Tokenization in Response

E-commerce sites send a "Reservation with card data" request to a third party.
Once the e-commerce site initializes the request, the third party will send a response, with the card data.
The e-commerce site will receive the card URI that was saved in the database.

We recommend that you first review the guide for this method.

Log in to see full request history

Once the response from the third party is received in PCI Booking. the card details will be extracted from the message body (the card details will be located by using the content filter specified in the target profile). The card will be tokenized, the card details in the message will be masked and the token URI will be added to the response header (the name of the header will be taken from the settings of the target profile).

If the eliminateCardDuplication parameter is set to True, the system will look up the card in the customer's stored cards and check if it already exists:

  • If it exists, then the card details will be masked and the token added to the response will be the token of the previously stored card.
  • If it does not exist, the card will generate a new token which will then be added to the response.

If the eliminateCardDuplication parameter is set to False or not added in the request, PCI Booking will generate a new token for any card processed.

📘

Access Token Vs. Session Token

Between the two options of using the Access Token or the Session Token, we would recommend using the Access Token.

📘

Multiple Authentication Methods allowed

This method accepts multiple forms of authentication methods (Session Token and Access Token). If more than one authentication method is provided, the Session Token will take precedence.

📘

All URLs should be https.

📘

Please note to urlEncode all components!

📘

CVV Retention Policy

Remember to set the CVV Retention Policy for this token.

Query Params
string

Optional authentication method. Please use either the Session Token or the Access Token. The session token is the value returned by the call to the "Start a Temporary Session" method.

string

Optional authentication method. Please use either the Session Token or the Access Token. The Access Token is generated as a result of running the "Generate Access Token" code sample.

string
required

The profileName is the unique ID for the profile that was set up for the response you will receive for this request. You can set up as many profiles as you require. Read more about setting up target profiles.

string
required

The URI of the third party that you would like to relay the request to in order to retrieve the card details.
For example http://permaculturenews.org/.

string
required

The HTTP method that PCI Booking should use when calling the target URI. Possible values are POST, GET, DELETE and OPTIONS.

boolean
Defaults to false

Will be used to determine whether to save the CVV in the database. true - save the CVV. false - do not save the CVV.

string

A reference value which then can be used to query for this card token.

string

The user ID of the property you wish to associate the token with.
The user ID for the property can be found under "Property settings" in our user's site.

string

The user ID of the PCI Booking customer (booker ID) you wish to associate the token with. You will need to ask the PCI Booking customer to share with you their user ID to the PCI Booking system.

int32

The number of seconds that PCI Booking should wait for a response from the third party.

boolean
Defaults to false

Indicates whether the PCI Booking system should look up this card details in cards previously stored and return the token of the existing card (if found) or always return a new token.
Possible values are True: look up new card in existing cards and False: always create new tokens.
If this parameter is not specified in the request, the default behavior of the system would be to create a new token for each tokenized card - regardless if it is already stored in PCI Booking.

Headers
json
Responses

Language
Click Try It! to start a request and see the response here! Or choose an example:
application/json