RPG Multi Use Card Tokens
Credit card information can be converted to card tokens that can be stored and used to charge a customer at a later date. This is particularly useful for avoiding storing card information on your servers. Multi use tokens can only be created using a private access token and should be treated as confidential information.
The Multi Use Card Token API endpoint ('/api/token/multi') can be used to create, disable and get info on these tokens.
Creating multi use card tokens
Request objects
TokenMultiRequest
| Name | Description |
|---|---|
| PAN Conditional |
Credit card number, should not contain dashes(-) or spaces. |
| ExpMonth Conditional |
Expiration month on card, format: MM. Required if PAN is provided. |
| ExpYear Conditional |
Expiration year on card, format: YYYY. Required if PAN is provided. |
| TokenSingle Conditional |
Single use token to create Multi use token from. If TokenSingle is used then PAN, ExpMonth and ExpYear should be empty. |
| VerifyCard Optional |
If provided, the card will be verified by authorizing the card using information given in the VerifyCard object. Note that authorizations performed this way will be cancelled immediately. |
| Metadata Optional |
Metadata object for token that is specified by the merchant. Note: Never store sensitive data in the Metadata parameter |
VerifyCard
| Name | Description |
|---|---|
| CheckAmount Required |
Amount to authorize card for. 0 amount is allowed. |
| Currency Conditional |
Currency in ISO4217 format. Example: 352 for ISK. Required if amount is not 0, if amount is 0 and currency is not set RPG will use Merchant Contract default currency when performing the authorization request. |
| CVC Optional |
If provided CVC value will be used when performing the authorization request. |
Metadata
| Name | Description |
|---|---|
| Payload Required |
Merchant Metadata associated with the token. Datatype is string. |
Response objects
TokenMultiInfo
| Name | Description |
|---|---|
| Token Required |
Multi Use Card Token that can be used to charge the card. |
| PAN Required |
Masked Credit card number that was used to generate the token. |
| ExpMonth Required |
Expiration month on card, format: MM. |
| ExpYear Required |
Expiration year on card, format: YYYY. |
| Enabled Required |
Boolean value that indicates if the token has been disabled. |
| VerifyCardResult Conditional |
If VerifyCard authorization was performed this object will contain the ActionCode and TransactionId for the authorization. |
| VirtualNumber Required |
Virtual number that can be used if performing transaction using B-Gateway. |
| Metadata Optional |
Metadata object for token that was specified by the merchant. |
VerifyCardResult
| Name | Description |
|---|---|
| TransactionId Required |
Id of transaction that performed the card verification. |
| ActionCode Required |
ActionCode of transaction. See list of ActionCode responses. |
Metadata
| Name | Description |
|---|---|
| Payload Required |
Merchant Metadata associated with the token. Datatype is string. |
Example - Creating multi use card token
curl <SERVICE_URL>/api/token/multi \
-u <ACCESS_TOKEN>: \
-d "PAN=4242424242424242" \
-d "ExpYear=2020" \
-d "ExpMonth=01"
TokenMultiRequest req = new TokenMultiRequest()
{
PAN = "4242424242424242",
ExpMonth = "10",
ExpYear = "2020"
};
RPGClient client = new RPGClient("<PRIVATE_ACCESS_TOKEN>", "<SERVICE_URL>");
TokenMultiResponse response = await client.TokenMulti.CreateAsync(req);
Get token info
To get token information you can perform a GET request to /api/token/multi/<TOKEN> where <TOKEN> is a Multi use card token. The request will return a TokenMultiInfo object.
Example - Get Token Info
curl <SERVICE_URL>/api/token/multi/<TOKEN> \
-u <PRIVATE_ACCESS_TOKEN>:
RPGClient client = new RPGClient("<PRIVATE_ACCESS_TOKEN>", "<SERVICE_URL>");
TokenMultiResponse response = await client.TokenMulti.GetAsync("<TOKEN>");
Disable token
To disable a token you can perform a PUT request to /api/token/multi/<TOKEN>/disable where <TOKEN> is a Multi use card token.
Example - Disabling Token
curl <SERVICE_URL>/api/token/multi/<TOKEN>/disable \
-u <PRIVATE_ACCESS_TOKEN>: \
-X PUT \
-d ""
RPGClient client = new RPGClient("<PRIVATE_ACCESS_TOKEN>", "<SERVICE_URL>");
TokenMultiResponse tokenResponse = await client.TokenMulti.DisableAsync(<TOKEN>);