search

POSTTokenize Card API (Sync)

Use Case

Used to tokenize a card to create a network-based card token. Token attributes such as Token Index Number, Token, Token Expiry etc all are provided in sync response.

Request Attributes

Content Type : JSON

Head

AttributeDescription
version
string
mandatory

Version of the API
Possible Value: v1

requestTimestamp
string
mandatory

EPOCH timestamp of the time at which request is being sent

Possible Value: 1588402269

requestId
string
mandatory

Merchant’s Unique Request ID for card tokenization

Possible Value: Any

signature
string
mandatory

Paytm validates the request and ensures that parameters are not tempered by verifying the signature in the request. For creating the checksum (signature) refer to the steps given in Checksum Logic.
Note: Create the signature using the body parameter of the request.

Possible Value: Any

signatureType
string
mandatory

Authorization method for this request.

Possible Value: CHECKSUM

clientId
string
optional

Paytm uses the merchant key on the basis of clientId parameter value. It is required only if the merchant has more than one key.

encryptionKeyVersion
string
optional

Paytm uses the merchant key on the basis of the encryption key version. It is required only if the merchant has more than one key.

Possible Value: v1

Body

AttributeDescription
authRefId
string
conditional

Authentication ID for the 2FA transaction generated as received from the acquirer.
Possible Values: Any

cardSource
string
mandatory

The source where PAN was captured. Must be one of the possible values.
Possible values: CARD_ON_FILE, MANUAL_ENTERED, CARD_SCAN

encryptedCardData
string
mandatory

encrypted card data object. Refer 8.2 cardData object

userInfo
object
mandatory

customer info object

userInfo
+
AttributeDescription
custId
string
mandatory

 Merchant customer id/consumer id

Possible Values: Any

firstName
string
optional

Customer/consumer first name

Possible Values: Any

lastName
string
optional

Customer/consumer last name

Possible Values: Any

mobileNumber
string
optional

Customer/consumer mobile no

Possible Value: Any (valid mobile no)

tokenizationConsent
object
mandatory

user consent detail.

tokenizationConsent
+
AttributeDescription
userConsent
boolean
mandatory

Tokenisation consent from the user in a boolean expression
Sample Value: (1,0) 

createdAt
string
mandatory

Timestamp when user consented for tokenization was captured
Sample Value: Jul 22, 2021 02:46:54 PM

userConsentId
string
optional

The ID of the message displayed to the user for consent

language
string
optional

Language in which consent was accepted by end customer
Sample Value: en

platform
string
optional

PHONE, TABLET, PC, WATCH, OTHER,API
Sample Value: APP

os
string
optional

The OS on which consent was given by the user such as Android, IOS, Windows, Web, Others
Sample Value:androidapp

appVersion
string
optional

App version of merchant or Paytm on which consent was collected
Sample Value: 9.10.2

locale
string
optional

Location of application communicating to cardholder
sample value. en-IN

ip
string
optional

IP address of the device that accepted the consent
Sample Value: 157.35.79.240

deviceId
string
optional

Device ID of the device that accepted the consent
Sample Value :samsung-SM-A260G-01b9ec5dc11fc570

deviceName
string
optional

Device Name of the device that accepted the consent
Sample Value: SM-A260G\

Response Attributes

Content Type : JSON

Head

AttributeDescription
Version
string

Version of the API
Possible Value: v1

responseTimestamp
string

EPOCH timestamp of the time at which request is being received

Possible Value: 1588402269

requestId
string

Merchant’s Unique Request ID for card tokenization

Possible Value: Any

Body

AttributeDescription
mid
string

Paytm provides MID as a unique identifier to each merchant. For your staging MID, click here. You get the production MID post the account activation.

Example: INTEGR7769XXXXXX9383

tokenInfo
object

Token Info object contains the card token information.

tokenInfo
+
AttributeDescription
tokenIndexNumber
string

Unique Token Reference ID provided by Paytm Token Service.
Possible Value: Any Alphanumeric

cardScheme
string

The network used for card token generated
Possible Values: VISA, MASTER, RUPAY
 

tokenExpiry
string

Expiry of the card token.

Possible Value: MMYYYY format .ie 092021

issuingBankName
string

Name of the bank issuing the card.

Possible Value : Any

cardSuffix
string

Last 4 digits of the reall card.

Possible Value: Any

tokenUniqueReference
string

Token reference number provided by the card network for a given tokenization request.

Possible Value: Any

panUniqueReference
string

The unique reference allocated to the Primary Account Number by the card network also known as PAR.

Possible Value: Any

cardType
string

Type of the card
Possible Values: CC or DC
 

displayName
string

Display name of the card
Example: HDFC Bank Regalia
 

tokenSuffix
string

Last 4 digits of token

tokenStatus
string

The status of the token. Must be one of the four possible values.
INIT: Tokenization is not yet complete
SUSPENDED: Card Token has been temporarily disabled.
ACTIVE: Card token is active and transactions can be processed with the same.
DEAD: Card Token has been deleted permanently.
 

isRetriable
string

This parameter will be returned true only if the requested Token Index Number will undergo a retry before June 30, 2022. 
Note - Retry of token failures is an optional feature offered by Paytm TG.

Possible Value: true

resultInfo
object

status object

ResultInfo
+
AttributeDescription
resultCode
string

Response code for different failure reason

Possible Values: Any

resultStatus
string

Response status

Possible Values: S/F/U

resultMsg
string

Response message

Possible Values: Any

⇾
Staging
Production
https://securegw-stage.paytm.in/coft-center/coft/merchant/{mid}/tokenize/direct?requestId={request-id}copy icon
REQUEST
RESPONSE
CURL
PHP
PYTHON
NODE
DOTNET
curl -X POST 'https://securegw-stage.paytm.in/coft/merchant/{mid}/tokenize/direct?requestId={request-id}
' \
--header 'Content-Type: application/json' \
--data '{"body":{"authRefId":"501123338","cardSource":"CARD_ON_FILE","encryptedCardData":"Encrypted cardData object","userInfo":{"custId":"CUST_001","firstName":"","lastName":"","mobileNumber":""},"tokenizationConsent":{"userConsent":1,"createdAtuser":"Apr 27, 2022 02:46:54 PM","userConsentId":"1234","language":"en","platform":"APP","os":"androidapp","appVersion":"9.10.2","locale":"en-IN","ip":"157.35.79.240","deviceId":"samsung-SM-A260G-01b9ec5dc11fc570","deviceName":"SM-A260G"}},"head":{"version":"v1","requestTimestamp":"1544614590000","requestId":"merchre000001","signature":"{signature}","signatureType":"{CHECKSUM}","clientId":""}}'

 

copy icon