HomeGuideMethod ReferenceAssess YourselfRequest Sandbox Account
Method Reference
Ask For AssistanceLogin

Token Replacement

post
https://service.pcibooking.net/api/payments/paycard/relay

This action will retrieve "Paycard" from the secured Database, in exchange for a "card token". The card data is relayed to a recipient (third party) API, according to the merchant definition.

We recommend that you first review the guide for this method.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…

Once the request will reach PCI Booking, PCI Booking will retrieve the card from the secure database based on the token provided and replace the card details into the request. Then the request will be relayed to the third party URI based on the information provided. The response from the third party will be relayed back to the customer as is.

📘

Access Token Vs. Session Token

Between the two options of using the Access Token or the Session Token, we would recommend using the Access Token.

📘

Multiple Authentication Methods allowed

This method accepts multiple forms of authentication methods (Session Token and Access Token). If more than one authentication method is provided, the Session Token will take precedence.

📘

All URLs should be https.

📘

Please note to urlEncode all components!

📘

Checking on CVV retention policy status

We recommend adding business logic based on the current status of the CVV retention policy following a token replacement request.

Query Params
string

Optional authentication method. Please use either the Session Token or the Access Token. The session token is the value returned by the call to the "Start a Temporary Session" method.

string

Optional authentication method. Please use either the Session Token or the Access Token. The Access Token is generated as a result of running the "Generate Access Token" code sample.

string
required

The card URI is the resource identifier for the card location within PCI Booking.

string

The profileName is the unique ID for the profile that was set up for the request that you are sending. You can set up as many profiles as you require. Read more about setting up target profiles. If you wish to perform the token replacement using placeholders, please do not include this parameter.

string

In case the Content-Type of the request is application/x-www-form-urlencoded, you would use this parameter to provide PCI Booking with the key value where the credit card information is to be stored. If this parameter is not provided, the PCI Booking system will look for the placeholders.

string
required

The URI of the third party that you would like to relay the request to in order to retrieve the card details.
For example http://permaculturenews.org/.

string
required

The HTTP method that PCI Booking should use when calling the target URI. Possible values are POST, GET, DELETE and OPTIONS.

string

Indication of the post-response action. if not added, there will be no post response action. ClearCVV will clear the CVV from the card. DeleteToken: will delete the card from the database.

int32

The number of seconds that PCI Booking should wait for a response from the third party.

Headers
string
string

PCI Booking supports request compression in the formats of gzip and deflate. When sending a request that should be compressed with one of these formats, please add the Content-Encoding header with the value of gzip or deflate. If no compression is necessary, please omit this header from your request.

Responses

Updated almost 7 years ago

Language
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json

Updated almost 7 years ago