Skip to main content

Handle a prepaid card secure details

POST 
/profile/prepaid/cards/:cardId/secure-details

Overview

The Paysafe Wallet SDK's secure details endpoint is used to retrieve the URL containing the requested sensitive data.

The returned URL information will have a short expiration time and will not be usable after it expires.

SCA Authentication

The necessity for SCA Authentication arises when customers need to adhere to the particular regulations outlined in the PSD2 directive.

The HTTP WWW-Authenticate response header defines the SCA authentication methods that might be used to gain access to the specific resource:

HTTP/2 401 Unauthorized
WWW-Authenticate: SCA realm="Prepaid Cards" auth-param1="ewogICJzY2FEZXRhaWxzIjogewogICAgImV2ZW50SWQiOiAiMDZiZGMyYzAtY2NlLTRiMzYtOTdlYy0yODFjOGY1ZDc0M2MiLAogICAgIndhbGxldE9wZXJhdGlvbklkIjogImE1ODY1ZmQ2LTE4YzItNDVhOC05OTUzLTFjMDBlYWMzNmMzNiIsCiAgICAiYXV0aGVudGljYXRpb25Nb2RlIjogIk9VVFNPVVJDRUQiLAogICAgImF2YWlsYWJsZVZlcmlmaWNhdGlvbnMiOiBbCiAgICAgIHsKICAgICAgICAibWV0aG9kIjogIlBJTiIKICAgICAgfSwKICAgICAgewogICAgICAgICJtZXRob2QiOiAiT1RQIiwKICAgICAgICAiY2hhbm5lbCI6ICJTTVMiCiAgICAgIH0KICAgIF0sCiAgICAiY3JlYXRpb25UaW1lIjogIjIwMjEtMDctMTVUMTc6NTQ6MTJaIiwKICAgICJleHBpcmF0aW9uVGltZSI6ICIyMDIxLTA3LTE1VDE4OjA5OjEyWiIKICB9Cn0="

Upon the successful completion of the SCA authentication process, the user should re-request the same wallet resource. This should be done using the SCA-Authorization request header:

POST /digitalwallets/v1/auth/brands/{brandIdentity}/token HTTP/2
Host: api.paysafe.com
SCA-Authorization: ewogICJzY2FEZXRhaWxzIjogewogICAgImV2ZW50SWQiOiAiMDZiZGNkMmMtMGNjZS00YjM2LTk3ZWMtMjgxYzhmNWQ3NDNjIiwKICAgICJ3YWxsZXRPcGVyYXRpb25JZCI6ICJhNTg2NWZkNi0xOGMyLTQ1YTgtOTk1My0xYzAwZWFjMzZjMzYiCn0=

More details can be found in Strong Customer Authentication.

Request

Path Parameters

    cardId stringrequired

    UUID based Card id.

Body

Secure details request by which the Paysafe Wallet SDKs requests a URL address for secure data access.

    language string

    Default value: en

    Displays content for the customer in the specified language.

    flow SecurityDetailsFlow (string)required

    Possible values: [SHOW_DETAILS, SET_PIN, VIEW_PIN]

    Desired security details flow.

    deviceInfo

    object

    Provides information about the device that the end-customer uses to access the service.

    appType stringrequired

    Possible values: [WEB_APP, MOBILE_APP, API]

    threatMetrixSessionId string

    Possible values: <= 100 characters

    ThreatMetrics session id.

    customerIp string

    Customer IP Address.

Responses

OK

Schema

    language string

    Default value: en

    Displays content for the customer in the specified language.

    flow SecurityDetailsFlow (string)required

    Possible values: [SHOW_DETAILS, SET_PIN, VIEW_PIN]

    Desired security details flow.

    cardId stringrequired

    Card id is a unique identifier for a specific card.

    redirectUrl stringrequired

    URL address that can be used to access the sensitive data.

Loading...