# PCI Booking > PCI Booking developer documentation ## Docs - [3DS Merchant Setup](https://developers.pcibooking.net/account-setup/3ds-merchant-setup.md): Configure 3D Secure merchant settings in PCI Booking. MPI credentials, 3DS2 support, and card scheme enrollment. - [Apple Pay Setup](https://developers.pcibooking.net/account-setup/applepay-setup.md): Configure Apple Pay with PCI Booking. Certificate generation, merchant ID registration, and domain verification. - [BankPay Setup](https://developers.pcibooking.net/account-setup/bankpay-setup.md): Configure BankPay (open banking) payments in PCI Booking. Account setup and testing. - [Card By Link Templates](https://developers.pcibooking.net/account-setup/card-by-link-templates.md): Customize email and SMS templates for Card by Link requests. Branding, language, and content configuration. - [Client Certificates](https://developers.pcibooking.net/account-setup/client-certificates.md): Upload client certificates for mutual TLS authentication when PCI Booking connects to your payment gateway. - [Content Filters](https://developers.pcibooking.net/account-setup/content-filters.md): Define XML, JSON, form-encoded, and query string content filters that tell PCI Booking where card data fields are in your messages - [Custom Translations](https://developers.pcibooking.net/account-setup/custom-translations.md): Translate PCI Booking hosted card forms into any language. Override default labels, placeholders, and error messages. - [PSP Credentials](https://developers.pcibooking.net/account-setup/gateway-credentials.md): Store payment gateway credentials in PCI Booking to process payments via the Universal Payment Gateway. - [Google Pay Setup](https://developers.pcibooking.net/account-setup/googlepay-setup.md): Configure Google Pay with PCI Booking. Merchant ID setup and integration options. - [Manage Users and API Keys](https://developers.pcibooking.net/account-setup/manage-users.md): Create users, set roles, generate API keys, and manage access control for your PCI Booking account. - [Payments Library Credentials](https://developers.pcibooking.net/account-setup/payments-library-credentials.md): Generate and manage API credentials for PCI Booking's client-side JavaScript Payments Library. - [PayPal Setup](https://developers.pcibooking.net/account-setup/paypal-setup.md): Configure PayPal payments in PCI Booking. API credentials, webhook setup, and testing. - [Security Settings](https://developers.pcibooking.net/account-setup/security-settings.md): Configure IP restrictions, callback URL whitelisting, and card display permissions in your PCI Booking account - [Stylesheets](https://developers.pcibooking.net/account-setup/stylesheets.md): Customize the look and feel of PCI Booking's hosted card forms and card display pages with your own CSS - [Success and Failure URLs](https://developers.pcibooking.net/account-setup/success-and-failure-urls.md): Configure redirect URLs for hosted card entry form completion and error scenarios. - [Target Profiles](https://developers.pcibooking.net/account-setup/target-profiles.md): Configure target profiles with content filters to define how PCI Booking tokenizes and detokenizes card data in API requests and responses - [UPI Setup](https://developers.pcibooking.net/account-setup/upi-setup.md): Configure UPI payments in PCI Booking for Indian payment processing. - [White Label Email Domain](https://developers.pcibooking.net/account-setup/white-label-email.md): Send Card by Link emails from your own domain. DKIM and SPF configuration for branded email delivery. - [Contact Verification](https://developers.pcibooking.net/additional-functions/contact-verification.md): Verify that a property's email and phone number are valid and reachable using OTP. - [Data Block Tokenization](https://developers.pcibooking.net/additional-functions/data-blocks.md): Store, retrieve, and manage arbitrary data securely using PCI Booking's Data Block service. - [Network Tokenization](https://developers.pcibooking.net/additional-functions/network-tokenization.md): Replace stored card numbers with network-issued tokens from Visa, Mastercard, and Amex for higher approval rates and automatic card updates. - [Virtual Cards](https://developers.pcibooking.net/additional-functions/virtual-cards.md): Issue single-use virtual cards through supported providers and automatically tokenize them in PCI Booking. - [Create Data Block](https://developers.pcibooking.net/api-reference/additional/create-data-block.md): Create a new data block and receive its token ID. - [Create a Verification](https://developers.pcibooking.net/api-reference/additional/create-verification.md): Initiate a new contact details verification via email and OTP. - [Delete Data Block](https://developers.pcibooking.net/api-reference/additional/delete-data-block.md): Delete a data block by its ID. - [Delete Network Token](https://developers.pcibooking.net/api-reference/additional/delete-network-token.md): Delete a network token from both the card network and PCI Booking storage. - [Download Data Block Content](https://developers.pcibooking.net/api-reference/additional/download-data-block-content.md): Download the content of a data block. - [Get Data Block Details](https://developers.pcibooking.net/api-reference/additional/get-data-block-details.md): Retrieve the details and metadata of an existing data block. - [Get Verification Results](https://developers.pcibooking.net/api-reference/additional/get-verification-results.md): Retrieve the final outcome of a completed contact verification. - [Get Verification Status](https://developers.pcibooking.net/api-reference/additional/get-verification-status.md): Check the current status of a contact verification request. - [Get Virtual Card Provider](https://developers.pcibooking.net/api-reference/additional/get-virtual-card-provider.md): Retrieve details and credential requirements for a specific virtual card provider. - [Issue Virtual Card](https://developers.pcibooking.net/api-reference/additional/issue-virtual-card.md): Issue a single-use virtual card through a supported provider and automatically tokenize it. - [List Virtual Card Providers](https://developers.pcibooking.net/api-reference/additional/list-virtual-card-providers.md): Retrieve the list of supported virtual card providers and their credential requirements. - [Network Tokenize a Card](https://developers.pcibooking.net/api-reference/additional/network-tokenize-card.md): Create a network token (Visa, Mastercard, or Amex) from raw card data and store it as a PCI Booking token. - [Network Tokenize from Existing Token](https://developers.pcibooking.net/api-reference/additional/network-tokenize-from-token.md): Create a network token from an existing PCI Booking card token. - [Receive Result Notification](https://developers.pcibooking.net/api-reference/additional/receive-result-notification.md): Callback payload sent by PCI Booking when a contact verification session completes. - [Retrieve VCP Credential Structure](https://developers.pcibooking.net/api-reference/additional/retrieve-vcp-credential-structure.md): Get the list of required credential fields for a specific virtual card provider. - [Search Data Blocks](https://developers.pcibooking.net/api-reference/additional/search-data-blocks.md): Search for data blocks by reference, with pagination support. - [Update Data Block Details](https://developers.pcibooking.net/api-reference/additional/update-data-block-details.md): Update the details and metadata of an existing data block. - [Upload Data Block Content](https://developers.pcibooking.net/api-reference/additional/upload-data-block-content.md): Upload content to an existing data block (up to 50MB). - [Add or update CSS](https://developers.pcibooking.net/api-reference/general/add-update-css.md): Create a new CSS record or update an existing one by replacing its content. - [Authenticate API Key](https://developers.pcibooking.net/api-reference/general/authenticate.md): Verify that the PCI Booking service is available and your API key is valid. - [Delete CSS Record](https://developers.pcibooking.net/api-reference/general/delete-css-record.md): Delete a CSS record from your PCI Booking account. - [Get Supported Credit Cards](https://developers.pcibooking.net/api-reference/general/get-supported-cards.md): Retrieve the list of supported credit card type codes. - [List All CSS Records](https://developers.pcibooking.net/api-reference/general/list-css-records.md): Retrieve a list of all CSS records in your account. - [Retrieve CSS Record](https://developers.pcibooking.net/api-reference/general/retrieve-css-record.md): Retrieve the content of a particular CSS record stored in PCI Booking. - [Start a Temporary Session](https://developers.pcibooking.net/api-reference/general/start-temporary-session.md): Start a new session for capturing a customer's payment card. - [Associate with Customer](https://developers.pcibooking.net/api-reference/manage-tokens/associate-with-customer.md): Associate a token with another PCI Booking customer, allowing them to perform actions on this token. - [Clear CVV](https://developers.pcibooking.net/api-reference/manage-tokens/clear-cvv.md): Immediately delete the CVV stored on a token. - [Delete 3D Secure Data](https://developers.pcibooking.net/api-reference/manage-tokens/delete-3d-token.md): Delete the 3D Secure authentication data stored on a token. This does not affect the token itself. - [Delete Creator Reference](https://developers.pcibooking.net/api-reference/manage-tokens/delete-creator-reference.md): Remove the creator reference value from an existing token. - [Delete CVV Retention Policy](https://developers.pcibooking.net/api-reference/manage-tokens/delete-cvv-retention-policy.md): Delete the entire CVV retention policy for a token, reverting to the system-wide default. - [Delete CVV Retention Policy by Destination Type](https://developers.pcibooking.net/api-reference/manage-tokens/delete-cvv-retention-policy-type.md): Remove all destinations of a specific type from the CVV retention policy. - [Delete CVV Retention Policy by Destination](https://developers.pcibooking.net/api-reference/manage-tokens/delete-cvv-retention-policy-type-data.md): Remove a single destination from the CVV retention policy. - [Delete Token](https://developers.pcibooking.net/api-reference/manage-tokens/delete-token.md): Permanently delete a token and its associated card data from PCI Booking. - [Disassociate from Customer](https://developers.pcibooking.net/api-reference/manage-tokens/disassociate-from-customer.md): Remove a customer association from a token. The customer will no longer have access to perform actions on this token. - [Duplicate Token](https://developers.pcibooking.net/api-reference/manage-tokens/duplicate-token.md): Create a copy of an existing token, optionally adding a CVV and specifying property association and creator reference. - [Get CVV Retention Policy](https://developers.pcibooking.net/api-reference/manage-tokens/get-cvv-retention-policy.md): Retrieve the full CVV retention policy for a token, including per-destination usage counts. - [Get CVV Retention Policy for Specific Destination](https://developers.pcibooking.net/api-reference/manage-tokens/get-cvv-retention-policy-specific.md): Retrieve the CVV retention policy for a single destination, including its usage count. - [List Customer Associations](https://developers.pcibooking.net/api-reference/manage-tokens/list-customer-associations.md): Retrieve a list of all PCI Booking customers associated with this token. - [Manage Tokens API Reference](https://developers.pcibooking.net/api-reference/manage-tokens/overview.md): API endpoints for token management: query, update, duplicate, delete tokens, CVV retention policies, and customer/property associations - [Query Tokens](https://developers.pcibooking.net/api-reference/manage-tokens/query-tokens.md): Search for tokens by creator reference. Returns metadata for up to 100 matching tokens, with pagination support. - [Request a Card Security Code Entry Form](https://developers.pcibooking.net/api-reference/manage-tokens/request-cvv-entry-form.md): Create a PCI Booking CVV capture form for use in an iFrame. - [Retrieve 3D Secure Data](https://developers.pcibooking.net/api-reference/manage-tokens/retrieve-3d-token.md): Retrieve the 3D Secure authentication data stored on a token. - [Retrieve Card Details](https://developers.pcibooking.net/api-reference/manage-tokens/retrieve-card-details.md): Retrieve the full, unmasked card details for a token. This endpoint returns raw card data, putting your system in PCI DSS scope. - [Retrieve Token Metadata](https://developers.pcibooking.net/api-reference/manage-tokens/retrieve-token-metadata.md): Returns non-sensitive metadata for a single token, including card type, masked card number, expiration, CVV status, 3DS data, and associations. - [Risk Assessment](https://developers.pcibooking.net/api-reference/manage-tokens/risk-assessment.md): Assess the risk level of a tokenized card by cross-referencing billing address, card issuer country, and client IP address. - [Set CVV Retention Policy](https://developers.pcibooking.net/api-reference/manage-tokens/set-cvv-retention-policy.md): Define when and how the CVV on a token expires, and which destinations may consume it. - [Store 3D Secure Data](https://developers.pcibooking.net/api-reference/manage-tokens/store-3d-token.md): Store 3D Secure authentication data on a token. - [Transfer Ownership](https://developers.pcibooking.net/api-reference/manage-tokens/transfer-ownership.md): Transfer ownership of a token to another PCI Booking customer. - [Update Creator Reference](https://developers.pcibooking.net/api-reference/manage-tokens/update-creator-reference.md): Set or update the creator reference value on an existing token. - [Update Card Expiration Date](https://developers.pcibooking.net/api-reference/manage-tokens/update-expiration.md): Update the expiration date on a stored token. Only the expiration date is changed; all other card data remains unchanged. - [API Reference Overview](https://developers.pcibooking.net/api-reference/overview.md): PCI Booking REST API reference. Base URL, authentication, response format, and a map of all available endpoints. - [Delete Digital Wallet Credentials](https://developers.pcibooking.net/api-reference/payments-library-accounts/delete-credentials.md): Delete stored digital wallet credentials by their ID. - [List Digital Wallet Credentials](https://developers.pcibooking.net/api-reference/payments-library-accounts/list-credentials.md): Retrieve a list of all stored digital wallet credential IDs. - [Retrieve Digital Wallet Credential Structure](https://developers.pcibooking.net/api-reference/payments-library-accounts/retrieve-credential-structure.md): Retrieve the list of supported digital wallets and the required credential format for each. - [Store Digital Wallet Credentials](https://developers.pcibooking.net/api-reference/payments-library-accounts/store-credentials.md): Store credentials for a digital wallet payment method. - [Create Payments Library Session](https://developers.pcibooking.net/api-reference/payments-library/create-session.md): Create a new Payments Library session for tokenization or charge operations using digital wallets. - [Validate Operation Result](https://developers.pcibooking.net/api-reference/payments-library/validate-operation.md): Validate the data returned to the client after a Payments Library operation to ensure it was not altered. - [Initiate Card Display with OTP](https://developers.pcibooking.net/api-reference/process-cards/card-display-otp.md): Send a secure card viewing link with OTP verification to a cardholder. - [Delete Payment Gateway Credentials](https://developers.pcibooking.net/api-reference/process-cards/delete-credentials.md): Delete a stored set of payment gateway credentials. - [Additional Guidance for Specific Payment Gateways](https://developers.pcibooking.net/api-reference/process-cards/gateway-guidance.md): PSP-specific parameter requirements, quirks, and configuration notes for each payment gateway supported by PCI Booking. - [Get Payment Gateways](https://developers.pcibooking.net/api-reference/process-cards/get-payment-gateways.md): Retrieve a list of supported payment gateways and their credential descriptions. - [List Payment Gateway Credentials](https://developers.pcibooking.net/api-reference/process-cards/list-credentials.md): Retrieve a list of all stored payment gateway credentials. - [Use Tokens API Reference](https://developers.pcibooking.net/api-reference/process-cards/overview.md): API endpoints for processing cards: Universal Payment Gateway transactions, token replacement, card display, and FTPS/sFTP file transfer - [Process Transaction](https://developers.pcibooking.net/api-reference/process-cards/process-transaction.md): Process a payment gateway transaction using a stored card token. - [Request a Card Display Form](https://developers.pcibooking.net/api-reference/process-cards/request-card-display-form.md): Create a Card Display form for displaying stored credit card data within an e-commerce site. - [Retrieve Payment Gateway Credential Structure](https://developers.pcibooking.net/api-reference/process-cards/retrieve-credential-structure.md): Retrieve the credential structure for a specific payment gateway. - [Store Payment Gateway Credentials](https://developers.pcibooking.net/api-reference/process-cards/store-credentials.md): Store credentials for a payment gateway. - [Token Replacement in Request](https://developers.pcibooking.net/api-reference/process-cards/token-replacement.md): Replace card tokens with real card data and relay the request to a third-party API. - [Token Replacement to FTPS](https://developers.pcibooking.net/api-reference/process-cards/token-replacement-ftps.md): Replace card tokens in a document and upload the result to an FTPS server. - [Token Replacement to sFTP](https://developers.pcibooking.net/api-reference/process-cards/token-replacement-sftp.md): Replace card tokens in a document and upload the result to an sFTP server. - [Card Entry Form Webhook](https://developers.pcibooking.net/api-reference/tokenize-cards/card-entry-form-callback.md): PCI Booking sends a POST request to your callback URL each time the status of a card entry form session changes. - [Card By Link Webhook](https://developers.pcibooking.net/api-reference/tokenize-cards/cotp-callback.md): PCI Booking sends a POST request to your callback URL each time the status of a Card By Link request changes. - [Delete Card By Link Request](https://developers.pcibooking.net/api-reference/tokenize-cards/cotp-delete-request.md): Delete a Card By Link request. Clicking a deleted request's link shows an 'invalid link' message. - [Retrieve Card By Link Request](https://developers.pcibooking.net/api-reference/tokenize-cards/cotp-retrieve-request.md): Retrieve the status and details of a Card By Link request. - [Send Card Capture Link](https://developers.pcibooking.net/api-reference/tokenize-cards/cotp-send-card-form.md): Send a Card By Link request via email or SMS with a link to a secure card capture form. - [Send CVV Capture Link](https://developers.pcibooking.net/api-reference/tokenize-cards/cotp-send-cvv-form.md): Send a Card By Link request via email or SMS with a link to a secure CVV capture form. - [Create Card Entry Form Session](https://developers.pcibooking.net/api-reference/tokenize-cards/create-card-entry-form-session.md): Create a new session for the card entry form. Parameters are sent in the request body instead of as URL query strings. Returns a Location header with the card form URL. - [Delete Card Entry Form](https://developers.pcibooking.net/api-reference/tokenize-cards/delete-card-entry-form.md): Delete a card entry form session created via the API. - [Get Tokenization Profiles](https://developers.pcibooking.net/api-reference/tokenize-cards/get-tokenization-profiles.md): Returns a list of pre-configured tokenization profiles. Use the profile name when calling the Tokenize on Response Using Preset Profiles endpoint. - [Capture Cards API Reference](https://developers.pcibooking.net/api-reference/tokenize-cards/overview.md): API endpoints for card tokenization: hosted forms, Card By Link, card migration, response interception, and sFTP file tokenization - [Request a Card Entry Form](https://developers.pcibooking.net/api-reference/tokenize-cards/request-card-entry-form.md): Build a URL that renders a PCI Booking card capture form. Use it as an iframe src or redirect the cardholder to it. - [Retrieve Card Entry Session Details](https://developers.pcibooking.net/api-reference/tokenize-cards/retrieve-card-entry-session.md): Retrieve the parameters configured for a card form session. - [Store Paycard (Card Migration)](https://developers.pcibooking.net/api-reference/tokenize-cards/store-paycard.md): Store card details in PCI Booking when migrating from local storage. The card data is sent in XML format. - [Tokenization in Response](https://developers.pcibooking.net/api-reference/tokenize-cards/tokenization-in-response.md): Route a request through PCI Booking to a third party. PCI Booking intercepts the response, tokenizes card data, masks the details, and returns the sanitized response. - [Tokenize from sFTP](https://developers.pcibooking.net/api-reference/tokenize-cards/tokenize-from-sftp.md): Download a file from an sFTP server through PCI Booking. Card data is extracted, tokenized, and the sanitized file content is returned. - [Tokenize on Response Using Preset Profiles](https://developers.pcibooking.net/api-reference/tokenize-cards/tokenize-on-response-using-preset-profiles.md): Send a request through a pre-configured PCI Booking profile to a third party. PCI Booking intercepts the response, tokenizes card data, and returns the sanitized response. - [Card By Link](https://developers.pcibooking.net/capture-cards/card-by-link.md): Send cardholders a secure link via email or SMS to enter card details. PCI Booking tokenizes so no card data touches your systems. - [CVV Capture Form](https://developers.pcibooking.net/capture-cards/cvv-capture.md): Collect CVV codes securely using a PCI Booking hosted form. Works with existing card tokens, supports 3D Secure. - [CVV Retention Policy](https://developers.pcibooking.net/capture-cards/cvv-retention-policy.md): Configure how long CVV data is retained and how many times it can be used. PCI DSS enforcement with per-token policies. - [File Transfer Tokenization](https://developers.pcibooking.net/capture-cards/file-transfer-tokenization.md): Tokenize card numbers in file transfers. PCI Booking acts as a secure SFTP/FTPS proxy, replacing card data with tokens. - [Hosted Card Entry Form](https://developers.pcibooking.net/capture-cards/hosted-card-entry-form.md): Embed a PCI-compliant hosted card entry form via iframe or standalone page. URL parameters and API sessions with 3D Secure. - [Capture Cards Overview](https://developers.pcibooking.net/capture-cards/overview.md): All ways to tokenize cards with PCI Booking: hosted form, email/SMS link, JavaScript library, file upload, API migration, and response interception - [Payments Library](https://developers.pcibooking.net/capture-cards/payments-library.md): Render secure card forms and payment buttons with PCI Booking's client-side JavaScript library. Apple Pay, Google Pay, 3D Secure. - [PostMessage Notifications](https://developers.pcibooking.net/capture-cards/postmessage-notifications.md): Control and receive events from the PCI Booking card entry iframe using postMessage. Form submission, validation, resizing. - [Store a Card (Direct API)](https://developers.pcibooking.net/capture-cards/store-card-migration.md): Migrate existing card data to PCI Booking tokens using the Store Paycard API. For PCI DSS-compliant environments. - [Tokenization on Request (Gateway)](https://developers.pcibooking.net/capture-cards/tokenization-on-request.md): Intercept inbound HTTP requests containing card data. PCI Booking tokenizes card numbers and forwards sanitized requests. - [Tokenization on Response](https://developers.pcibooking.net/capture-cards/tokenization-on-response.md): Route outbound HTTP requests through PCI Booking to extract and tokenize card data from third-party responses. - [Universal Tokenization Profiles](https://developers.pcibooking.net/capture-cards/universal-tokenization.md): Use pre-built parsing profiles for common integrations. Tokenize responses without custom configuration. - [How PCI Booking Works](https://developers.pcibooking.net/concepts/how-pci-booking-works.md): How PCI Booking removes PCI DSS scope from your systems. Card capture, token storage, and payment processing without handling card data. - [Tokenization Explained](https://developers.pcibooking.net/concepts/tokenization-explained.md): What is payment card tokenization? How tokens replace sensitive card data, how detokenization works, and the full token lifecycle. - [Authentication](https://developers.pcibooking.net/getting-started/authentication.md): PCI Booking API authentication methods: API key, access token, and temporary session token with code samples - [Create an Account](https://developers.pcibooking.net/getting-started/create-account.md): Set up sandbox and production accounts with PCI Booking. Learn what is included, how onboarding works, and how to start integrating. - [Download SSL Certificate](https://developers.pcibooking.net/getting-started/download-ssl-certificate.md): Download PCI Booking's SSL certificate to generate Access Tokens. Step-by-step for Chrome, Firefox, Edge, and Safari. - [Testing & Going Live](https://developers.pcibooking.net/getting-started/testing-and-going-live.md): Test your PCI Booking integration in sandbox mode with test cards for standard and 3D Secure flows. Go-live checklist for production. - [For Hotels & Accommodation Providers](https://developers.pcibooking.net/guides/for-hotels.md): Learn how hotels use PCI Booking to receive tokenized card data from OTAs, display card details securely, process charges, and manage CVV data. - [For Online Travel Agencies](https://developers.pcibooking.net/guides/for-otas.md): Learn how OTAs use PCI Booking to capture traveler card data, relay tokens to hotels, charge via payment gateways, and stay PCI DSS compliant. - [For Payment Service Providers](https://developers.pcibooking.net/guides/for-payment-providers.md): Learn how PSPs integrate with PCI Booking's API, Payments Library, Apple Pay and Google Pay support, gateway credentials management, and data blocks. - [3DS Auth Management](https://developers.pcibooking.net/manage-tokens/3ds-auth-management.md): Store, retrieve, and delete 3D Secure authentication data for payment tokens. CAVV, ECI, and transaction IDs. - [CVV Management](https://developers.pcibooking.net/manage-tokens/cvv-management.md): Manage CVV storage, retention policies, and re-capture for stored card tokens. PCI DSS compliant. - [Delete Tokens](https://developers.pcibooking.net/manage-tokens/delete-tokens.md): Permanently delete stored payment card tokens and all associated data. This action cannot be undone. - [Manage Tokens Overview](https://developers.pcibooking.net/manage-tokens/overview.md): Query, update, duplicate, and manage PCI Booking card tokens. Covers expiration, CVV retention, 3DS data, customer and property associations. - [Query & Retrieve Tokens](https://developers.pcibooking.net/manage-tokens/query-retrieve.md): Search stored tokens by card type, expiration, or customer. Retrieve card details or metadata without exposing sensitive data. - [Third-Party Permissions](https://developers.pcibooking.net/manage-tokens/third-party-permissions.md): Share card tokens between PCI Booking customers. Set read, write, and process permissions for multi-party workflows. - [Update Card Data](https://developers.pcibooking.net/manage-tokens/update-card-data.md): Update expiration dates and creator references on stored card tokens without re-tokenizing. - [Payments Library Overview](https://developers.pcibooking.net/payments-library/overview.md): Integrate PCI Booking's JavaScript library for card capture, Apple Pay, Google Pay, PayPal, BankPay, and UPI in your checkout page - [Library Reference](https://developers.pcibooking.net/payments-library/reference.md): JavaScript API reference for PCI Booking's Payments Library. Methods, events, configuration options, and callbacks. - [Payments Library Setup](https://developers.pcibooking.net/payments-library/setup.md): Install and initialize PCI Booking's JavaScript Payments Library. Script loading, configuration, and first render. - [Supported Payment Methods](https://developers.pcibooking.net/payments-library/supported-methods.md): Payment methods available through the Payments Library: card entry, Apple Pay, Google Pay, PayPal, BankPay, UPI. - [API Conventions](https://developers.pcibooking.net/reference/api-conventions.md): Base URL, content types, authentication headers, error format, and pagination for PCI Booking's REST API. - [Card Data XML Structure](https://developers.pcibooking.net/reference/card-data-xml-structure.md): XML schema for card data elements used in token replacement and card display requests. Field definitions and examples. - [Supported Card Types](https://developers.pcibooking.net/reference/card-types.md): Complete list of card types PCI Booking identifies and tokenizes: Visa, Mastercard, Amex, JCB, Diners, and more. - [Card Validation Errors](https://developers.pcibooking.net/reference/card-validation-errors.md): Error codes returned when card entry validation fails. Invalid number, expiration, CVV, and Luhn check failures. - [Changelog](https://developers.pcibooking.net/reference/changelog.md): Recent changes, new features, and bug fixes in the PCI Booking API and related services. - [File Transfer Formats](https://developers.pcibooking.net/reference/file-transfer-formats.md): Supported file formats for SFTP/FTPS tokenization and token replacement: TADC XML, AMEX CSV, and standard delimited formats. - [Gateway Request Headers](https://developers.pcibooking.net/reference/gateway-request-headers.md): HTTP headers PCI Booking adds to proxied gateway requests. Trace IDs, original IP forwarding, and custom headers. - [Glossary](https://developers.pcibooking.net/reference/glossary.md): Definitions of key terms: tokenization, detokenization, PCI DSS, CVV retention, 3D Secure, card-on-file, and more. - [Return Codes](https://developers.pcibooking.net/reference/return-codes.md): HTTP status codes and PCI Booking-specific error codes. Lookup table for API response troubleshooting. - [Troubleshooting](https://developers.pcibooking.net/reference/troubleshooting.md): Diagnose and resolve common integration issues with PCI Booking. - [Versioning and Rate Limits](https://developers.pcibooking.net/reference/versioning-and-rate-limits.md): PCI Booking API versioning policy and rate limit details. The API is unversioned and backwards compatible. - [Introduction](https://developers.pcibooking.net/start-here/introduction.md): PCI Booking tokenization platform. Capture, store, and process payment cards without PCI DSS scope on your servers. - [Quickstart](https://developers.pcibooking.net/start-here/quickstart.md): Tokenize a card and process a payment in minutes using PCI Booking's hosted card form and Universal Payment Gateway - [System Status](https://developers.pcibooking.net/support/system-status.md): Real-time operational status of PCI Booking's tokenization and payment processing services. - [Collect a Card and Process a Payment](https://developers.pcibooking.net/use-cases/capture-and-charge.md): Securely collect card details from a cardholder and charge through any connected payment gateway. PCI Booking handles the card data so your servers never touch it. - [Collect a Guest's Card and Share It with a Hotel](https://developers.pcibooking.net/use-cases/capture-and-relay-to-hotel.md): Collect card details directly from a guest via a secure form or email link, then give a hotel property access to view the card. All PCI compliant, no card data on your servers. - [Send Stored Card Details to a Hotel Property](https://developers.pcibooking.net/use-cases/capture-and-send-to-hotel.md): Tokenize a guest's card and let the hotel securely view or retrieve the card details, without the card data touching your systems. - [Charge a Card and Save It for Future Payments](https://developers.pcibooking.net/use-cases/capture-charge-and-store.md): Collect a guest's card, process the payment, and securely store a token for repeat charges, all in one PCI-compliant flow. Works with any PSP through PCI Booking. - [PSD2 and 3D Secure Implementation Guide](https://developers.pcibooking.net/use-cases/comply-with-psd2.md): Add 3D Secure (3DS2) authentication to your payment flow with PCI Booking. Supports hosted forms, third-party 3DS data, and in-transit tokenization. Includes test cards for all challenge types. - [PCI Booking Use Cases & Integration Guides](https://developers.pcibooking.net/use-cases/how-do-i.md): Step-by-step guides for common PCI Booking workflows: capture and charge cards, share tokens between merchants, send card details to hotels, comply with PSD2, and more. - [Share a Card Token Between Two Merchants](https://developers.pcibooking.net/use-cases/share-token-between-merchants.md): Let two merchants use the same card token without duplicating card data. Saves on tokenization and storage fees while keeping both parties PCI compliant. - [Process OTA and Channel Manager Card Payments](https://developers.pcibooking.net/use-cases/third-party-to-gateway.md): Receive card data from Booking.com, Expedia, or any channel manager, tokenize it automatically, and charge through your payment gateway, without card data touching your servers. - [Update an Expired Card Token](https://developers.pcibooking.net/use-cases/update-expired-card.md): When a stored card expires and the guest gets a replacement, update the token's expiration date and CVV without re-collecting the full card number. Keeps recurring charges running. - [Authorize & Capture](https://developers.pcibooking.net/use-tokens/authorize-capture.md): Pre-authorize a card token and capture later. Two-step payment flow via PCI Booking's Universal Payment Gateway. - [Card Display](https://developers.pcibooking.net/use-tokens/card-display.md): Display stored card details to authorized users via a secure hosted form. Hotels can view guest card data without PCI scope. - [Card Display with OTP](https://developers.pcibooking.net/use-tokens/card-display-otp.md): Send a one-time password link to view stored card details. Secure card display for hotel staff and partners. - [Charge](https://developers.pcibooking.net/use-tokens/charge.md): One-step charge via PCI Booking's Universal Payment Gateway. Tokenize once, charge any PSP without handling card data. - [File Transfer Token Replacement](https://developers.pcibooking.net/use-tokens/file-transfer-token-replacement.md): Replace tokens with card data in SFTP/FTPS file transfers. PCI Booking acts as secure proxy for batch file processing. - [Gateway-Specific Guidance](https://developers.pcibooking.net/use-tokens/gateway-guidance.md): PSP-specific notes for processing payments through PCI Booking. Required fields, quirks, and configuration for each gateway. - [Use Tokens Overview](https://developers.pcibooking.net/use-tokens/overview.md): Use PCI Booking tokens to charge, authorize, refund, display cards, replace tokens in API requests, and transfer files, all without handling card data - [Refunds & Voids](https://developers.pcibooking.net/use-tokens/refunds-voids.md): Process refunds and void transactions on payments made through PCI Booking's Universal Payment Gateway. - [Risk Assessment](https://developers.pcibooking.net/use-tokens/risk-assessment.md): Assess fraud risk on a stored card token using payer details, billing address, and device metadata. Returns a risk score. - [Token Replacement (API)](https://developers.pcibooking.net/use-tokens/token-replacement-api.md): Replace tokens with real card data in outbound API calls to payment gateways. PCI Booking proxies the request securely. - [Token Replacement in Request](https://developers.pcibooking.net/use-tokens/token-replacement-in-request.md): Intercept outbound HTTP requests and replace card tokens with real card data before forwarding to the destination. - [Token Replacement in Response](https://developers.pcibooking.net/use-tokens/token-replacement-in-response.md): Extract card data from third-party responses and replace with tokens before the data reaches your systems. - [Universal Payment Gateway (UPG)](https://developers.pcibooking.net/use-tokens/universal-payment-gateway.md): Process payments through 100+ PSPs with a single API. PCI Booking's UPG handles card data and gateway routing. ## OpenAPI Specs - [openapi](https://developers.pcibooking.net/api-reference/openapi.json) ## Optional - [Support](https://pcibooking.net/contact)