PCI Booking provides a simple, Restful, API to perform all actions regarding a credit card.

PCI Booking is made up of several application areas. This developers site contains a guide and a reference manual for each application area.

  • The guides allow software architects and designers to have a broad view on the system operation and easily pick up those components which can fit the best different application scenarios.
  • The reference manuals allow developers to have a clear understanding of which methods are available, what input parameters are required for each method and the expected results of each.

Setting up Target Profiles

Before a PCI Booking customer can push card details to a third party via PCI Booking or pull card details from a third party via PCI Booking, the customer needs to first define a “target profile” for each third-party schema.

These profiles are used for:

  • Tokenizing: when processing the response to a request to pull card details from a third party (for more information, click here)
  • Token replacement: when processing a request to send a token to a third party and exchanging the token for full credit card details (for more information, click here).

In order to manage and add target profiles, please follow these steps:

  • Login to the PCI Booking users' portal
  • In the menu bar on the left, go to "PCI Shield Settings" > "PCI Shield Profile Settings".
  • This screen will show you the list of target profiles already created in your account - with an option to delete, clone and save the profile. At the bottom of the page will be an option to create a new profile.

When creating or editing a target profile, you will need to provide the following parameters:

Field nameDescriptionRequired
NameUnique name of the profile. You will reference this name in the Tokenization in Response and the Token Replacement methods of the API.
Validation: Allowed characters: a-z, A-Z, 0-9.
Yes. Note: This is a mandatory field, and cannot be edited after saving.
DescriptionA short description, where the user can explain the profile usage.No
HTTP client certificateIf the third party requires client certificate for authentication, you will select the relevant certificate to be used from this dropdown list.
Follow these instructions to Upload Client Certificates.
No
Content signing certificateIf the third party requires a certificate in order to sign the content of the message, you will select the relevant certificate to be used from this dropdown list.
Follow these instructions to Upload Client Certificates.
No
CustomEncryptionNameIf the third party requires content encryption, you will select the relevant certificate to be used from this dropdown list.
Please contact our support team in order to add additional custom encryption options.
No
Card URI HTTP headerDefine the header name that PCI Booking will use in order to provide the card token URI when using the Tokenization in Response method.
Recommended header syntax: X-token.
Required when the "Tokenization" content filter is provided.
TokenizationA XML structure to define the content filter for parsing the message and extracting the card details and the 3DS authentication result data from the message.
Read more about Content Filters.
One of the two is required: "Tokenization" or "Retrieve cards"
Retrieve cardsA XML structure to define the content filter for parsing the message and adding the card details and the 3DS authentication result data into the message.
Read more about Content Filters.
One of the two is required: "Tokenization" or "Retrieve cards"

Updated 5 months ago

Setting up Target Profiles


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.