Handle a prepaid card secure details
POST/profile/prepaid/cards/:cardId/secure-details
Overview
The Paysafe Wallet SDK's
secure details endpoint is used to retrieve the URL containing the requested sensitive data.
The returned URL information will have a short expiration time and will not be usable after it expires.
SCA Authentication
The necessity for SCA Authentication arises when customers need to adhere to the particular regulations outlined in the PSD2 directive.
The HTTP WWW-Authenticate
response header defines the SCA authentication methods that might be used to gain
access to the specific resource:
HTTP/2 401 Unauthorized
WWW-Authenticate: SCA realm="Prepaid Cards" auth-param1="ewogICJzY2FEZXRhaWxzIjogewogICAgImV2ZW50SWQiOiAiMDZiZGMyYzAtY2NlLTRiMzYtOTdlYy0yODFjOGY1ZDc0M2MiLAogICAgIndhbGxldE9wZXJhdGlvbklkIjogImE1ODY1ZmQ2LTE4YzItNDVhOC05OTUzLTFjMDBlYWMzNmMzNiIsCiAgICAiYXV0aGVudGljYXRpb25Nb2RlIjogIk9VVFNPVVJDRUQiLAogICAgImF2YWlsYWJsZVZlcmlmaWNhdGlvbnMiOiBbCiAgICAgIHsKICAgICAgICAibWV0aG9kIjogIlBJTiIKICAgICAgfSwKICAgICAgewogICAgICAgICJtZXRob2QiOiAiT1RQIiwKICAgICAgICAiY2hhbm5lbCI6ICJTTVMiCiAgICAgIH0KICAgIF0sCiAgICAiY3JlYXRpb25UaW1lIjogIjIwMjEtMDctMTVUMTc6NTQ6MTJaIiwKICAgICJleHBpcmF0aW9uVGltZSI6ICIyMDIxLTA3LTE1VDE4OjA5OjEyWiIKICB9Cn0="
Upon the successful completion of the SCA authentication process, the user should re-request the same wallet
resource. This should be done using the SCA-Authorization
request header:
POST /digitalwallets/v1/auth/brands/{brandIdentity}/token HTTP/2
Host: api.paysafe.com
SCA-Authorization: ewogICJzY2FEZXRhaWxzIjogewogICAgImV2ZW50SWQiOiAiMDZiZGNkMmMtMGNjZS00YjM2LTk3ZWMtMjgxYzhmNWQ3NDNjIiwKICAgICJ3YWxsZXRPcGVyYXRpb25JZCI6ICJhNTg2NWZkNi0xOGMyLTQ1YTgtOTk1My0xYzAwZWFjMzZjMzYiCn0=
More details can be found in Strong Customer Authentication.
Request
Path Parameters
UUID based Card id.
- application/json
Body
Secure details request by which the Paysafe Wallet SDKs
requests a URL address for secure data access.
Default value: en
Displays content for the customer in the specified language.
Possible values: [SHOW_DETAILS
, SET_PIN
, VIEW_PIN
]
Desired security details flow.
deviceInfo
object
Provides information about the device that the end-customer uses to access the service.
Possible values: [WEB_APP
, MOBILE_APP
, API
]
Possible values: <= 100 characters
ThreatMetrics session id.
Customer IP Address.
Responses
- 200
- 400
- 401
- 404
- 405
- 500
OK
- application/json
- Schema
- Example (from schema)
- SECURE_DETAILS_RESPONSE
Schema
Default value: en
Displays content for the customer in the specified language.
Possible values: [SHOW_DETAILS
, SET_PIN
, VIEW_PIN
]
Desired security details flow.
Card id is a unique identifier for a specific card.
URL address that can be used to access the sensitive data.
{
"language": "en-US",
"flow": "SHOW_DETAILS",
"cardId": "f16ba382-eb42-481a-b08f-c57bdc9aae24",
"redirectUrl": "https://prepaid.paysafe.com/v1/cards/details?cardId=f16ba382...."
}
{
"cardId": "f16ba382-eb42-481a-b08f-c57bdc9aae24",
"language": "en-US",
"flow": "SHOW_DETAILS",
"redirectUrl": "https://prepaid.paysafe.com/v1/cards/details?cardId=f16ba382-eb42-481a-b08f-c57bdc9aae24&lang=en_US&fingerprint=19e0abfb...&token=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lk.."
}
Bad Request
- application/json
- Schema
- Example (from schema)
- MISSING_MANDATORY_FIELD
Schema
Array [
]
error
object
Additional details about an error
The error code.
A description of the error.
Details of any parameter value errors.
fieldErrors
object[]
Identifies the JSON request field.
The problem associated with the field.
{
"error": {
"code": "string",
"message": "string",
"details": [
"string"
],
"fieldErrors": [
{
"field": "string",
"error": "string"
}
]
}
}
{
"error": {
"code": "5068",
"message": "Field error(s)",
"details": [
"Either you submitted a request that is missing a mandatory field or the value of a field does not match the format expected."
],
"fieldErrors": [
{
"field": "cardId",
"error": "cardId must not be null"
}
]
}
}
Unauthorized
Response Headers
WWW-Authenticate
string
Specifies the necessity of employing the
SCA
security scheme within the specific wallet domain.
- application/json
- Schema
- Example (from schema)
- SCA_VERIFICATION_FAILED
Schema
Array [
]
error
object
Additional details about an error
The error code.
A description of the error.
Details of any parameter value errors.
fieldErrors
object[]
Identifies the JSON request field.
The problem associated with the field.
{
"error": {
"code": "string",
"message": "string",
"details": [
"string"
],
"fieldErrors": [
{
"field": "string",
"error": "string"
}
]
}
}
{
"error": {
"code": "DW-SCA-VERIFICATION-FAILED",
"message": "The wallet operation was unsuccessful.",
"details": [
"The wallet operation was declined because the SCA requirement is not completed."
]
}
}
Not Found
- application/json
- Schema
- Example (from schema)
- WRONG_CARD_ID
Schema
Array [
]
error
object
Additional details about an error
The error code.
A description of the error.
Details of any parameter value errors.
fieldErrors
object[]
Identifies the JSON request field.
The problem associated with the field.
{
"error": {
"code": "string",
"message": "string",
"details": [
"string"
],
"fieldErrors": [
{
"field": "string",
"error": "string"
}
]
}
}
{
"error": {
"code": "5269",
"message": "Entity not found.",
"details": [
"The ID(s) specified in the URL do not correspond to the values in the system."
]
}
}
Method Not Allowed
- application/json
- Schema
- Example (from schema)
- DW-OPERATION-NOT-ALLOWED
Schema
Array [
]
error
object
Additional details about an error
The error code.
A description of the error.
Details of any parameter value errors.
fieldErrors
object[]
Identifies the JSON request field.
The problem associated with the field.
{
"error": {
"code": "string",
"message": "string",
"details": [
"string"
],
"fieldErrors": [
{
"field": "string",
"error": "string"
}
]
}
}
{
"error": {
"code": "DW-OPERATION-NOT-ALLOWED",
"message": "Operation is not allowed in your account. Contact Paysafe for further details.",
"details": [
"Operation is not allowed in your account. Contact Paysafe for further details."
]
}
}
Internal Server Error
- application/json
- Schema
- Example (from schema)
- INTERNAL_SERVER_ERROR
Schema
Array [
]
error
object
Additional details about an error
The error code.
A description of the error.
Details of any parameter value errors.
fieldErrors
object[]
Identifies the JSON request field.
The problem associated with the field.
{
"error": {
"code": "string",
"message": "string",
"details": [
"string"
],
"fieldErrors": [
{
"field": "string",
"error": "string"
}
]
}
}
{
"error": {
"code": "DW-INTERNAL-SERVER-ERROR",
"message": "Internal Server Error",
"details": [
"There was an error while processing the operation"
]
}
}