Discover_Image Stored Payment Tokens > Documentation

Overview


The Stored Payment Tokens (Cards-on-File) API helps you to store and manage payment tokens on your e/m-commerce sites easily. Integration with our platform is simple with easy to use interfaces.

Authentication-Making the first API request is only few steps away


  1. All projects start in Sandbox mode. Once you’re invited to gain access to this API you can login here to get Client Application ID (API Key) Client Application Secret, Consumer Application Certificate and API Plan name.

  2. All API requests must be authenticated with an OAuth token. To get the OAuth token, follow these simple steps

    1. Make a HTTP POST request to the endpoint /auth/oauth/v2/token with HTTP Authorization Header as Basic base64encoded(client_application_id:client_application_secret), Content-Type as application/x-www-form-urlencoded and Cache-Control as no-cache

    2. The response would contain an OAuth token along with token type and token expiry in seconds

      SAMPLE OAUTH TOKEN REQUEST

      POST /auth/oauth/v2/token?grant_type=xyz&scope=RWDS_xyz HTTP/1.1
      Authorization: sdlfsdf0dskladfk123456
      Content-Type: application/x-www-form-urlencoded
      Cache-Control: no-cache

      SAMPLE RESPONSE

      Response-Status: HTTP/1.1 200 OK
      Cache-Control: no-store
      Content-Type: application/json;charset=UTF-8
      Pragma: no-cache
      {
      "access_token": "sdlfsdf0dskladfk123456"
      "token_type": "xyz"
      "expires_in": 00000
      "scope": "RWDS_xyz"
      }

  3. Once an OAuth token is obtained, you can use the token along with Consumer Application Secret and API Plan name provided during Sandbox access in the HTTP Header of an API to make your first call. The same OAuth can be used for multiple API calls as long as it is not expired.

Access Error


The service authenticates and authorizes the client, and provides the following status codes when errors occur:

  1. 401 Unauthorized. The authorization credentials are either missing or incorrect. The caller has to provide the right credentials to be authenticated in order to access the service.
  2. 403 Forbidden. The request sent by the client was correct, but access to the resource identified by the URL is forbidden for some reason. The server understood the request, but is refusing to fulfill it.

API Structure


A typical API request would contain the sections HTTP Header, Request Header, Request Body as part of the request and HTTP Header, Response Header and Response Body as part of the response with some exception due to the nature of the API. Refer the individual end points to know more.

HTTP Header


We follow a robust standard for HTTP Header which includes the following parameters to be supplied while you are making an API request

Accept
Content-Type
Cache-Control
Authorization
X-DFS-C-APP-CERT
X-DFS-API-PLAN

While Accept, Content-Type and Cache-Control values are standard, Authorization which is the OAuth token obtained while authenticating, X-DFS-C-APP-CERT which is Consumer Application Secret and X-DFS-API-PLAN which is API Plan name given to you at the time of registration to the Sandbox.

Our HTTP Header in the response will include Access, Content-Type and Cache-Control.

HTTP Status Code


The HTTP Status Code returned in the response follows an industry API standard and designed to help you better interpret the underlying error.

In case of a successfully processed request, the server will return HTTP Status Code 200.
In case of missing or incorrect credentials, the server will return HTTP Status code 401 Unauthorized.
In case access to the resource identified by URI is forbidden for some reason, the server will return HTTP Status Code 403 Forbidden.
In case of missing values in the URI, the server will return a HTTP Status Code 404.
In case of an unexpected error or downstream system unavailable, the server will return HTTP Status Code 500.

Encrypted Content


While all the API calls happens over TLS/SSL, the calls are further protected by encryption mechanism. You will be provided with full documentation of the established encryption strategy once you get access to Sandbox.

account/provision

/nws/nwp/cof/v0/account/provision


Tokenize Discover payment account number to enable partners to securely initiate transactions using tokens

REQUEST ARGUMENTS


requestHeader: object | required

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: sessionId: string | required | 1-64

A unique identifier for the entire session associated with the provision across multiple API calls

requestHeader: programId: string | required | 1-16

A unique identifier of the digital wallet service provider

requestHeader: userContext: object | required

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | required | 1-100

Unique identifier for the digital wallet specific for the user.

accountProvisionRequest: object | required

Encapsulates the provisioning request data from the digital wallet service provider

accountProvisionRequestsecureContext: object | required

Encapsulated the details of the Payment Account Number that needs to be tokenized

accountProvisionRequest: secureContext: encryptedContent: string | required | variable

JWE Encrypted representation of the content.

encryptedContent: pan: string | required | 12-19

Primary Account Number that needs to be tokenized into the wallet

encryptedContent: expDate: string | required | 4

The expiry Date associated with the Primary Account Number in the format MMYY

encryptedContent: cardHolderName: string | 1-64

The card holder name as printed on the card associated with the Primary Account Number

encryptedContent: billingAddr: string | 1-128

Full billing address of the card holder

encryptedContent: billingZip: string | 1-24

Full Billing Zip of the card holder

encryptedContent: cid: string | 4

Three or four digit security code on the back of the card, typically near the signature panel. It is also referred to as CVV/CVV0

encryptedContent: source: string | required | 1-64

This indicates which method was used to capture the card information that is being sent

    Possible Values:
  • “on-file” – Card information was already on-file
  • "user-input" – User manually entered the card information

accountProvisionRequest: deviceContext: object

Encapsulates the details of the device used to initiate the provision request

accountProvisionRequest: deviceContext.deviceType: string | 1

Type of device

Possible Values
  1. Mobile
  2. Tablet
  3. Watch
  4. Other
  5. Phone Tablet
  6. Cloud

accountProvisionRequest: riskContext: object

Encapsulates details of risk indicators from digital wallet provider for that user

accountProvisionRequest: riskContext: accountRisk: string | 1

Risk rating of the user account assessed by digital wallet provider

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--header "Content-Type: application/json" \
--request POST \
--data '
{
"requestHeader": {
"requestId":
"accountprovisionsamplerequest1", ,
“sessionId”:
”accountprovisionsamplesession1” ,
“programId”:
”1234567890” ,
"userContext": {
"walletId":
”accountprovisionsamplewallet1”
}
},
"accountProvisionRequest": {
"secureContext":{
"encryptedContent":
"ew0KCSJwYW4iOiAiNjAxMTEyMzQ1Njc4OTA5OSIsDQoJImV4cERhdGUiOiAiMTAyMCIsDQoJImNhcmRIb2xkZXJOYW1lIjogIllvdXIgTmFtZSIsDQoJImJpbGxpbmdBZGRyIjogIllvdXIgYmlsbGluZyBhZGRyZXNzIiwNCgkiYmlsbGluZ1ppcCI6ICI5OTk5OSIsDQogICAgICAgICJzb3VyY2UiIDogIm9uLWZpbGUiDQp9"
},
“deviceContext”:
{
"deviceType":
"1"
},
"riskContext": {
"accountRisk":
"4"
}
}' \
'/nws/nwp/cof/v0/account/provision'

RESPONSE VALUES


responseHeader: object | required

Encapsulates request, session and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: sessionId: string | required | 1-64

This is the value that was provided in the request for sessionId

responseHeader: programId: string | required | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: object | required

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | required | 1-100

Unique identifier for the digital wallet specific for the user

responseHeader: error: object | maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | required | 1-1024

Error message corresponding to the error code

accountProvisionResponse: object | maybe

Encapsulates the Account provisioning response information. Will not be provided in case of any structure validation errors

accountProvisionResponse: provisioningDecision: string | required | 1-20

Issuer’s decision on provisioning of the Primary Account Number

Possible Values
  1. APPROVED
  2. DECLINED

accountProvisionResponse: provisioningMetadataContext: object | maybe

Encapsulates provision meta data. Will not be available if provisionDecision is Declined

accountProvisionResponse: provisioningMetadataContext: tokenId: Data Dictionary | required | 32-64

Unique reference of the Payment token that was created as a result of provision

accountProvisionResponse: issuerContext: object | maybe

Encapsulates issuer meta data. Will not be available if provisionDecision is Declined

accountProvisionResponse: issuerContext: issuerName: string | required |1-32

Full name of the issuing bank

accountProvisionResponse: issuerContext: website: string | required | 1-256

Customer service website of issuing bank

accountProvisionResponse: issuerContext: contactNumber: string | required | 1-24

Customer service phone number of issuing bank

accountProvisionResponse: issuerContext: privacyPolicyURL: string | required | 1-256

Privacy policy URL of the Issuer

accountProvisionResponse: issuerContext: termsConditionsURL: string | required | 1-256

Terms & Conditions URL of the Issuer

accountProvisionResponse: accountMetadataContext: object | maybe

Encapsulates account information. This will not be available if provisioningDecision is DECLINED

accountProvisionResponse: accountMetadataContext: productDescription: string | required | 1-64

Description of the product associated with the card. E.g.,”Discover It”

accountProvisionResponse: accountMetadataContext: cardImageId: string | required | 1-64

Unique identifier of the card image associated with the card. Use this id to get the actual card image asset

accountProvisionResponse: accountMetadataContext: panSuffix: string | required | 4

Last 4 digits of the Primary Account Number

accountProvisionResponse: accountMetadataContext: tokenSuffix: string | required | 4

Last 4 digits of the allocated token

accountProvisionResponse: secureContext: object | maybe

Encapsulated the details of the Payment Account Number that needs to be tokenized

accountProvisionResponse: secureContext: encryptedContent: string | required | variable

JWE Encrypted representation of the content

encryptedContent: token: string | required | 12-19

A unique Payment Token associated with the Primary Account Number

encryptedContent: tokenExpDate: string | required | 4

Token Expiration Date in the format MMYY

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Approved provision response

HTTP 200
{
"responseHeader": {
"responseId": "accountprovisionsamplerequest1",

"sessionId": "accountprovisionsamplesession1",

"programId": "1234567890",

"userContext": {
"walletId": "accountprovisionsamplewallet1",

}
},
"accountProvisionResponse":{
"provisioningDecision": "APPROVED",

"provisioningMetadata":{
"tokenId": "df106a60805440dcdf1f864c24060"
}

"issuerContext":{
"issuerName": "Discover Card"

"website": "https://www.discover.com",

"contactNumber": "800-347-3085",

"privacyPolicyURL": "https://www.discover.com/privacy-statement/index.html",

"termsConditionsURL": "https://www.discover.com/credit-cards/digital-wallets/terms-conditions.html",

},
"accountMetadataContext":{
"productDescription":"Discover It",

"cardImageId": "Samplecardimageid1",

"panSuffix": "0289",

"tokenSuffix": "0004"

}
"secureContext":{
"encryptedContent": "ew0KCSJ0b2tlbiI6ICIxMjM0NTY3ODkwMTIzNDU2IiwNCgkidG9rZW5FeHBEYXRlIjogIjA0MjAiDQp9"
}
}
}

SAMPLE RESPONSE # 2 – Declined provision response

HTTP 200
{
"responseHeader":
{"responseId": "accountprovisionsamplerequest1",

"sessionId": "accountprovisionsamplesession1",

"programId": "1234567890",

"userContext": {
"walletId": "accountprovisionsamplewallet1"

}
},
"accountProvisionResponse": {
"provisioningDecision": "DECLINED"
}
}

SAMPLE RESPONSE # 3 – Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": "accountprovisionsamplerequest1",

"sessionId": "accountprovisionsamplesession1",

"programId": "1234567890",

"userContext": {
"walletId": "accountprovisionsamplewallet1",

}
"errors":[{
"errorCode": "90002"

"errorMessage": "Invalid Field Length– programId"
}]
}
}

account/profile/management

/nws/mpp/cof/v0/wallet/account/profile/management


Update account and issuer attributes in the digital wallet

REQUEST ARGUMENTS


requestHeader: object | required

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId: string | required| 1-16

A unique identifier of the digital wallet service provider

requestHeader: userContext: object | required

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | required | 1-100

Unique identifier for the digital wallet specific for the user

accountProfileManagementRequest: object | required

Encapsulates request payload of account profile management

accountProfileManagementRequest: tokenId: string | required | 1-64

An unique reference to the Payment Token for which the account and/or issuer attribute updates need to be performed

accountLifecycleRequest: reason: string | required | 1-256

Reason for the requested change

accountProfileManagementRequest: accountMetadataContext: object | required

Encapsulates account related attributes that need to be updated in the digital wallet. Will be present only if one of the attributes in the object is present

accountProfileManagementRequest: accountMetadataContext: productDescription: string | required | 1-64

Description of the product associated with the card. E.g.,”Discover It”

accountProfileManagementRequest: accountMetadataContext: cardImageId: string | required | 1-64

Unique identifier of the card image associated with the card. Use this id to get the actual card image asset

accountProfileManagementRequest: accountMetadataContext: panSuffix: string | required | 4

Last 4 digits of the Primary Account Number

accountProfileManagementRequest: issuerContext: object | maybe

Encapsulates attributes associated with the issuer that need to be updated in the digital wallet. Will be present only if one of the attributes in the object is present

accountProfileManagementRequest: issuerContext: issuerName: string | required | 1-32

Full name of the issuing bank

accountProfileManagementRequest: issuerContext: website: string | required | 1-256

Customer service website of issuing bank

accountProfileManagementRequest: issuerContext: contactNumber: string | required | 1-24

Customer service phone number of issuing bank

accountProfileManagementRequest: issuerContext: privacyPolicyURL: string | required | 1-256

Privacy policy URL of the Issuer

accountProfileManagementRequest: issuerContext: termsConditionsURL: string | required | 1-256

Terms & Conditions URL of the Issuer

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE REQUEST # 1 – Profile update due to card product upgrade

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate"\
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--header "Content-Type: application/json" \
--request POST \
--data '
{
"requestHeader": {
"requestId":
"accountprofilemanagementsamplerequest1" ,
“programId”:
”1234567890” ,
"userContext": {
"walletId":
”accountprofilemanagementsamplewallet1”
}
},
"accountProfileManagementRequest": {
"tokenId":
”sampletokenid1” ,
“reason”:
"Card product upgrade" ,
"accountMetadataContext": {
"productDescription":
"Discover It" ,
"cardImageId":
"df106a670805440d8cdf1f8647c24060" ,
"panSuffix":
"0289"
}
}
}' \
'/nws/nwp/admin/cof/v0/wallet/account/profile/management'

SAMPLE REQUEST # 2 – Profile update due to issuer meta data changes

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--header "Content-Type: application/json" \
--request POST \
--data '
{
"requestHeader": {
"requestId":
"accountprofilemanagementsamplerequest1" ,
“programId”:
”1234567890” ,
"userContext": {
"walletId":
”accountprofilemanagementsamplewallet1”
}
},
"accountProfileManagementRequest": {
"tokenId":
”sampletokenid1” ,
“reason”:
"Issuer meta data changes" ,
"issuerContext": {
"website":
"https: //www.discover.com" ,
"contactNumber":
"800-347-3085" ,
"privacyPolicyURL":
"https: //www.discover.com/privacy-statement/index.html" ,
"termsConditionsURL":
"https: //www.discover.com/credit-cards/digital-wallets/terms-conditions.html"
}
}
}' \
'/nws/nwp/admin/cof/v0/wallet/account/profile/management'

RESPONSE VALUES


responseHeader: object | required

Encapsulates request, session and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: sessionId: string | required | 1-64

This is the value that was provided in the request for sessionId

responseHeader: programId: string | required | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: object | required

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | required | 1-100

Unique identifier for the digital wallet specific for the user

responseHeader: error: object | maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 4

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | required | 1-1024

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Successful response

HTTP 200
{
"responseHeader": {
"responseId": ”accountprofilemanagementsamplerequest1”,

"programId": "1234567890",

"userContext": {
"walletId": "accountprofilemanagementsamplewallet1"
}
}
}

SAMPLE RESPONSE # 2 - Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": ”accountprofilemanagementsamplerequest1”,

"programId": "1234567890",


"errors": [{
"errorCode": "90001",

"errorMessage”: "Mandatory document/field missing - tokenId "
}]
}
}

ondemand/credentials

/nws/nwp/cof/v0/wallet/account/credentials/ondemand


On-Demand one time use cryptogram requested by an entity initiating e-commerce token payment transaction

REQUEST ARGUMENTS


requestHeader: object | required

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId: string | required| 1-16

A unique identifier of the digital wallet service provider

requestHeader : userContext: object | required

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader : userContext: walletId: string | required | 1-100

Unique identifier for the digital wallet specific for the user

ondemandCredentialsRequest: object | required

Encapsulates request payload of on-demand credentials

ondemandCredentialsRequest: tokenId: string | required | 1-64

An unique reference to the Payment Token for which the one time use cryptogram is requested

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--header "Content-Type: application/json" \
--request POST \
--data '
{
"requestHeader": {
"requestId":
"ondemandcredentialssamplerequest1" ,
“programId”:
"1234567890" ,
"userContext": {
"walletId":
”ondemandcredentialssamplewallet1”
}
},
"ondemandCredentialsRequest": {
"tokenId":
”sampletokenid1”
}
}' \
'/nws/nwp/cof/v0/wallet/account/credentials/ondemand''

RESPONSE VALUES


responseHeader: object | required

Encapsulates request, session and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: sessionId: string | required | 1-64

This is the value that was provided in the request for sessionId

responseHeader: programId: string | required | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: object | required

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | required | 1-100

Unique identifier for the digital wallet specific for the user

responseHeader: error: object | maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | present | 1-1024

Error message corresponding to the error code

ondemandCredentialsResponse: object | maybe

Encapsulates on-demand credentials response. Will not be provided in case of any structure validation errors

ondemandCredentialsResponse: tokenId: string | required | 1-64

This is the value that was provided in the request for the field tokenId

ondemandCredentialsResponse: secureContext: object | maybe

Encapsulated the details of the onetime use cryptogram

ondemandCredentialsResponse: secureContext: encryptedContent: object | required | variable

JWE Encrypted representation of the content

encryptedContent: remoteCryptogram: string | required | 4-136

Base64 encoded remote cryptogram to be used in the authorization request by the merchant in the authentication related fields

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Successful response

HTTP 200
{
"responseHeader": {
"responseId": ”ondemandcredentialssamplerequest1”,

"programId": "1234567890",

"userContext": {
"walletId": "ondemandcredentialssamplewallet1"
}
},

"ondemandCredentialsResponse": {
"tokenId": "sampletokenid1",

"secureContext”: {
"encryptedContent": "MjAgYnl0ZSByZW1vdGUgY3J5cHRvZ3JhbSBuZWVkZWQgdG8gcGVyZm9ybSBhIHRyYW5zYWN0aW9u"
}
}
}

SAMPLE RESPONSE # 2 - Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": ”ondemandcredentialssamplerequest1”,

"programId": "1234567890",

"userContext": {
"walletId": "ondemandcredentialssamplewallet1",

},
"errors": [{
"errorCode": "90002",

"errorMessage”: "Invalid Field Length– programId"
}]
}
}

resource

/nws/nwp/cof/v0/{programId}/{resourceUUID}/{requestId}


Get digital asset for the provided resource identifier

REQUEST ARGUMENTS


URI Format

requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

programId: string | required| 1-16

A unique identifier of the digital wallet service provider

resourceUUID: string | required | 1-64

A unique identifier assigned to a digital resource

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store.

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--request GET \
'/nws/nwp/cof/v0/resource/1234567890/sampleresourceid1/resourcesamplerequest1'

RESPONSE VALUES


responseHeader: object | required

Encapsulates request, session and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | required | 1-16

This is the value that was provided in the request for programId

responseHeader: error: object | maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | required | 1-1024

Error message corresponding to the error code

responseResource: object | maybe

Encapsulates resource response details. Will not be provided in case of any structure validation errors

responseResource: resourceTypeCode: string | required | 2

Represents the code assigned to type of digital asset

Possible Value
  1. 01

responseResource: resourceType: string | required | 1-215

Description of the resource e.g., Complete Card Image

responseResource: resourceUUID: string | required | 1-16

This is the value that was provided in the request for the resourceUUID

responseResource: resource: object | required

Encapsulates actual digital asset

responseResource: media : object | required

Type of media

Possible values
  1. image/pdf
  2. image/png
  3. image/svg
  4. text/plain
  5. text/html

responseResource: encodedResource: string | required | variable

Base64 encoded resource

responseResource: width: string | required | 1-4

Width of the image. Provided only when media type is image

responseResource: height: string | required | 1-4

Height of the image. Provided only when media type is image

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Successful response

HTTP 200
{
"responseHeader": {
"responseId": "resourcesamplerequest1",

"programId": "1234567890",

},
"resourceResponse":{
"resourceTypeCode": "01",
"resourceUUID": "sampleresourceid1",
"resource" [{
"media": "image/png",

"encodedResource": "PGh0bWw+DQo8c3R5bGU+......"
}]
}
}

SAMPLE RESPONSE # 2 - Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": ”ondemandcredentialssamplerequest1”,

"programId": "1234567890",

},
"errors": [{
"errorCode": "90002",

"errorMessage”: "Invalid Field Length– programId "
}]
}

account/status

/nws/nwp/cof/v0/wallet/account/status


Status of provision and token for the provided payment token identifier

REQUEST ARGUMENTS


requestHeader: object | required

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId: string | required | 1-16

A unique identifier of the digital wallet service provider

accountStatusRequest: string | required | 1-64

Encapsulates request payload of account status request

accountStatusRequest: tokens: object | required

An array of Payment Token Reference identifiers

accountLifecycleRequest: tokens: tokenId: string | required | 1-64

An unique reference to the Payment Token for which the mentioned life cycle operation needs to be performed

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate"
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--header "Content-Type: application/json" \
--request POST \
--data '
{
"requestHeader": {
"requestId":
"accountstatussamplerequest1" ,
“programId”:
"1234567890"
},
"accountStatusRequest": {
"tokens": [{
"tokenId":
”sampletokenid1” ,
} {
"tokenId":
"sampletokenid2"
}]
}
}' \
'/nws/nwp/cof/v0/wallet/account/status'

RESPONSE VALUES


responseHeader: object | required

Encapsulates request, session and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | required | 1-16

that was provided in the request This is the value for programId

responseHeader: error: object | maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 5

A numeric code specific to the error scenario that occurred due to structural validation

responseHeader: error: errorMessage: string | required | 1-1024

Error message corresponding to the error code

accountStatusResponse: object | maybe

Encapsulates Account Status response details. Will not be provided in case of any structure validation errors

accountStatusResponse: tokenStatus: object | required

Array of token ids outlining the current status of each Payment Token associated for each payment token identifier provided in the request

accountStatusResponse: tokenStatus: tokenId: string | required | 1-64

This is the value that was provided in the request for the field tokenId

accountStatusResponse: tokenStatus: provisionStatus: string | maybe | 6-32

Status of provision associated with the payment token identifier. Provided only when there is no issue with the provided payment token identifier

Possible Values
  1. Completed
  2. Pending
  3. Failed

accountStatusResponse: tokenStatus: tokenStatus: string | maybe | 6-32

Status of token associated with the payment token identifier. Provided only when there is no issue with the provided payment token identifier

Possible Values:
  1. Active
  2. Suspended
  3. Unlinked

accountStatusResponse: tokenStatus: errorCode: string | maybe | 5

A numeric code specific to the error scenario that occurred for the requested tokenId

accountStatusResponse: tokenStatus: errorMessage: string | maybe | 1-1024

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Successful response

HTTP 200
{
"responseHeader": {
"responseId": ”accountstatussamplerequest1”,

"programId": "1234567890"

"accountStatusResponse": {
"tokenStatus": [{
"tokenId": "sampletokenid1",

"provisionStatus": "Completed",

tokenStatus: "Active"

}, {
"tokenId": "sampletokenid2",

"errorCode": "10102",

"errorMessage": "Invalid payment token identifier"
}]
}
}

SAMPLE RESPONSE # 2 -Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": ”accountstatussamplerequest1”,

"programId": "1234567890"

},
"errors": [{
"errorCode": "90002",

"errorMessage”: "Invalid Field Length– programId "
}]
}

utility/healthCheck

/nws/nwp/cof/v0/wallet/utility/healthcheck/{programId}/{requestId}


Check health of the platform for monitoring purposes

REQUEST ARGUMENTS


URI Format

requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

programId: string | required | 1-16

A unique identifier of the digital wallet service provider

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--request GET \
'/nws/nwp/cof/v0/wallet/utility/healthcheck/1234567890/
healthchecksamplerequest1''

RESPONSE VALUES


responseHeader: object | required

Encapsulates request and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | required | 1-16

This is the value that was provided in the request for programId

responseHeader: error: object| maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 4

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | required | 1-1024

Error message corresponding to the error code

healthCheckResource: object | maybe

Encapsulates health check response details. Will not be provided in case of any structure validation errors

healthCheckResource: version: string | 1-32

A string indicating version of the platform

healthCheckResource: healthy: string | required | 4-5

Overall platform health

Possible Values
  1. True
  2. False

healthCheckResource: message: string | required | 1-256

Description associated with the health of the platform

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Successful response indicating healthy platform

HTTP 200
{
"responseHeader": {
"responseId": ”healthchecksamplerequest1”,

"programId": "1234567890"

},
"healthCheckResponse": {
"version": "1.2.0",

"healthy”: "true",

“message”: "Services health check is successful"
}
}

SAMPLE RESPONSE # 2 - Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": ”healthchecksamplerequest1”,

"programId": "1234567890"

},
"errors": [{
"errorCode": "90002",

"errorMessage”: "Invalid Field Length– programId"
]}
}

Errors


Error Code Error Description HTTP Status Code
30001 Unexpected Error / Runtime Errors/ Error Occurred during Business Processing 500
30002 Downstream system unavailable 500
90001 Mandatory document/field missing 400
90002 Invalid field length 400
90003 Invalid field type 400
90004 Invalid field Value 400
90005 Invalid HTTP Header 400
90006 No Content-Type in HTTP Header 400