Skip to main content
PUT

File Transfer Token Replacement Guide

Replace tokens with card data in FTPS file transfers
Performs token replacement on a file and uploads the result directly to an FTPS server. Use this when your payment processor or partner requires batch file delivery over FTPS (FTP over TLS). PCI Booking replaces all card tokens in the file body with real card data before uploading.

Error Responses

Parameter Constraints

  • serverAddress: Format is hostname or hostname:port. Only one colon is allowed. Default port is 22.
  • filter: Must be one of: GBT, SIMPLECSV, SIMPLEJSON, AIR, IUR, TADC, CSV. Case-insensitive.
  • Authorization header: Must contain valid Basic Auth credentials (username:password) for the FTPS server.

Parameters

Authentication

This is a browser-facing endpoint. Use one of the authentication methods below instead of the API key shown above.
accessToken
string
Recommended. A long-lived token for browser-side calls. How to generate.
sessionToken
string
Alternative. Valid for 5 minutes. How to generate.
If both are provided, the session token takes precedence.

Path Parameters

serverAddress
string
required
The FTPS server address. This can be an IP address or domain name. Add the port number with a colon if required. For example: fsgatewaytest.aexp.com:22 or 10.200.1.10.
folderPath
string
required
The folder path where the file should be uploaded to. This can be an individual folder or a full path.
fileName
string
required
The file name for the content being uploaded, including extension. For example: PCIBTST.xml.

Query String

filter
string
required
Indicates the format of the file being sent. Read more on Supported Formats.
timeout
string
The timeout, in seconds, for the FTPS server to respond.

Headers

X-PciBooking-carduri
string
required
Comma-separated token values to insert into the file. Tokens should be listed in the order of their appearance. For tokens appearing multiple times, include the number of occurrences in square brackets.
Authorization
string
required
The authorization parameter used to authenticate to the FTPS server.
Content-Encoding
string
Supported compression formats: gzip and deflate. Omit this header if no compression is needed.

Request Body

The request body contains the raw file content as text. PCI Booking replaces any token placeholders with real card data (based on the filter format), then uploads the result to the FTPS server.

Response