POSTTokenize Card API (Sync)
Use Case
Used to tokenize a card to create a network-based card token. Token attributes such as Token Index Number, Token, Token Expiry etc all are provided in sync response.
Request Attributes
Head
| Attribute | Description | 
|---|---|
| version string mandatory | Version of the API | 
| requestTimestamp string mandatory | EPOCH timestamp of the time at which request is being sent Possible Value: 1588402269 | 
| requestId string mandatory | Merchant’s Unique Request ID for card tokenization Possible Value: Any | 
| signature string mandatory | Paytm validates the request and ensures that parameters are not tempered by verifying the signature in the request. For creating the checksum (signature) refer to the steps given in Checksum Logic. Possible Value: Any | 
| signatureType string mandatory | Authorization method for this request. Possible Value: CHECKSUM | 
| clientId string optional | Paytm uses the merchant key on the basis of clientId parameter value. It is required only if the merchant has more than one key. | 
| encryptionKeyVersion string optional | Paytm uses the merchant key on the basis of the encryption key version. It is required only if the merchant has more than one key. Possible Value: v1 | 
Body
| Attribute | Description | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| authRefId string conditional | Authentication ID for the 2FA transaction generated as received from the acquirer. | ||||||||||||||||||||||||
| cardSource string mandatory | The source where PAN was captured. Must be one of the possible values. | ||||||||||||||||||||||||
| encryptedCardData string mandatory | encrypted card data object. Refer 8.2 cardData object | ||||||||||||||||||||||||
| userInfo object mandatory | customer info object | ||||||||||||||||||||||||
| userInfo+ 
 | |||||||||||||||||||||||||
| tokenizationConsent object mandatory | user consent detail. | ||||||||||||||||||||||||
| tokenizationConsent+ 
 | |||||||||||||||||||||||||
Response Attributes
Head
| Attribute | Description | 
|---|---|
| Version string | Version of the API | 
| responseTimestamp string | EPOCH timestamp of the time at which request is being received Possible Value: 1588402269 | 
| requestId string | Merchant’s Unique Request ID for card tokenization Possible Value: Any | 
Body
| Attribute | Description | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| mid string | Paytm provides MID as a unique identifier to each merchant. For your staging MID, click here. You get the production MID post the account activation. Example: INTEGR7769XXXXXX9383 | ||||||||||||||||||||||||||
| tokenInfo object | Token Info object contains the card token information. | ||||||||||||||||||||||||||
| tokenInfo+ 
 | |||||||||||||||||||||||||||
| resultInfo object | status object | ||||||||||||||||||||||||||
| ResultInfo+ 
 | |||||||||||||||||||||||||||
curl -X POST 'https://securestage.paytmpayments.com/coft/merchant/{mid}/tokenize/direct?requestId={request-id}
' \
--header 'Content-Type: application/json' \
--data '{"body":{"authRefId":"501123338","cardSource":"CARD_ON_FILE","encryptedCardData":"Encrypted cardData object","userInfo":{"custId":"CUST_001","firstName":"","lastName":"","mobileNumber":""},"tokenizationConsent":{"userConsent":1,"createdAtuser":"Apr 27, 2022 02:46:54 PM","userConsentId":"1234","language":"en","platform":"APP","os":"androidapp","appVersion":"9.10.2","locale":"en-IN","ip":"157.35.79.240","deviceId":"samsung-SM-A260G-01b9ec5dc11fc570","deviceName":"SM-A260G"}},"head":{"version":"v1","requestTimestamp":"1544614590000","requestId":"merchre000001","signature":"{signature}","signatureType":"{CHECKSUM}","clientId":""}}'