime": "2019-08-24T14:15:22Z",
  • "expirationTime": "2019-08-24T14:15:22Z",
  • "_links": [
    ]
}