Hey! These docs are for version 1.0, which is no longer officially supported. Click here for the latest version, 3.0!

Setting up Target Profiles

Before a PCI Booking customer can push card details to a third party via PCI Booking or pull card details from a third party via PCI Booking, the customer needs to first define a “target profile” for each third-party schema.

These profiles are used for:

  • Tokenizing: when processing the response to a request to pull card details from a third party (for more information, click here)
  • Token replacement: when processing a request to send a token to a third party and exchanging the token for full credit card details (for more information, click here).

In order to manage and add target profiles, please follow these steps:

  • Login to the PCI Booking users' portal
  • In the menu bar on the left, go to "PCI Shield Settings" > "PCI Shield Profile Settings".
  • This screen will show you the list of target profiles already created in your account - with an option to delete, clone and save the profile. At the bottom of the page will be an option to create a new profile.

When creating or editing a target profile, you will need to provide the following parameters:

Field nameDescriptionRequired
NameUnique name of the profile. You will reference this name in the Tokenization in Response and the Token Replacement methods of the API.
Validation: Allowed characters: a-z, A-Z, 0-9.
Yes. Note: This is a mandatory field, and cannot be edited after saving.
DescriptionA short description, where the user can explain the profile usage.No
HTTP client certificateIf the third party requires client certificate for authentication, you will select the relevant certificate to be used from this dropdown list.
Follow these instructions to Upload Client Certificates.
No
Content signing certificateIf the third party requires a certificate in order to sign the content of the message, you will select the relevant certificate to be used from this dropdown list.
Follow these instructions to Upload Client Certificates.
No
CustomEncryptionNameIf the third party requires content encryption, you will select the relevant certificate to be used from this dropdown list.
Please contact our support team in order to add additional custom encryption options.
No
Card URI HTTP headerDefine the header name that PCI Booking will use in order to provide the card token URI when using the Tokenization in Response method.
Recommended header syntax: X-token.
Required when the "Tokenization" content filter is provided.
TokenizationA XML structure to define the content filter for parsing the message and extracting the card details from the message.
Read more about Content Filters.
One of the two is required: "Tokenization" or "Retrieve cards"
Retrieve cardsA XML structure to define the content filter for parsing the message and adding the card details into the message.
Read more about Content Filters.
One of the two is required: "Tokenization" or "Retrieve cards"