Create a payment token

Creates a payment token which can be exchanged into a payment instrument. FramePay is the recommended way to create a payment token because it minimizes PCI DSS compliance. Once a payment token is created, it can only be used once.

A payment token expires upon first use or within 30 minutes of the token creation, whichever comes first.

SecurityAPI Key: PublishableApiKey or API Key: SecretApiKey or HTTP: JWT
Request
Request Body schema: application/json

Payment token resource.

method
required
string

Payment method of the token.

required
object

Payment card instrument details.

object (ContactObject)

Contact's information.

Risk metadata (object) or null
object (LeadSource)

Lead source information.

post
/tokens
Request samples
application/json
{ "method": "payment-card", "paymentInstrument": { "pan": "string", "cvv": "string", "expMonth": 0, "expYear": 0 }, "billingAddress": { "firstName": "Benjamin", "lastName": "Franklin", "organization": "Rebilly", "address": "36 Craven St", "address2": "string", "city": "Austin", "region": "Texas", "country": "GB", "postalCode": "WC2N 5NF", "dob": "1980-04-01", "jobTitle": "CEO" }, "id": "4f6cf35x-2c4y-483z-a0a9-158621f77a21", "riskMetadata": { "ipAddress": "93.92.91.90", "fingerprint": "pIUt3xbgX3l9g3YDiLbx", }, "leadSource": { "medium": "string", "source": "string", "campaign": "string", "term": "string", "content": "string", "affiliate": "string", "subAffiliate": "string", "salesAgent": "string", "clickId": "string", "path": "string", "referrer": "string" } }
Responses

201

Token created.

401

Unauthorized access. Invalid credentials used.

403

Access forbidden.

422

Invalid data sent.

Response samples
application/json
{ "method": "payment-card", "paymentInstrument": { "expMonth": 0, "expYear": 0, "bin": "string", "last4": "string", "brand": "Visa" }, "billingAddress": { "firstName": "Benjamin", "lastName": "Franklin", "organization": "Rebilly", "address": "36 Craven St", "address2": "string", "city": "Austin", "region": "Texas", "country": "GB", "postalCode": "WC2N 5NF", "dob": "1980-04-01", "jobTitle": "CEO", "hash": "056ae6d97c788b9e98b049ebafd7b229bf852221" }, "id": "4f6cf35x-2c4y-483z-a0a9-158621f77a21", "isUsed": false, "riskMetadata": { "ipAddress": "93.92.91.90", "fingerprint": "pIUt3xbgX3l9g3YDiLbx", "isProxy": true, "isVpn": true, "isTor": true, "isHosting": true, "hostingName": "string", "isp": "string", "country": "US", "region": "NY", "city": "New York", "latitude": 0.1, "longitude": 0, "postalCode": "string", "timeZone": "America/New_York", "accuracyRadius": 0, "distance": 0, "hasMismatchedBillingAddressCountry": true, "hasMismatchedBankCountry": true, "hasMismatchedTimeZone": true, "hasMismatchedHolderName": true, "hasFakeName": true, "isHighRiskCountry": true, "paymentInstrumentVelocity": 0, "declinedPaymentInstrumentVelocity": 0, "deviceVelocity": 0, "ipVelocity": 0, "emailVelocity": 0, "billingAddressVelocity": 0, "score": 0 }, "createdTime": "2019-08-24T14:15:22Z", "updatedTime": "2019-08-24T14:15:22Z", "usageTime": "2019-08-24T14:15:22Z", "expirationTime": "2019-08-24T14:15:22Z", "_links": [ ] }