> ## Documentation Index
> Fetch the complete documentation index at: https://developers.pcibooking.net/llms.txt
> Use this file to discover all available pages before exploring further.

# API Reference Overview

> PCI Booking REST API reference. Base URL, authentication, response format, and a map of all available endpoints.

This reference documents every endpoint in the PCI Booking API. If you are new to PCI Booking, start with the guides:

* [Introduction](/start-here/introduction). What PCI Booking does and how the platform works.
* [Create an Account](/getting-started/create-account). How to get sandbox and production API keys.
* [Quickstart](/start-here/quickstart). Tokenize a card and process a payment in minutes.

## Base URL

All API calls use a single base URL for both sandbox and production:

```text theme={null}
https://service.pcibooking.net/api
```

The only difference between sandbox and production is your API key. See [Testing and Going Live](/getting-started/testing-and-going-live) for details.

## Authentication

Most endpoints require an API key passed in the `Authorization` header:

```http theme={null}
Authorization: APIKEY your-api-key
```

For browser-side calls (card entry forms, payments library), generate a temporary session token first. See the [Authentication guide](/getting-started/authentication) for full details on API keys, session tokens, and access tokens.

## Response Format

Responses are JSON. Successful calls return `200` with the result in the body. Errors return a standard error object:

```json theme={null}
{
  "code": -1003,
  "message": "Not authorized to access this resource",
  "moreInfo": "Bad or missing authorization data, expected APIKEY",
  "errorList": null
}
```

## Endpoint Sections

| Section                                                                | What It Covers                                                                                                     |
| ---------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ |
| **[Capture Cards](/api-reference/tokenize-cards/overview)**            | Tokenize cards from hosted forms, email/SMS links, third-party API responses, file transfers, or direct migration. |
| **[Manage Tokens](/api-reference/manage-tokens/overview)**             | Query, update, delete tokens. CVV management, 3D Secure storage, customer associations, risk assessment.           |
| **[Use Tokens](/api-reference/process-cards/overview)**                | Process payments via 100+ gateways, replace tokens in HTTP requests and files, display card details securely.      |
| **[Data Blocks](/additional-functions/data-blocks)**                   | Store and retrieve arbitrary data blocks associated with tokens.                                                   |
| **[Contact Verification](/additional-functions/contact-verification)** | Verify cardholder contact details (email, phone).                                                                  |
| **[Payments Library](/api-reference/payments-library/create-session)** | Server-side session management for the client-side Payments Library.                                               |
