> ## Documentation Index
> Fetch the complete documentation index at: https://developers.pcibooking.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Target Profiles

> Configure target profiles with content filters to define how PCI Booking tokenizes and detokenizes card data in API requests and responses

A target profile is a reusable configuration that tells PCI Booking how to exchange card data with a specific third party. Each profile defines the message format, where card fields are located, and what certificates to use for the connection.

Profiles are used by:

* [Tokenization on Response](/capture-cards/tokenization-on-response) - extract card data from third-party responses
* [Tokenization on Request](/capture-cards/tokenization-on-request) - extract card data from inbound third-party requests
* [Token Replacement in Request](/use-tokens/token-replacement-in-request) - inject card data into outbound requests
* [Token Replacement in Response](/use-tokens/token-replacement-in-response) - inject card data into responses

You create a profile once per third-party message format, then reference it by name in your API calls.

## Profile Settings

| Setting                           | Required         | Description                                                                                                                                                        |
| --------------------------------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **Name**                          | Yes              | Unique alphanumeric identifier used to reference the profile in API calls. Cannot be changed after creation.                                                       |
| **Description**                   | No               | Free-text notes documenting what this profile is for.                                                                                                              |
| **HTTP Client Certificate**       | No               | Client certificate for mutual TLS authentication with the third party. Upload certificates via [Client Certificates](/account-setup/client-certificates).          |
| **Content Signing Certificate**   | No               | Certificate for digitally signing outbound message content.                                                                                                        |
| **Card URI HTTP Header**          | For tokenization | HTTP header name where PCI Booking places the token URI when tokenizing card data. Required when using a tokenization content filter.                              |
| **Tokenization Content Filter**   | See below        | XML structure defining where card fields are in the message, used when extracting and tokenizing card data. See [Content Filters](/account-setup/content-filters). |
| **Retrieve Cards Content Filter** | See below        | XML structure defining where to inject card data when replacing tokens. See [Content Filters](/account-setup/content-filters).                                     |

<Info>
  At least one content filter (tokenization or retrieve cards) is required. A profile used only for tokenization needs only the tokenization filter. A profile used only for token replacement needs only the retrieve cards filter. Many profiles have both.
</Info>

## Two Types of Content Filters

Each profile can contain two separate content filters, each serving a different direction of data flow:

* **Tokenization filter** - tells PCI Booking how to **read** card data from the message (for tokenization operations). PCI Booking locates the card fields, extracts the values, stores them securely, and replaces them with tokens.

* **Retrieve cards filter** - tells PCI Booking how to **write** card data into the message (for token replacement operations). PCI Booking locates the token placeholders and injects the real card data.

In many cases the same XML structure works for both directions, but some integrations require different selectors for reading vs. writing.

## Creating a Profile

1. Log in to the [PCI Booking portal](https://users.pcibooking.net).
2. Navigate to **PCI Shield Settings** > **PCI Shield Profile Settings**.
3. Click the plus icon to create a new profile.
4. Enter a **Name** (alphanumeric, cannot be changed later).
5. Configure the settings from the table above.
6. Add at least one content filter (tokenization, retrieve cards, or both).
7. Save the profile.

From this screen you can also view, edit, clone, or delete existing profiles.

<Warning>
  The profile **Name** cannot be changed after creation. Choose a descriptive name that identifies the third party and message format (e.g., `BookingComXML`, `SabreGDS`).
</Warning>

## Universal Profiles (Pre-Built)

Many PCI Booking customers connect to the same third parties (booking platforms, OTAs, channel managers, GDS providers). For these common integrations, PCI Booking maintains [universal profiles](/capture-cards/universal-tokenization) that are already built and ready to use.

Reference the universal profile name in your request instead of creating a custom one.

Check with [support@pcibooking.net](mailto:support@pcibooking.net) to see if a universal profile already exists for your third party.

<Info>
  Need help creating a custom profile? Send a sample of the message you exchange with the third party to [support@pcibooking.net](mailto:support@pcibooking.net). Our team will build the profile for you.
</Info>

## Next Steps

<CardGroup cols={2}>
  <Card title="Content Filters" icon="book" href="/account-setup/content-filters">
    Define where card fields appear in a message using selectors
  </Card>

  <Card title="Client Certificates" icon="book" href="/account-setup/client-certificates">
    Upload certificates for mutual TLS
  </Card>

  <Card title="Tokenization on Response" icon="book" href="/capture-cards/tokenization-on-response">
    Tokenize card data from third-party responses
  </Card>

  <Card title="Token Replacement in Request" icon="book" href="/use-tokens/token-replacement-in-request">
    Replace tokens with real card data in outbound requests
  </Card>
</CardGroup>
