Once the request will reach PCI Booking, PCI Booking will retrieve the card from the secure database based on the token provided and replace the card details into the request. Then the request will be relayed to the third party URI based on the information provided. The response from the third party will be relayed back to the customer as is.
Access Token Vs. Session Token
Between the two options of using the Access Token or the Session Token, we would recommend using the Access Token.
Multiple Authentication Methods allowed
This method accepts multiple forms of authentication methods (Session Token and Access Token). If more than one authentication method is provided, the Session Token will take precedence.
All URLs should be https.
Please note to urlEncode all components!
Checking on CVV retention policy status
We recommend adding business logic based on the current status of the CVV retention policy following a token replacement request.