> ## Documentation Index
> Fetch the complete documentation index at: https://developers.pcibooking.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Get CVV Retention Policy for Specific Destination

> Retrieve the CVV retention policy for a single destination, including its usage count.

Returns the retention policy for a single destination on this token, including how many times the CVV has been sent there.

<Card title="CVV Retention Policy Guide" icon="book" href="/capture-cards/cvv-retention-policy">
  Control how long CVV data is retained and who can use it
</Card>

## Error Responses

| Code    | HTTP Status | Condition                                                                 |
| ------- | ----------- | ------------------------------------------------------------------------- |
| `-1003` | `401`       | API key is missing or invalid.                                            |
| `-1003` | `401`       | Authenticated user does not have `ForceCVVRetentionPolicy` permission.    |
| `-1003` | `401`       | Token does not belong to the authenticated user.                          |
| `-125`  | `400`       | The token does not have a CVV stored.                                     |
| `-160`  | `404`       | The specified destination does not exist in the token's retention policy. |
| `-150`  | `500`       | An internal system error occurred while retrieving the destination.       |

## Parameter Constraints

* **DestinationType**: Must be a valid destination type. Accepted values: `HostName`, `Owner`, `OtherMerchant`, `SFTP`, `OtherUser`, `Upg`, `IpAddress`, `GeneralProperty`, `OtpCardView`, `Any`.
* **DestinationData**: The format depends on the `DestinationType` (e.g. a valid hostname, IP address, or user ID).

## Parameters

### Headers

<ParamField header="Authorization" type="string" required>
  Your API key prefixed with `APIKEY`. Example: `APIKEY your-api-key`. See the [Authentication guide](/getting-started/authentication).
</ParamField>

### Path Parameters

<ParamField path="cardToken" type="string" required>
  The token ID as returned by one of the tokenization methods.
</ParamField>

<ParamField path="DestinationType" type="string" required>
  One of: `HostName`, `Owner`, `OtherMerchant`, `SFTP`, `OtherUser`. See [destination types](/capture-cards/cvv-retention-policy#destination-types).
</ParamField>

<ParamField path="DestinationData" type="string" required>
  The target identifier for this destination type (e.g. hostname, user ID, IP address).
</ParamField>

<RequestExample>
  ```javascript Node.js theme={null}
  const response = await fetch(
    'https://service.pcibooking.net/api/payments/paycard/2821a46d80e14d1b96a7f18f1b81926d/cvv/Restriction/HostName/gateway.example.com',
    {
      headers: {
        'Authorization': 'APIKEY your-api-key'
      }
    }
  );

  const data = await response.json();
  console.log(data);
  ```

  ```python Python theme={null}
  import requests

  response = requests.get(
      'https://service.pcibooking.net/api/payments/paycard/2821a46d80e14d1b96a7f18f1b81926d/cvv/Restriction/HostName/gateway.example.com',
      headers={'Authorization': 'APIKEY your-api-key'}
  )

  print(response.json())
  ```
</RequestExample>

## Response

<ResponseExample>
  ```json 200 theme={null}
  {
      "CvvDestinationUsage": 3,
      "DestinationType": "HostName",
      "DestinationData": "gateway.example.com",
      "Quota": 10
  }
  ```

  ```json 401 theme={null}
  {
      "code": -1003,
      "message": "Not authorized to access this resource",
      "moreInfo": "Bad or missing authorization data, expected APIKEY",
      "errorList": null
  }
  ```
</ResponseExample>
