Discover_Image Discover SE Wallet Services > Documentation

Overview


The Discover SE Wallet Services enable you to tokenize Discover cards to be stored within your secure element based digital wallet for contactless and in-app transactions. It also helps you manage the lifecycle of the token and receive wallet notifications.

Authentication-Making the first API request is only few steps away


  1. All projects start in Sandbox mode. Sign up to create a project and get Client Application ID (API Key) Client Application Secret, Consumer Application Secret and API Plan name.

  2. All API requests must be authenticated with an oAuth token. To get the oAuth token, follow these simple steps

    1. Make a HTTP POST request to the endpoint /auth/oauth/v2/token with HTTP Authorization Header as Basic base64encoded(client_application_id:client_application_secret), Content-Type as application/json and Cache-Control as no-cache

    2. The response would contain an OAuth token along with token type and token expiry in seconds

      SAMPLE OAUTH TOKEN REQUEST

      POST /auth/oauth/v2/token?grant_type=xyz&scope=RWDS_xyz HTTP/1.1
      Authorization: sdlfsdf0dskladfk123456
      Content-Type: application/x-www-form-urlencoded
      Cache-Control: no-cache

      SAMPLE RESPONSE

      Response-Status: HTTP/1.1 200 OK
      Cache-Control: no-store
      Content-Type: application/json;charset=UTF-8
      Pragma: no-cache
      {
      "access_token": "sdlfsdf0dskladfk123456",
      "token_type": "xyz",
      "expires_in": 3600,
      "scope": "RWDS_xyz"
      }

  3. Once an OAuth token is obtained, you can use the token along with Consumer Application Secret and API Plan name provided during Sandbox access in the HTTP Header of an API to make your first call. The same OAuth can be used for multiple API calls as long as it is not expired.

Access Error


In case of missing or incorrect credentials, the server will return HTTP Status code 401 Unauthorized.

In case access to the resource identified by URI is forbidden for some reason, the server will return HTTP Status Code 403 Forbidden.

In case of invalid JSON structure, the server will return a HTTP Status Code 400 Bad Request.

In case of valid JSON structure but some validation error is found, the server will return HTTP Status Code 400 with validation errors in the responseheader.

In case of an unexpected error or downstream system unavailable, the server will return HTTP Status Code 500.

API Structure


A typical API request would contain the sections HTTP Header, Request Header, Request Body as part of the request and HTTP Header, Response Header and Response Body as part of the response with some exception due to the nature of the API. Refer the individual end points to know more.

HTTP Header


We follow a robust standard for HTTP Header which includes the following parameters to be supplied while you are making an API request

Accept
Content-Type
Cache-Control
Authorization
X-DFS-C-APP-CERT
X-DFS-API-PLAN
While Accept, Content-Type and Cache-Control values are standard, Authorization which is the OAuth token obtained while authenticating, X-DFS-C-APP-CERT which is Consumer Application Secret and X-DFS-API-PLAN which is API Plan name given to you at the time of registration to the Sandbox. Our HTTP Header in the response will include Access, Content-Type and Cache-Control.

HTTP Status Codes


The HTTP Status Code returned in the response follows an industry API standard and designed to help you better interpret the underlying error.
In case of a successfully processed request, the server will return HTTP Status Code 200.
In case of missing or incorrect credentials, the server will return HTTP Status code 401 Unauthorized.
In case access to the resource identified by URI is forbidden for some reason, the server will return HTTP Status Code 403 Forbidden.
In case of missing values in the URI, the server will return a HTTP Status Code 404.
In case of an unexpected error or downstream system unavailable, the server will return HTTP Status Code 500.

Encrypted Content


While all the API calls happens over TLS/SSL, the calls are further protected by encryption mechanism. You will be provided with full documentation of the established encryption strategy once you get access to Sandbox.

account/eligibility

/nws/nwp/se/v0/account/eligibility


Check eligibility of the payment card and get data elements to proceed with provisioning of the card

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates Request and Program related parameters.

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: sessionId: string | mandatory | 1-64

A unique identifier for the entire session associated with the provision across multiple API calls

requestHeader: programId: string | mandatory | 1-16

A unique identifier of the digital wallet service provider

requestHeader: userContext: Object | mandatory

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet specific for the user

requestHeader: userContext: seId: string | mandatory| 5-64

A Secure Element ID

accountEligibilityRequest: object | mandatory

The Account request that is to be checked for Eligibility

accountEligibilityRequest: secureContext: string | mandatory

Encapsulated the details of the Payment Account Number that needs to be checked for eligibility

accountEligibilityRequest: secureContext: encryptedContent: string | mandatory | variable

JWE Encrypted representation of the content

accountEligibilityRequest: secureContext: encryptedContent: accountContext: pan: string | Mandatory | 12-19

Primary Account Number that needs to be checked for eligibility

accountEligibilityRequest: secureContext: encryptedContent: accountContext: expDate: string | Mandatory | 4

The expiry Date associated with the Primary Account Number in the format MMYY

accountEligibilityRequest: secureContext: encryptedContent: accountContext: cardHolderName: string | Mandatory | 1-64

The card holder name as printed on the card associated with the Primary Account Number

accountEligibilityRequest: secureContext: encryptedContent: accountContext: billingAddr: string | optional | 1-128

Full Full Billing Address of the Card Holder

accountEligibilityRequest: secureContext: encryptedContent: accountContext: billingZip: string | optional | 1-24

Full Billing Zip of the Customer

accountEligibilityRequest: secureContext: encryptedContent: accountContext: source: string | mandatory | 1-20

This indicates which method was used to capture the user information that is being sent.
  • "add-device" - Provision a companion Mobile Payment Device using the details of a previously provisioned Mobile Payment Device
  • "on-file" - This is set when the account is already present
  • "restore" - This is set when is provision is initiated as a result of restore of previously provisioned PAN. E.g., a new Mobile Payment Device registered with wallet account with previously digitalized PAN
  • "user-input" - User manually entered or scanned the card

accountEligibilityRequest: secureContext: encryptedContent: accountContext: captureMethod: string | optional | 1

Capture Method
  • 1 = Camera
  • 2 = Manual

accountEligibilityRequest: deviceContext: data dictionary | conditional

A set of attributes associated with the Mobile Payment Device that is being provisioned

accountEligibilityRequest: deviceContext: deviceLanguage: string | optional | 1-10

Code for identifying the Mobile Payment Device language. Based on IEFT BCP 47. If not provided, this will be defaulted to en-US

accountEligibilityRequest: deviceContext: deviceType: string | optional | 1-3

Type of Mobile Payment Device
  • 1 - Mobile
  • 2 - Tablet
  • 3 - Watch
  • 4 - Other
  • 5 - Phone Tablet

REQUEST HTTP HEADERS


Accept:

Only accept application/json typ

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"accounteligibilitysamplerequest1" ,
"sessionId":"accounteligibilitysamplesession1" ,
"programId":
"123456789" ,
"userContext": {
"walletId":
"accounteligibilitysamplewallet" ,
"seId":
"accounteligibilitysamplese1" ,
"userId":
"accounteligibilitysampleuser1"
} },
"accountEligibilityRequest": {
"secureContext": {
"encryptedPayload":
"ew0KCSJwYW4iOiAiNjAxMTEyMzQ1Njc4OTA5OSIsDQoJImV4cERhdGUiOiAiMTAyMCIsDQoJImNhcmRIb2xkZXJOYW1lIjogIllvdXIgTmFtZSIsDQoJImJpbGxpbmdBZGRyIjogIllvdXIgYmlsbGluZyBhZGRyZXNzIiwNCgkiYmlsbGluZ1ppcCI6ICI5OTk5OSIsDQogICAgICAgICJzb3VyY2UiIDogIm9uLWZpbGUiDQp9" },
"deviceContext": {
"deviceLanguage":
"en-US" ,
"deviceType":
"1"
}
}
} '\
'/nws/nwp/se/v0/wallet/account/eligibility'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates responses along with session and wallet identification attributes

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: sessionId: string | mandatory | 1-64

This is the value that was provided in the request for the sessionId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | mandatory | 1-100

The walletId passed in the request

responseHeader: userContext: seId: string | mandatory | 5-64

The seId passed in the request

responseHeader: userContext: userId: string | mandatory | 1-100

The userId passed in the request

responseHeader: error: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

accountEligibilityResponse: object | mandatory

Encapsulates account eligibility response details
Sent only if there are no structural validation errors

accountEligibilityResponse: eligibilityStatus: string | mandatory | 2

This value confirms whether the PAN in this request is eligible for inclusion in this wallet
  • 00 - Account eligible for provisioning
  • 01 - Account not eligible for provisioning

accountEligibilityResponse: eligibilityContext: Object | conditional

This object contains the list of the additional wallet specific Eligibility data Provided only when account is elgibible

accountEligibilityResponse: eligibilityContext: provisionCorrelationId: string | mandatory | 1-64

A unique id that correlates the call between Account Eligibility and Account Provision calls

accountEligibilityResponse: eligibilityContext: provisionCorrelationValidity: string | mandatory | 1-15

Provision correlation validity in mintues

accountEligibilityResponse: resourceContext object | conditional

This object contains a list of wallet specific resources returned as part of the eligibility response
Provided only when account is elgibible

accountEligibilityResponse: resourceContext: termsAndConditionsId string | mandatory | 1-64

The identifier for the version of the terms and conditions that are to be accepted by the user during this provision cycle.
The actual T&Cs are retrieved by calling the Resource API

accountEligibilityResponse: resourceContext: networkLogoId string | mandatory | 1-64

The identifier for the image associated with the network logo
The actual logo is retrieved by calling the Resource API

accountEligibilityResponse: issuerContext: Object | Conditional

This object contains the list of wallet specific issuer data associated with eligibility
Provided only when account is elgibible

accountEligibilityResponse: issuerContext: issuerCountryCode string | Mandatory | 2

2 digit Country Code associated with the issuer of the PAN
It will follow the format ISO 3166-1 alpha-2

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Sample response # 1 - Response for elgibile account with no structural validation error

HTTP 200
{
"responseHeader": {
"responseId": "accounteligibilitysamplerequest1",

"sessionId":"accounteligibilitysamplesession1",

"programId":"123456789",

"userContext": {
"walletId": "accounteligibilitysamplewallet1",

"seId":"accounteligibilitysamplese1",

"userId":"accounteligibilitysampleuser1",

} }
, "accountEligibilityResponse": {
"eligibilityStatus": "00",

"eligibilityContext":
{
"provisionCorrelationId": "accounteligibilitysamplecorrelation1",

"provisionCorrelationValidity":"20",

"} ,
"resourceContext":
{
"termsAndConditionsId": "accounteligibilitysampletermsandcondition1",

"networkLogoId": "accounteligibilitysamplenetworklogo1"
} ,
"issuerContext":
{
"issuerCountryCode": "US"
}
}
}

Sample response # 2 - Response for inelgible account with no structural validation error

HTTP 200
{
"responseHeader": {
"responseId": "accounteligibilitysamplerequest1",

"sessionId":"accounteligibilitysamplesession1",

"programId":"123456789",

"userContext": {
"walletId": "accounteligibilitysamplewallet1",

"seId":"accounteligibilitysamplese1",

"userId":"accounteligibilitysampleuser1",

} }
, "accountEligibilityResponse": {
"eligibilityStatus": "01"

}
}

Sample Response # 3 - JSON Response for a structural error

HTTP 400
{
"responseHeader" : {
"responseId" : "accounteligibilitysamplerequest1",

"programId": "123456789",

"errors": [{
"errorCode": "90001",
"errorMessage": "Mandatory document / field missing - programId"

}
]
}
}

account/provision

/nws/nwp/se/v0/account/provision


Tokenize Discover payment account number to enable partners to securely initiate transactions using tokens

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates request, session and wallet identification attributes.

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: sessionId: string | mandatory | 1-64

A unique identifier for the entire session associated with the provision across multiple API calls

requestHeader: programId: string | mandatory | 1-16

A unique identifier of the digital wallet service provider

requestHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet specific for the user

requestHeader: userContext: seId : string | mandatory| 5-64

Secure Element ID

userContext: userId: string | mandatory| 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

accountProvisionRequest: object | mandatory

Encapsulates the provisioning request data from the Wallet Service Provider.

accountProvisionRequest: eligibilityContext: data dictionary | conditional

A set of attributes associated with the eligibility of the payment card sent for provisioning

accountProvisionRequest: eligibilityContext: provisionCorrelationId: string | mandatory | 32

The identifier that was provided in the response from the Account Eligibility check

accountProvisionRequest :eligibilityContext: termsAndConditionsId: string | mandatory | 1-64

Terms And Conditions resource id accepted by the user, must match with the id returned from the of accountEligibility response

accountProvisionRequest :eligibilityContext: termsAndConditionsAcceptedDate: string | mandatory | 32

Terms And Conditions accepted date and time.
Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

accountProvisionRequest: secureContext: secureContext | mandatory

Encapsulated the details of the Payment Account Number that needs to be provisioned

accountProvisionRequest: secureContext: encryptedContent: data dictionary | conditional

JWE Encrypted representation of the content

accountProvisionRequest: secureContext: encryptedContent: cid: string | conditional | 3-4

Three or four digit number on the back of the card, typically in the signature panel. It is also referred to as CVV/CVV2

accountProvisionRequest: secureContext: encryptedContent: source: string | mandatory| 1-20

This indicates which method was used to capture the user information that is being sent
  • "add-device" - Provision a companion Mobile Payment Device using the details of a previously provisioned Mobile Payment Device
  • "in-app" - This is set when the provision request is initiated from Card Mobile app
  • "on-file" - This is set when the account is already present
  • "restore" - This is set when is provision is initiated as a result of restore of previously provisioned PAN E.g., a new Mobile Payment Device registered with wallet account with previously digitalized PAN
  • "user-input" - User manually entered or scanned the card[CM4]

accountProvisionRequest: secureContext: encryptedContent: captureMethod: string | optional| 1

Capture Method
  • 1 = Camera
  • 2 = Manual

accountProvisionRequest: deviceContext: data dictionary | conditional

A set of attributes associated with the Mobile Payment Device that is being provisioned

accountProvisionRequest: deviceContext: countryDuringProvision: string | optional | 2

Country Code of Mobile Payment Device at time of provisioning (ISO 3166-1 alpha-2)

accountProvisionRequest: deviceContext: deviceBrand: string | optional| 1-64

Brand of the Mobile Payment Device

accountProvisionRequest: deviceContext: deviceIp: string | optional | 15-32

IP address of the Mobile Payment Device

accountProvisionRequest: deviceContext: deviceManufacturer: string | optional | 1-64

Mobile manufacturer

accountProvisionRequest: deviceContext: deviceModel: string | optional | 1-64

Mobile Payment Device model

accountProvisionRequest: deviceContext: deviceName: string | mandatory | 1-100

User assigned Mobile Payment Device name

accountProvisionRequest: deviceContext: deviceOSType: string | optional | 1-64

Mobile Payment Device OS type

accountProvisionRequest: deviceContext: deviceOSVersion: string | optional | 1-32

Mobile Payment Device OS type

accountProvisionRequest: deviceContext: deviceOSBuild: string | optional | 1-64

Mobile Payment Device OS build version

accountProvisionRequest: deviceContext: deviceCountry: string | optional| 2

Country Code where the Mobile Payment Device was purchased (ISO 3166-1 alpha-2)

accountProvisionRequest: deviceContext: deviceTimezone: string | optional| 1-32

Mobile Payment Device time zone
example: "GMT-08:00"

accountProvisionRequest: deviceContext: deviceTimezoneSettings: string | optional| 4-5

True if user lets timezone be set timezone network, false if user set own timezone

True if user lets timezone be set timezone network, false if user set own timezone

accountProvisionRequest: deviceContext: deviceType: string | optional | 1

Type of Mobile Payment Device
  • 1 - Mobile
  • 2 - Tablet
  • 3 - Watch
  • 4 - Other
  • 5 - Phone_Tablet

accountProvisionRequest: deviceContext: deviceUserId: string | optional| 1-20

Mobile Payment Device User Id

accountProvisionRequest: deviceContext: imei: string | optional| 2-4

Last 2 or 4 digits of IMEI of the device

accountProvisionRequest: deviceContext: language: string | optional | 1-10

Code identifying the Mobile Payment Device language. Based on IEFT BCP 47

accountProvisionRequest: deviceContext: latitude: string | optional | 1-16

Coordinates (latitude) of the Mobile Payment Device when it is being provisioned

accountProvisionRequest: deviceContext: longitude: string | optional | 1-16

Coordinates (longitude) of the Mobile Payment Device when it is being provisioned

accountProvisionRequest: deviceContext: nameMismatch: string | optional | 4-5

Mismatch between name on file with Mobile platform versus user entered Cardholder name during tokenization

accountProvisionRequest: deviceContext: networkOperator: string | optional | 1-64

Network operator / Sim Operator

accountProvisionRequest: deviceContext: networkType: string | optional | 1-64

Mobile network type

accountProvisionRequest: deviceContext: numberOfTokensDevice: string | optional| 1-3

Number of tokens on physical Mobile Payment Device

accountProvisionRequest: deviceContext: phoneNumber: string | optional| 1-20

User phone number if available (Last 4 or full phone number)

accountProvisionRequest: deviceContext: serialNumber: string | optional| 2-4

The last 2 to 4 digits of the Mobile Payment Device Serial number

accountProvisionRequest: deviceContext: parentDeviceId: string | optional| 5-64

A stable persistent hardware identifier of the parent Mobile Payment Device that survives factory resets. (e.g., Device id of the phone when watch is provisioned)

accountProvisionRequest: deviceContext: deviceBluetoothMAC: string | optional| 1-64

Mobile Payment Device Bluetooth MAC address (e.g., 00-16-68 or 00-16-68-2B-40-90 or 00:16:68:2B:40:90 or 0016682B4090 or 00.16.68.2B.40.90)

accountProvisionRequest: deviceContext: secureChipDataContext secureContext | Mandatory

Encapsulated the details secure element chip data elements that are needed to create targeted personalization scripts

accountProvisionRequest: userProvisionContext: data dictionary | conditional

A set of attributes associated with the Mobile Payment Device that is being provisioned

accountProvisionRequest : userProvisionContext : emailAddress: string | optional | 1-300

Mobile Payment Device profile email Address. This can be in the clear or obfuscated depending on the Wallet

accountProvisionRequest: userProvisionContext: emailAddressAge: string | optional| 1-4

Age of profile email id in weeks

accountProvisionRequest: userProvisionContext: emailAddressCountry: string | optional| 2

Country Code of Mobile Payment Device at time of provisioning. (ISO 3166-1 alpha-2)

accountProvisionRequest: userProvisionContext: hashedEmailAddress: string | optional| 1-64

Hashed Email Address / Account Id

accountProvisionRequest: riskContext: data dictionary | conditional

A set of attributes associated with the Mobile Payment Device that is being provisioned

accountProvisionRequest: riskContext: accountRisk: string | optional | 1

Wallet Service Provider risk rating based on experience with the customer account Numeric score from 1-5
  • 1 - Highest Risk, Lowest Confidence
  • 5 - Lowest Risk, Highest Confidence

accountProvisionRequest: riskContext: deviceRisk: string | optional | 1

Wallet Service Provider risk rating based on experience with the Mobile Payment Device being provisioned Numeric score from 1-5
  • 1 - Highest Risk, Lowest Confidence
  • 5 - Lowest Risk, Highest Confidence

accountProvisionRequest: riskContext: provisioningRisk: string | mandatory | 1-10

Wallet Service Provider risk rating based on experience with the customer and Mobile Payment Device being provisioned
Possible values are
  • GREEN
  • YELLOW
  • RED

accountProvisionRequest: riskContext: riskReason: string | optional

An array of risk reason codes

accountProvisionRequest: riskContext: riskReason: riskReasonCode: string | optional | 1-3

Risk reason codes associated with the risk

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \ --header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '
{
"requestHeader": {
"requestId":
"accountProvisionsamplerequest1" ,
"sessionId":
"accountProvisionsamplesession1" ,
"programId":
"1234567890" ,
"userContext":{
"walletId":
"accountProvisionsamplewallet1"
"seId": "accountProvisionsamplese1" ,
"userId":
"accountProvisionsampleuser1"
} },
"accountProvisionRequest": {
"eligibilityContext":
"provisionCorrelationId":
"accountProvisionsamplecorrelation1" ,
"termsAndConditionsId":
"accountProvisionsampletermsandcondition1" ,
"termsAndConditionsAcceptedDate":
"2017-11-05T13:15:30.001Z"
},
"secureContext": {
"encryptedContent":
"ew0KImNpZCI6ICIxMjMiLA0KInNvdXJjZSI6ICJvbi1maWxlIiwNCiJjYXB0dXJlTWV0aG9kIjogIjEiDQp9" ,
},
"deviceContext": {
"countryDuringProvision":
"US" ,
"deviceBrand":
"sampledevicebrand" ,
"deviceIp":
"123.123.123.123" ,
"deviceManufacturer":
"sampledevicemanufacturer" ,
"deviceModel":
"sampledevicemodel" ,
"deviceName":
"my phone" ,
"deviceOSType":
"sampledeviceostype" ,
"deviceOSVersion":
"4.4.2" ,
"deviceOSCountry":
"US" ,
"deviceTimezone":
"GMT-08:00" ,
"deviceTimezoneSettings":
"true" ,
"deviceType":
"2" ,
"deviceUserId":
"myGadget1" ,
"imei":
"45" ,
"latitude":
"+35.4534233" ,
"language":
"en-US" ,
"longitude":
"+45.4312423" ,
"nameMismatch":
"true" ,
"networkOperator":
"samplenetworkoperator" ,
"networkType":
"samplenetworktype" ,
"numberOfTokensDevice":
"4" ,
"phoneNumber":
"555-123-1231" ,
"serialNumber":
"123412341234" ,
"deviceBluetoothMAC":
"00-16-68-2B-40-90" ,
"secureChipDataContext": {
"encryptedContent": "U2VjdXJlIEVsZW1lbnQgY2hpcCBkYXRhIGVsZW1lbnRzIHRoYXQgYXJlIG5lZWRlZCB0byBjcmVhdGUgdGFyZ2V0ZWQgcGVyc29uYWxpemF0aW9uIHNjcmlwdHM="
}
"userProvisionContext": {
"emailAddress":
"sampleemail@example.com" ,
"emailAddressAge":
"30" ,
"emailAddressCountry":
"US" ,
"hashedEmailAddress":
"dffdgdfr43fr4o4o4fo4fo4" ,
},
"riskContext": {
"accountRisk":
"4" ,
"deviceRisk":
"5" ,
"provisioningRisk":
"GREEN" ,
"riskReason": [{
"reasonCode":
"101" ,
}, {
"reasonCode":
"102" ,
}],
"ageOfwalletAccount":
"20" ,
"fpanTenure":
"10" ,
"ageOfTokenizedCard":
"7" ,
"ageOfLastAccountChange":
"1" ,
"ageOfLastAccountActivity":
"1" ,
"totalTransactionCountForYear":
"300" ,
"ageOfDeviceUsageByAccount":
"0" ,
"totalProvisioningAttempts":
"1" ,
"suspendedTokensInAccount":
"0" ,
"numberOfTokensAccount":
"9" ,
}
}
} ' \

'/nws/nwp/se/v0/account/provision'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates responses along with session and wallet identification attributes

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: sessionId: string | mandatory | 1-64

This is the value that was provided in the request for sessionId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | mandatory | 1-100

The walletId passed in the request

responseHeader: userContext: seId: string | mandatory | 5-64

The seId passed in the request

responseHeader: userContext: userId: string | mandatory | 1-100

The userId passed in the request

responseHeader: errors: object | conditional

An array of errorCode and errorMessage

responseHeader: errors: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

aresponseHeader: errors: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

accountProvisionResponse: object | conditional

Encapsulates the Account provisioning response information

accountProvisionResponse: provisioningDecision: string | mandatory | 1-20

Issuer's decision on Provisioning
  • APPROVED - low risk and provisioning approved by Issuer, out of band is not required
  • OOB - medium risk and out of band is required, Issuer returns the OOB contacts to be used in in selecting and initiating the OOB authentication process
  • DECLINED - high risk and provisioning declined by Issuer

accountProvisionResponse: provisioningMetadataContext: data dictionary | conditional

Provisioning meta data. This will not be available if provisioningDecision is DECLINED

accountProvisionResponse : provisioningMetadataContext : tokenId: string | mandatory | 32-64

Unique reference of the Payment token that was created as a result of provision

accountProvisionResponse: provisioningMetadataContext: panId: string | mandatory | 1-64

Unique reference of the Payment card that was provisioned

accountProvisionResponse: issuerContext: data dictionary | conditional

Issuer meta data. This will not be available if provisioningDecision is DECLINED

accountProvisionResponse: issuerContext: issuerName: string | mandatory | 1-32

Full name of the issuing bank

accountProvisionResponse: issuerContext: website: string | optional | 1-256

Customer service website of issuing bank

accountProvisionResponse: issuerContext: email: string | optional | 1-128

Customer service email address of issuing bank

accountProvisionResponse: issuerContext: contactNumber: string | optional | 1-24

Customer service phone number of issuing bank

accountProvisionResponse: issuerContext: privacyPolicyURL: string | optional | 1-256

Privacy policy URL of the issuer

accountProvisionResponse: issuerContext: termsConditionsURL: string | optional | 1-256

Terms & Conditions URL of the issuer

accountProvisionResponse : issuerContext : appId: string[] | optional | 1-256(each element)

package name of the app
  • Handset - "com.discoverfinancial.mobile"
  • Tablet - "com.discoverfinancial.tablet"

accountProvisionResponse : issuerContext : supportsTokenNotifications: string | optional | 4-5

An indicator for whether the Issuer supports Notifications

accountProvisionResponse: issuerContext: supportsInAppPayment: string | mandatory | 4-5

An indicator for whether the Issuer wants the Card to be used for InApp Payments

accountProvisionResponse: issuerContext: supportsContactlessPayment: string | mandatory | 4-5

An indicator for whether the Issuer wants the Card to be used for Contactless Payments

accountProvisionResponse: accountMetadataContext: data dictionary | conditional

Contains Account information. This will not be available if provisioningDecision is DECLINED

accountProvisionResponse: accountMetadataContext: cardType: string | mandatory | 1-36

Card type, Debit/Credit

accountProvisionResponse: accountMetadataContext: productDescription: string | mandatory | 1-64

Discover Card Description - "Discover It", "Discover More", "Discover Miles"

accountProvisionResponse: accountMetadataContext: cardImageId: string | mandatory | 1-64

UUID for card image

accountProvisionResponse: accountMetadataContext: panSuffix: string | mandatory | 4

last 4 digits of the PAN

accountProvisionResponse: accountMetadataContext: tokenSuffix: string | mandatory | 4

last 4 digits of the Token which should match the Payment Token field

accountProvisionResponse: accountMetadataContext: foregroundColorRGB: object | mandatory

Color of the text in the front of the card art (e.g., PAN suffix)

accountProvisionResponse: accountMetadataContext: foregroundColorRGB: red: string | conditional | 1-3

Red colors attribute. Valid range 0 - 255

accountProvisionResponse: accountMetadataContext: foregroundColorRGB: green: string | conditional | 1-3

Green colors attribute. Valid range 0 - 255

accountProvisionResponse: accountMetadataContext: foregroundColorRGB: blue: string | conditional | 1-3

Blue colors attribute. Valid range 0 - 255

accountProvisionResponse: accountMetadataContext: backgroundColorRGB: object | mandatory

Background color to be displayed in case of partial card art or when card is not loaded

accountProvisionResponse: accountMetadataContext: backgroundColorRGB: red: string | conditional | 1-3

Red colors attribute. Valid range 0 - 255

accountProvisionResponse: accountMetadataContext: backgroundColorRGB: green: string | conditional | 1-3

Green colors attribute. Valid range 0 - 255

accountProvisionResponse: accountMetadataContext: backgroundColorRGB: blue: string | conditional | 1-3

Blue colors attribute. Valid range 0 - 255

accountProvisionResponse: accountMetadataContext: labelColorRGB: object | mandatory

Color of the label in the front of the card art (Should be used only in case of additional label on top of card art)

accountProvisionResponse: authenticationMetadataContext: data dictionary | conditional

Contains information regarding additional Authorization details if supported by the wallet

accountProvisionResponse: authenticationMetadataContext: oobContactChannels: object | mandatory

An array of OOB Contact channels. Refer the section oobContactChannel section for more details

accountProvisionResponse: authenticationMetadataContext: oobContactChannels: type: string | mandatory | 1-32

Issuer defined contact channel type,
  • SMS
  • EMAIL
  • OUTBOUND_CALL
  • CUSTOMER_SERVICE
  • POSTAL
  • ISSUER_CALL

SMS: A user's phone number to which a text message can be sent with a one-time passcode
EMAIL: A user's email address to which an email can be sent with a one-time passcode
OUTBOUND_CALL: A user's phone number that can be dialed by an IVR system to provide a one-time passcode
CUSTOMER_SERVICE: An Issuer telephone number that the user would need to call to provide additional verification
POSTAL: A user's postal mailing address to which mail could be sent with a one-time passcode
ISSUER_CALL: An Issuer phone number from which the Issuer would call the user to obtain additional verification

accountProvisionResponse: authenticationMetadataContext: oobContactChannels: value: String | Mandatory | 1-64

Masked value based on the type e.g., abc******@discover.com

accountProvisionResponse: authenticationMetadataContext: oobContactChannels: identifier: string | mandatory | 1-32

Unique identifier for the channel type

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - An Unsuccessful RED Flow Response

HTTP 200
{
"responseHeader": {
"responseId": "accountProvisionsamplerequest1",

"sessionId": "accountProvisionsamplesession1",

"programId": "1234567890",

"userContext": {
"walletId": "accountProvisionsamplewallet1",

"seId": "accountProvisionsamplese1",

"userId": "accountProvisionsampleuser1"
}
},

"accountProvisionResponse":{
"provisioningDecision": "DECLINED"
}
}

SAMPLE RESPONSE # 2 - A successful Green Flow Response

HTTP 200
{
"responseHeader": {
"responseId": "accountProvisionsamplerequest1",

"sessionId": "accountProvisionsamplesession1",

"programId": "1234567890",

"userContext": {
"walletId": "accountProvisionsamplewallet1",

"seId": "accountProvisionsamplese1",

"userId": "accountProvisionsampleuser1",
}},

"accountProvisionResponse":{
"provisioningDecision":"APPROVED",

"provisioningMetadata": {
"tokenId":"accountProvisionsampletoken1",

"panId":"accountprovisionsamplepanid1",
}

"issuerContext":{
"issuerName":"Discover Network",

"website":"https://www.discover.com",

"email":"sampleemailid@discover.com",

"contactNumber":"800-347-3085",

"privacyPolicyURL":"https://www.discover.com/privacy-statement/index.html",

"termsConditionsURL":"https://www.discover.com/credit-cards/digital-wallets/terms-conditions.html",

"appId":[
"A1B2C3D4E5.com.discover.app",
"A1B2C3D4E6.com.discover.app"

]
},

"accountMetadataContext":{
"cardType":"Credit",

"productDescription":"Discover It",

"cardImageId":"accountProvisionsamplecardimage1",

"panSuffix":"0289",

"tokenSuffix":"0004",

"foregroundColorRGB":{
"red":"123",

"green":"456",

"blue":"789",

}
"backgroundColorRGB":{
"red":"123",

"green":"456",

"blue":"789",

}
"labelColorRGB":{
"red":"123",

"green":"456",

"blue":"789",
}
}
}
}

SAMPLE RESPONSE # 3 - A successful Yellow Flow Response

HTTP 200
{
"responseHeader": {
"responseId": "accountProvisionsampleresponse1",

"sessionId": "accountProvisionsamplesession1",

"programId": "1234567890",

"userContext": {
"walletId": "accountProvisionsamplewallet1",

"seId": "accountProvisionsamplese1",

"userId": "accountProvisionsampleuser1",
}
},

"accountProvisionResponse":{
"provisioningDecision":"OOB",

"provisioningMetadata": {
"tokenId":"accountProvisionsampletoken1",

"panId":"accountprovisionsamplepanid1",
},

"issuerContext":{
"issuerName":"Discover Network",

"website":"https://www.discover.com",

"email":"sampleemailid@discover.com",

"contactNumber":"800-347-3085",

"privacyPolicyURL":"https://www.discover.com/privacy-statement/index.html",

"termsConditionsURL":"https://www.discover.com/credit-cards/digital-wallets/terms-conditions.html",

"appId":[
"A1B2C3D4E5.com.discover.app",
"A1B2C3D4E6.com.discover.app"

]
},

"accountMetadataContext":{
"cardType":"Credit",

"productDescription":"Discover It",

"cardImageId":"pushProvisionsamplecardimage1",

"panSuffix":"0289",

"tokenSuffix":"0004",

"foregroundColorRGB":{
"red":"123",

"green":"456",

"blue":"789",

}
"backgroundColorRGB":{
"red":"123",

"green":"456",

"blue":"789",

}
"labelColorRGB":{
"red":"123",

"green":"456",

"blue":"789",
}},

"authentificationMetadataContext":{
"oobContactChannels":[{
"type":"EMAIL",

"value":"jon*********@discover.com",

"identifer":"A10001",
},{

"type":"SMS",

"value":"***-***-3369",

"identifer":"A10002"
}]
}
}
}

Sample Response # 4 - JSON Response for a structural error

HTTP 400
{
"responseHeader" : {
"responseId" : "accountprovisionsamplerequest1",

"sessionId":"accountprovisionsamplesession1",

"programId": "1234567890",

"userContext":
{
"walletId": "accountProvisionsamplewallet1",

"seId": "accountProvisionsamplese1",

"userId":"accountProvisionsampleuser1"
},

"errors": [{
"errorCode": "90002",
"errorMessage": "Invalid Field Length- programId"

}]
}
}

wallet/account/contactChannels

/nws/nwp/se/v0/wallet/account/contactChannels


Get the list of contact channels the Account holder has registered with their issuing bank

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: sessionId: string | mandatory | 1-64

A unique identifier for the entire session associated with the provision across multiple API calls

requestHeader: programId: string | mandatory | 1-64

A unique identifier of the digital wallet service provider

requestHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet

requestHeader: userContext: seId: string | mandatory| 5-64

Secure Element ID

requestHeader: userContext: userId: string | mandatory| 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

getOOBContactChannelsRequest: object | mandatory

getOOBContactChannelsRequest: tokenId: string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/+json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{ "requestHeader": {
"requestId":
"getoobcontactchannelssamplerequest1", ,
"sessionId":
"getoobcontactchannelssamplesession1" ,
"programId":
"1234567890" ,
, "userContext": {
"walletId":
"getoobcontactchannelssamplewallett1" ,
"seId":
"getoobcontactchannelssamplese1" ,
"userId":
"getoobcontactchannelssampleuser1"
} },
"getOOBContactChannelsRequest": {
"tokenId":
"getoobcontactchannelssampletoken1" }
}' \
'/nws/nwp/se/v0/wallet/account/contactChannels'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates Response, Session, Program and userContext related parameters

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: sessionId: string | mandatory | 1-64

This is the value that was provided in the request for the sessionId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | mandatory | 1-100

The walletId passed in the request

responseHeader: userContext: seId: string | mandatory | 5-64

The seId passed in the request

responseHeader: userContext: userId: string | mandatory | 1-100

The userId passed in the request

responseHeader: errors: object | conditional

An array of errorCode and errorMessage

responseHeader: errors: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

aresponseHeader: errors: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

contactChannels: object | conditional

An array of objects containing Contact Channel details
This will not be provided if there are any errors in the responseHeader

contactChannels: type: string | mandatory | 3-32

Issuer defined contact channel type,
  • SMS
  • EMAIL
  • OUTBOUND_CALL
  • CUSTOMER_SERVICE
  • POSTAL
  • ISSUER_CALL
Details:
SMS: A user's phone number to which a text message can be sent with a one-time passcode
EMAIL: A user's email address to which an email can be sent with a one-time passcode
OUTBOUND_CALL: A user's phone number that can be dialed by an IVR system to provide a one-time passcode
CUSTOMER_SERVICE: An Issuer telephone number that the user would need to call to provide additional verification
POSTAL: A user's postal mailing address to which mail could be sent with a one-time passcode
ISSUER_CALL: An Issuer phone number from which the Issuer would call the user to obtain additional verification

contactChannels: value: string | mandatory | 1-64

Masked value based on the type e.g., abc******@discover.com

contactChannels: identifier: string | mandatory | 1-32

Unique identifier for the channel type

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Response for valid JSON structure with no errors

HTTP 200
{
"responseHeader": {
"responseId": "getoobcontactchannelssamplerequest1",

"sessionId": "getoobcontactchannelssamplesession1",

"programId": "1234567890",

"userContext": {
"walletId": "getoobcontactchannelssamplewallett1",

"seId": "getoobcontactchannelssamplese1",

"userId": "getoobcontactchannelssampleuser1"
}
},

"contactChannels":{
"type": "EMAIL",

"value": "abc*********@discover.com",

"identifier": "A10001"
},{

"contactChannels":{
"type": "SMS",

"value": "***-***-3369",

"identifier": "A10002"
}]
}

wallet/contactChannel/authentication

/nws/nwp/se/v0/wallet/contactChannel/authentication


Get an out-of-band (OOB) authentication to the contact channel selected by the Cardholder

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: sessionId: string | mandatory | 1-64

A unique identifier for the entire session associated with the provision across multiple API calls

requestHeader: programId: string | mandatory | 1-64

A unique identifier of the digital wallet service provider

requestHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet specific for the user

requestHeader: userContext: seId: string | mandatory| 5-64

Secure Element ID

requestHeader: userContext: userId: string | mandatory| 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

sendOOBAuthenticationRequest: object | mandatory

sendOOBAuthenticationRequest: tokenId: string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

sendOOBAuthenticationRequest: selectedChannelIdentifier: string | mandatory | 1-32

Unique identifier of the out-of-band contact channel selected by the user. This is the value of one of the identifiers returned in the getOOBContactChannels response

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"sendoobauthenticationsamplerequest1 ", ,
"sessionId":
"sendoobauthenticationsamplesession1" ,
"programId":
"1234567890" ,
"userContext": {
"walletId":
"sendoobauthenticationsamplewallet1 " ,
"seId":
"sendoobauthenticationsamplese1 " ,
"userId":
"sendoobauthenticationsampleuser1 "
}
},
"sendOOBAuthenticationRequest": {
"selectedChannelIdentifier":
"A10001" ,
"tokenId":
"sendoobauthenticationsampletoken1"
}
}' \
'/nws/nwp/se/v0/wallet/account/authentication'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates Response, Session, Program and userContext related parameters

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: sessionId: string | mandatory | 1-64

This is the value that was provided in the request for the sessionId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | mandatory | 1-100

The walletId passed in the request

responseHeader: userContext: seId: string | mandatory | 5-64

The seId passed in the request

responseHeader: userContext: userId: string | mandatory | 1-100

The userId passed in the request

responseHeader: errors: object | conditional

An array of errorCode and errorMessage

responseHeader: errors: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

aresponseHeader: errors: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Response for valid JSON structure with no errors

HTTP 200
{
"responseHeader":
{"responseId": "sendoobauthenticationsamplerequest1",

"sessionId": "sendoobauthenticationsamplesession1",

"programId": "1234567890",

"userContext": {
"walletId": "sendoobauthenticationsamplewallet1",

"seId": "sendoobauthenticationsamplese1",

"userId": "sendoobauthenticationsampleuser1"
}
}
}

wallet/contactChannel/authentication/validation

/nws/nwp/se/v0/wallet/contactChannel/authentication/validation


Verify the one-time-password (OTP) that was sent to the accountholder via the OOB channel selected by the user

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: sessionId: string | mandatory | 1-64

A unique identifier for the entire session associated with the provision across multiple API calls

requestHeader: programId: string | mandatory | 1-64

A unique identifier of the digital wallet service provider

requestHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet specific for the user

requestHeader: userContext: seId: string | mandatory| 5-64

Secure Element ID

requestHeader: userContext: userId: string | mandatory| 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

validateOOBAuthenticationRequest: object | mandatory

validateOOBAuthenticationRequest: tokenId: string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

validateOOBAuthenticationRequest: otpRequestContext: data dictionary | mandatory

This object is a Wallet specific representation of the attributes that define a one-time passcode

validateOOBAuthenticationRequest: otpRequestContext: otpCode: string | mandatory | 1-8

OTP code entered by user

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"validateoobauthenticationsamplerequest1" ,
"sessionId":
"validateoobauthenticationsamplesession1 " ,
"programId":
"1234567890" ,
"userContext": {
"walletId":
"validateoobauthenticationsamplewallet1" ,
"seId":
"validateoobauthenticationsamplese1" ,
"userId":
"validateoobauthenticationsampleuser1"
}
},
"validateOOBAuthenticationRequest": {
"tokenId":
"validateoobauthenticationsampletoken1" ,
"otpRequestContext":{
"optCode":
"123456"
}
}
}' \
'/nws/nwp/se/v0/wallet/account/authentication/validation'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates Response, Session, Program and userContext related parameters

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: sessionId: string | mandatory | 1-64

This is the value that was provided in the request for the sessionId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet

responseHeader: userContext: seId: string | mandatory | 5-64

This is the value that was provided in the request for seId

responseHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

responseHeader: errors: object | conditional

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

aresponseHeader: error: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Response for valid JSON structure with no errors

HTTP 400
{
"responseHeader": {
"responseId": "validateoobauthenticationsampleresponset ",

"sessionId": "validateoobauthenticationsamplesession1 ",

"programId": "1234567890",

"userContext": {
"walletId": "validateoobauthenticationsamplewallet1",

"seId": "validateoobauthenticationsamplese1",

"userId": "validateoobauthenticationsampleuser1"
}
}
}

wallet/account/lifecycle

/nws/nwp/se/v0/wallet/account/lifecycle


Manage lifecycle of the Payment Token that was provisioned in the wallet

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: sessionId: string | conditional | 1-64

A unique identifier for the entire session associated with the provision across multiple API calls

requestHeader: programId: string | mandatory | 1-16

A unique identifier of the digital wallet service provider

accountLifecycleRequest: object | mandatory

Request payload of the life cycle operations

accountLifecycleRequest: lifecycleOperationsRequest: object | mandatory

An array of Payment Token ids for which the specified life cycle operation needs to be performed

accountLifecycleRequest: lifecycleOperationsRequest: tokenId: string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

accountLifecycleRequest: operationType: string | mandatory | 1-64

Specific Operation that needs to performed on the Payment Token associated with the tokenId
  • Suspend- Suspend the payment token temporarily
  • Resume - Resume a suspended payment token
  • Unlink - Unlink a payment token from the pan to prevent from any further transaction processing

accountLifecycleRequest: operationType: reason: string | mandatory | 1-256

Reason for the requested operation on the Payment Token

accountLifecycleRequest: operationType: timeRaised: string | optional | 24

UTC date and time at which request is sent
Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"accountlifecyclesamplerequest1" ,
"programId":
"1234567890"
},
"accountLifecycleRequest": {
"lifeycleOperationsRequest": [{
"tokenId":
"accountlifecyclesampletoken1"
},{
"tokenId":
"accountlifecyclesampletoken2"
} ],
"operationType":
"Suspend",
"reason": "Device marked as lost/stolen"
},
"timeRaised":
"2017-03-17T16:42:30.001Z"
}
}' \
'/nws/nwp/se/v0/wallet/account/lifecycle'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates Request and Program related parameters

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: errors: object | conditional

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

accountLifecycleResponse: object | conditional

Encapsulates Account lifecycle response details This will not be provided if there are any structural validation errors

accountLifecycleResponse: lifecycleOperationsResponse: object | mandatory

An array of token ids for which the specified life cycle operation was performed as per the request

accountLifecycleResponse: lifecycleOperationsResponse: tokenId: string | mandatory | 1-64

This is the value that was provided in the request for the field tokenId

accountLifecycleResponse: lifecycleOperationsResponse: operationStatus: string | mandatory | 2

Status of the operation for the token id
  • 00 - Successful
  • 01 - Unsuccessful

accountLifecycleResponse: lifecycleOperationsResponse: errorCode: string | conditional | 5

A numeric code specific to the error scenario that occurred Sent only when operationStatus is 01

accountLifecycleResponse: lifecycleOperationsResponse: errorMessage: string | conditional

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Response for valid JSON structure with no header level errors

HTTP 200
{
"responseHeader": {
"responseId": "accountlifecyclesamplerequest1",

"programId": "1234567890"
},

"accountLifecycleResponse": {
"lifecycleOperationsResponse":[{
"tokenId": "accountlifecyclesampletoken1",

"operationStatus": "00",
},{

"tokenId": "accountlifecyclesampletoken2",

"operationStatus": "00"

}]
}
}

wallet/account/transaction

/nws/nwp/se/v0/wallet/account/transaction


Get Payment Token transaction details to display notification and transaction history in the wallet

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates Request and Program related parameters

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId: string | mandatory | 1-16

A unique identifier of the digital wallet service provider

requestHeader: userContext: data dictionary | mandatory

This is a Wallet Service Provider specific representation of the attributes that uniquely define a user within the context of the Wallet Service Provider

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet specific for the user

requestHeader: userContext: seId: string | mandatory | 5-64

Secure Element ID

requestHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

pullContext: data dictionary | mandatory

A Container for a wallet specific set of properties that can be supplied in the request

pullContext: deviceOrToken: string | mandatory | 5-6

Indicates if the transactions are for a specific Payment Token or Mobile Payment Device

pullContext: tokenId: string | conditional | 64

Unique reference of the Payment token that was created as a result of provision

pullContext: numberOfItems: string | Optional | Min 1 Max 2

Number of items requested
Min:1 Max:25

pullContext: paginationTimestamp: string | Optional

This is the starting timestamp of next set of items UTC date and time at which request is sent
Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"pullaccounttransactionsamplerequest1", ,
"programId":
"1234567890" ,
"userContext": {
"walletId":
"pullaccounttransactionsamplewallet1" ,
"seId":
"pullaccounttransactionsamplese1" ,
"userId":
"pullaccounttransactionsampleuser1"
}
},
"pullContext": {
"deviceOrToken":
"TOKEN" ,
"tokenId":
"pullaccounttransactionsampletoken1" ,
"numberOfItems":
"10" ,
"paginationTimestamp":
"2016-03-11T14:27:00.123Z"
}
}' \
'/nws/nwp/se/v0/wallet/account/transaction'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates Request and Program related parameters

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: data dictionary | mandatory

This is a Wallet Service Provider specific representation of the attributes that uniquely define a user within the context of the Wallet Service Provider

responseHeader: userContext: walletId: string | mandatory | 1-100

This is the value that was provided in the request for walletId

responseHeader: userContext: seId: string | mandatory | 5-64

This is the value that was provided in the request for seId

responseHeader: userContext: userId: string | mandatory | 1-100

This is the value that was provided in the request for userId

responseHeader: errors: object | conditional

An array of errorCode and errorMessage
This object will be returned if there is at least one error in processing the request

responseHeader: errors: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

responseHeader: errors: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

pullTxnContext: data dictionary | conditional

Encapsulates pull account transactions response details
This will not be provided if there are any structural validation errors

pullTxnContext: txnAvailable : string | mandatory | 4-5

Indicates if there are transactions available in the system

pullTxnContext: secureContext: secureContext | conditional

Encapsulates the encrypted version of the txnDetailContext

pullTxnContext: secureContext: encryptedContent: string | mandatory | variable

Encrypted representation of the content

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: object | mandatory

Array of transactions available in the system that match the provided criteria
Min - 1, Max - 25

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: tokenId: string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnIdentifier: string | mandatory | 1-64

A unique opaque identifier for the transaction. In cases where a network transaction identifier is available, this can be the same value

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: data dictionary | mandatory

This container has the wallet specific information that is returned with the transaction detail

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: authorizationStatus: string | conditional | 1-20

The status of the authorization
Possible Values:
  • PENDING - Pre auth events (Eg: AFD)
  • APPROVED - Approved auth events (Will be updated with final amount incase if there is a pre-auth)
  • REFUNDED - Refunds or Void of auth events at the terminal
  • DECLINED - Declined auth events

This field will be sent only for authorization events

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: txnType: string | mandatory | 1-32

The Transaction Type
Possible Values:
  • PURCHASE - Purchase made at a terminal
  • REFUND - A refund or void transaction at the terminal

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: amount: numeric | conditional | 1-10

The amount of the transaction
The amount will not be sent for pending transactions

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: currencyCode: string | mandatory | 3

The ISO 4217 currency code for the transaction

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: txnTimestamp: string | mandatory

The date/time when the transaction occurred
Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: txnExpiryTimestamp: string | optional

The date/time when the transaction will be expired
Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: rawMerchantName: string | mandatory | 1-64

The Merchant Name
The merchant name can contain special characters such as diacritic marks (umlauts, cedillas, accents) or Emoji characters so it is difficult to restrict the values on this. The transport will validate that it is a UTF-8 character

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: merchantName: string | mandatory | 1-64

Sanitized merchant name

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: mccCode: string | mandatory | 1-4

Merchant category code of the merchant

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: mccDescription: string | optional | 1-64

Description associated with the provided merchant category code

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: merchantPostalCode: string | optional | 1-24

The zip code or postal code of the merchant location

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: merchantCity: string | mandatory | 1-64

The city of the merchant location

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: merchantState: string | mandatory | 1-16

The state of the merchant location

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnDetail: merchantCountry: string | mandatory | 1-32

The Country Code of the merchant location

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnOperations: data dictionary | optional

This container has the wallet specific information that is returned for invoking applications

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnOperations: deepLink: string | mandatory | 4-5

Indicates if a message can be deep linked to mobile app or not

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnOperations: packageName: string | conditional | 1-64

The mobile platform package name for the app that should be linked to from the message on the card detail view. If the app is not installed the transaction message link will direct the user to the Play store to download the app. If no packageName is provided, no link will be displayed with the message
This will be available only when deepLink is true

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnOperations: action: string | optional | 1-64

The action of the mobile platform intent that will be sent when the link is clicked. If none is provided, the launch intent of the provided package name will be used

pullTxnContext: secureContext: encryptedContent: txnDetailContext: txnList: txnOperations: intentExtraText: string | optional | 1-28

Extra data that will be included in the mobile platform Intent. The data will be provided as is in the standard field EXTRA_TEXT. It is up to the receiving app to interpret this data (e.g. JSON). No security, PCI or authentication information should be passed in this field

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Response for valid JSON structure with no header level errors

HTTP 200
{
"responseHeader": {
"responseId": "pullaccounttransactionsamplerequest1",

"programId": "1234567890",

"userContext": {
"walletId": "pullaccounttransactionsamplewallet1",

"seId": "pullaccounttransactionsamplee1",

"userId": "pullaccounttransactionsampleuser1"
}},

"pullMsgContext":{
"txnAvailable": "true",

"secureContext": {
"encryptedPayload": "ew0KCSJ0eG5EZXRhaWxDb250ZXh0Ijogew0KCQkidHhuTGlzdCI6IFt7DQoJCQkJInRva2VuSWQiOiAicHVsbGFjY291bnR0cmFuc2FjdGlvbnNhbXBsZXRva2VuMSIsDQoJCQkJInR4bklkZW50aWZpZXIiOiAicHVsbGFjY291bnR0cmFuc2FjdGlvbnNhbXBsZXR4bmlkZW50aWZpZXIxIiwNCgkJCQkidHhuRGV0YWlsIjogew0KCQkJCQkiYXV0aG9yaXphdGlvblN0YXR1cyI6ICJBUFBST1ZFRCIsDQoJCQkJCSJ0eG5UeXBlICI6ICJQVVJDSEFTRSIsDQoJCQkJCSJhbW91bnQgIjogIjEwLjAxIiwNCgkJCQkJImN1cnJlbmN5Q29kZSAiOiAiVVNEIiwNCgkJCQkJInR4blRpbWVzdGFtcCAiOiAiMjAxNy0wMy0xMVQxNDoyNzowMC4xMjNaIiwNCgkJCQkJInR4bkV4cGlyeVRpbWVzdGFtcCAiOiAiMjAxNy0wOS0xMVQxNDoyNzowMC4xMjNaIiwNCgkJCQkJInJhd01lcmNoYW50TmFtZSAiOiAiU2FtcGxlIE1lcmNoYW50IiwNCgkJCQkJIm1lcmNoYW50TmFtZSAiOiAiU2FtcGxlIGNsZWFuc2VkIE1lcmNoYW50IiwNCgkJCQkJIm1jY0NvZGUgIjogIjEyMzQiLA0KCQkJCQkibWNjRGVzY3JpcHRpb24gIjogIkVsZWN0cm9uaWMgU2FsZXMgIiwNCgkJCQkJIm1lcmNoYW50UG9zdGFsQ29kZSAiOiAiOTk5OTk5IiwNCgkJCQkJIm1lcmNoYW50Q2l0eSI6ICJSaXZlcndvb2RzIiwNCgkJCQkJIm1lcmNoYW50U3RhdGUiOiAiSUwiLA0KCQkJCQkibWVyY2hhbnRDb3VudHJ5IjogIlVTQSINCgkJCQl9DQoJCQl9LA0KCQkJew0KCQkJCSJ0b2tlbklkIjogInB1bGxhY2NvdW50dHJhbnNhY3Rpb25zYW1wbGV0b2tlbjEiLA0KCQkJCSJ0eG5JZGVudGlmaWVyIjogInB1bGxhY2NvdW50dHJhbnNhY3Rpb25zYW1wbGV0eG5pZGVudGlmaWVyMiIsDQoJCQkJInR4bkRldGFpbCI6IHsNCgkJCQkJImF1dGhvcml6YXRpb25TdGF0dXMiOiAiREVDTElORSIsDQoJCQkJCSJ0eG5UeXBlICI6ICJQVVJDSEFTRSIsDQoJCQkJCSJhbW91bnQgIjogIjEuMDAiLA0KCQkJCQkiY3VycmVuY3lDb2RlICI6ICJVU0QiLA0KCQkJCQkidHhuVGltZXN0YW1wICI6ICIyMDE3LTAzLTExVDE0OjI2OjAwLjEyM1oiLA0KCQkJCQkidHhuRXhwaXJ5VGltZXN0YW1wICI6ICIyMDE3LTA5LTExVDE0OjI2OjAwLjEyM1oiLA0KCQkJCQkicmF3TWVyY2hhbnROYW1lICI6ICJTYW1wbGUgTWVyY2hhbnQiLA0KCQkJCQkibWVyY2hhbnROYW1lICI6ICJTYW1wbGUgY2xlYW5zZWQgTWVyY2hhbnQiLA0KCQkJCQkibWNjQ29kZSAiOiAiMTIzNCIsDQoJCQkJCSJtY2NEZXNjcmlwdGlvbiAiOiAiRWxlY3Ryb25pYyBTYWxlcyAiLA0KCQkJCQkibWVyY2hhbnRQb3N0YWxDb2RlICI6ICI5OTk5OSIsDQoJCQkJCSJtZXJjaGFudENpdHkiOiAiUml2ZXJ3b29kcyIsDQoJCQkJCSJtZXJjaGFudFN0YXRlIjogIklMIiwNCgkJCQkJIm1lcmNoYW50Q291bnRyeSI6ICJVU0EiDQoJCQkJfQ0KCQkJfQ0KCQldDQoJfQ0KfQ==",

}
}
}

SAMPLE RESPONSE # 2 - Response for valid JSON structure with header level error for Structural Error

HTTP 400
{
"responseHeader": {
"responseId": "pullaccounttransactionsamplerequest1",

"programId": "1234567890",

"userContext": {
"walletId": "pullaccounttransactionsamplewallet1",

"seId": "pullaccounttransactionsamplese1",

"userId": "pullaccounttransactionsampleuser1",
},

"errors":[{
"errorCode":"90001",

"errorMessage": "Mandatory document/field missing - tokenId"
}]
}
}

wallet/account/messages

/nws/nwp/se/v0/wallet/account/messages


The Pull Customer Messages API is a request to obtain the messages available in the Discover Network that match the specified criteria. The API will return up to 25 messages

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates Request and Program related parameters

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId: string | mandatory | 1-16

A unique identifier of the digital wallet service provider

requestHeader: userContext: data dictionary | mandatory

This is a Wallet Service Provider specific representation of the attributes that uniquely define a user within the context of the Wallet Service Provider

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet specific for the user

requestHeader: userContext: seId: string | mandatory | 5-64

Secure Element ID

requestHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

pullContext: data dictionary | mandatory

A Container for a wallet specific set of properties that can be supplied in the request

pullContext: deviceOrToken: Data Dictionary | mandatory | 5-6

Indicates if the transactions are for a specific Payment Token or Mobile Payment Device.

pullContext: tokenId: string | conditional | 64

Unique reference of the Payment token that was created as a result of provision

pullContext: numberOfItems: string | Optional | Min:1 Max:2

Number of items requested
Min:1 Max:25

pullContext: paginationTimestamp: string | Optional

This is the starting timestamp of next set of items
UTC date and time at which request is sent
Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"pullcustomermessagesamplerequest1", ,
"programId":
"1234567890" ,
"userContext": {
"walletId":
"pullcustomermessagesamplewallet1" ,
"seId":
"pullcustomermessagetsamplese1" ,
"userId":
"pullcustomermessagetsampleuser1"
}
},
"pullContext": {
"tokenId":
"pullcustomermessagesampletoken1" ,
"numberOfItems":
"10" ,
"paginationTimestamp":
"2017-03-11T14:27:00.123Z"
}
}' \
'/nws/nwp/se/v0/wallet/account/messages'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates Request and Program related parameters

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: data dictionary | mandatory

This is a Wallet Service Provider specific representation of the attributes that uniquely define a user within the context of the Wallet Service Provider

responseHeader: userContext: walletId: string | mandatory | 1-100

This is the value that was provided in the request for walletId

responseHeader: userContext: seId: string | mandatory | 5-64

This is the value that was provided in the request for seId

responseHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

responseHeader: errors: data dictionary | conditional

An array of errorCode and errorMessage
This object will be returned if there is at least one error in processing the request

responseHeader: error: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

pullMsgContext: data dictionary | conditional

Encapsulates Account lifecycle response details This will not be provided if there are any structural validation errors

pullMsgContext: msgAvailable: string | mandatory | 4-5

Indicates if there are messages available in the system

pullMsgContext: secureContext: secureContext | conditional

This field contains the JWE-encrypted list of messages that match the criteria provided, encapsulated in msgDetailContext. It will be provided if matching messages exist

pullMsgContext: secureContext: encryptedContent: string | mandatory | variable

Encrypted representation of the content

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList object | mandatory

Array of messages available in the system that match the provided criteria
Min - 1, Max - 25

pullMsgContext: secureContext : encryptedContent : msgDetailContext : msgList: tokenId: string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: msgIdentifier: string | mandatory | 1-64

A unique opaque identifier for the message

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: msgDetail: data dictionary | mandatory

This container has the wallet specific information that is returned with the message detail

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: msgDetail: txnTimestamp: string | mandatory

The date/time when the transaction occurred
Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: msgDetail: txnExpiryTimestamp: string | optional

The date/time when the transaction will be expired
Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: msgDetail: content: string | mandatory | 1-256

Actual message content

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: msgDetail: subject: string | mandatory | 1-64

Message title to be displayed on the card detail view

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: msgOperations: data dictionary | optional

This container has the wallet specific information that is returned for invoking applications

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: deepLink: string | mandatory

Indicates if a message can be deep linked to mobile app or not

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: packageName : string | conditional | 1-64

The mobile platform package name for the app that should be linked to from the message on the card detail view. If the app is not installed the transaction message link will direct the user to the Play store to download the app. If no packageName is provided, no link will be displayed with the message This will be available only when deepLink is true

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: action : string | optional | 1-64

The action of the mobile platform intent that will be sent when the link is clicked. If none is provided, the launch intent of the provided package name will be used

pullMsgContext: secureContext: encryptedContent: msgDetailContext: msgList: intentExtraText : string | optional | 1-128

Extra data that will be included in the mobile platform Intent. The data will be provided as is in the standard field EXTRA_TEXT. It is up to the receiving app to interpret this data (e.g. JSON). No security, PCI or authentication information should be passed in this field

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Response for valid JSON structure with no header level errors

HTTP 200
{
"responseHeader": {
"responseId": "pullcustomermessagesamplerequest1",

"programId": "1234567890",

"userContext": {
"walletId": "pullcustomermessagesamplewallet1",

"seId": "pullcustomermessagesamplese1",

"userId": "pullcustomermessagesampleuser1 "
}
},

"pullMsgContext":{
"msgAvailable": "true ",

"secureContext": {
"encryptedPayload": "ew0KCSJtc2dEZXRhaWxDb250ZXh0IjogW3sNCgkJCSJ0b2tlbklkIjogInB1bGxjdXN0b21lcm1lc3NhZ2VzYW1wbGV0b2tlbjEiLA0KCQkJIm1zZ0lkZW50aWZpZXIiOiAicHVsbGN1c3RvbWVybWVzc2FnZXNhbXBsZWlkZW50aWZpZXIxIiwNCgkJCSJtc2dEZXRhaWwiOiB7DQoJCQkJIm1zZ1RpbWVzdGFtcCAiOiAiMjAxNy0wMy0xMVQxNDoyNzowMC4xMjNaIiwNCgkJCQkibXNnRXhwaXJ5VGltZXN0YW1wICI6ICIyMDE3LTA5LTExVDE0OjI3OjAwLjEyM1oiLA0KCQkJCSJjb250ZW50IjogIldlbGNvbWUgPENhcmRob2xkZXI+IHRoYW5rIHlvdSBmb3IgZW5yb2xsaW5nIGluIHRoZSBEaWdpdGFsV2FsbGV0LiBQbGVhc2UgZ28gdG8gaHR0cDovL3NvbWUudXJsIGZvciBtb3JlIGluZm9ybWF0aW9uIGFib3V0IHRoZSBmZWF0dXJlcyBvZiB0aGUgd2FsbGV0IiwNCgkJCQkic3ViamVjdCI6ICJXZWxjb21lIHRvIHRoZSBEaWdpdGFsIHdhbGxldCINCgkJCX0sDQoJCQkibXNnT3BlcmF0aW9ucyI6IHsNCgkJCQkiZGVlcExpbmsiOiAidHJ1ZSIsDQoJCQkJInBhY2thZ2VOYW1lIjogInBhY2thZ2Uub2YudGhlLmlzc3Vlci5hcHAuQVBQIiwNCgkJCQkiYWN0aW9uIjogImFuZHJvaWQuaW50ZW50LmFjdGlvbi5WSUVXIiwNCgkJCQkiaW50ZW50RXh0cmFUZXh0IjogIkNsaWNrIGhlcmUgdG8gc2VlIE1lc3NhZ2UiDQoJCQl9DQoJCX0sDQoJCXsNCgkJCSJ0b2tlbklkIjogInB1bGxjdXN0b21lcm1lc3NhZ2VzYW1wbGV0b2tlbjEiLA0KCQkJIm1zZ0lkZW50aWZpZXIiOiAicHVsbGN1c3RvbWVybWVzc2FnZXNhbXBsZWlkZW50aWZpZXIyIiwNCgkJCSJtc2dEZXRhaWwiOiB7DQoJCQkJIm1zZ1RpbWVzdGFtcCAiOiAiMjAxNy0wMy0xMVQxNDoyNzowMC4xMjNaIiwNCgkJCQkibXNnRXhwaXJ5VGltZXN0YW1wICI6ICIyMDE3LTA5LTExVDE0OjI3OjAwLjEyM1oiLA0KCQkJCSJjb250ZW50IjogIldlbGNvbWUgPENhcmRob2xkZXI+IHRoYW5rIHlvdSBmb3IgZW5yb2xsaW5nIGluIHRoZSBEaWdpdGFsIFdhbGxldC4gUGxlYXNlIGdvIHRvIGh0dHA6Ly9zb21lLnVybCBmb3IgbW9yZSBpbmZvcm1hdGlvbiBhYm91dCB0aGUgZmVhdHVyZXMgb2YgdGhlIHdhbGxldCIsDQoJCQkJInN1YmplY3QiOiAiV2VsY29tZSB0byB0aGUgRGlnaXRhbCB3YWxsZXQiDQoJCQl9LA0KCQkJIm1zZ09wZXJhdGlvbnMiOiB7DQoJCQkJImRlZXBMaW5rIjogImZhbHNlIg0KCQkJfQ0KCQl9DQoJXQ0KfQ==",

}
}
}

SAMPLE RESPONSE # 2 - Response for valid JSON structure with header level error for Structural Error

HTTP 400
{
"responseHeader": {
"responseId": "pullcustomermessagesamplerequest1",

"programId": "1234567890",

"userContext": {
"walletId": "pullcustomermessagesamplewallet1",

"seId": "pullcustomermessagesamplese1",

"userId": "pullcustomermessagesampleuser1",
},

"errors":[{
"errorCode":"90001",

"errorMessage": "Invalid Token Id",
}]
}
}

wallet/account/personalization

/nws/WalletServiceProvider/se/v0/wallet/account/personalization


Asynchonously get the personalization data that is needed by the device for provisioning the Card.

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates Request and Program related parameters

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId: string | mandatory | 1-16

A unique identifier of the digital wallet service provider

requestHeader: sessionId: string | mandatory | 1-64

A unique identifier for the entire session associated with the provision across multiple API calls

requestHeader: userContext: data dictionary | mandatory

This is a Wallet Service Provider specific representation of the attributes that uniquely define a user within the context of the Wallet Service Provider

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet specific for the user

requestHeader: userContext: seId: string | mandatory | 5-64

A stable persistent hardware identifier that survives factory resets

requestHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

provisionPersonalizationContext: data dictionary | mandatory

A Container for a wallet specific set of properties that can be supplied in the request

provisionPersonalizationContext: tokenId: string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

provisionPersonalizationContext: secureContext: string | secure context

Encapsulates the JWE-encrypted version of the credentialsContext

provisionPersonalizationContext: secureContext: encryptedContent: string | mandatory | variable

Encrypted representation of the content containing Payement Token related information and personalization data

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

content-Type:

Only accept application/json type

Cache-Control:

no-store

X-DFS-AUTH:

JSON Web Token to authenticate Discover requests to the Wallet Service Provider

SAMPLE CURL REQUEST # 1

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"personalizationdatasamplerequest1" ,
"programId":
"1234567890" ,
"sessionId":
"personalizationdatasamplesession1" ,
, "userContext": {
"walletId":
"personalizationdatasamplewallet1" ,
"seId":
"personalizationdatasamplese1" ,
"userId":
"personalizationdatasampleuser1"
}
},
"provisionPersonalizationContext": {
"tokenId":
"personalizationdatasampletokenid1" ,
"secureContext": {
"encryptedContext":
"UGVyc29uYWxpemF0aW9uIGRhdGEgcmVxdWlyZWQgYnkgdGhlIHBheW1lbnQgYXBwbGljYXRpb24gd2l0aGluIHRoZSBkZXZpY2UgdG8gcGVyZm9ybSB0b2tlbiBwYXltZW50IHRyYW5zYWN0aW9u"
}
}
}' \
'/nws/WalletServiceProvider/se/v0/wallet/account/personalization'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates Request and Program related parameters

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: sessionId: string | mandatory | 1-64

This is the value that was provided in the request for sessionId

responseHeader: userContext: data dictionary | mandatory

This is a Wallet Service Provider specific representation of the attributes that uniquely define a user within the context of the Wallet Service Provider

responseHeader: userContext: walletId: string | mandatory | 1-100

This is the value that was provided in the request for walletId

responseHeader: userContext: seId: string | mandatory | 5-64

This is the value that was provided in the request for seId

responseHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

responseHeader: errors: data dictionary | Conditional

An array of errorCode and errorMessage This object will be returned if there is at least one error in processing the request

responseHeader: error: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Response for valid JSON structure with no header level errors

HTTP 200
{
"responseHeader": {
"responseId": "personalizationdatasamplerequest1",

"programId": "1234567890",

"sessionId": "personalizationdatasamplesession1",

"userContext": {
"walletId": "personalizationdatasamplewallet1",

"seId": "personalizationdatasamplese1",

"userId": "personalizationdatasampleuser1 "
}
}
}

wallet/account/profile/management

/nws/WalletServiceProvider/se/v0/wallet/account/profile/management


Update PAN and issuer attribute information in the wallet when it is updated by the issuer

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates request and wallet identification attributes

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId: string | mandatory | 1-16

A unique identifier of the digital wallet service provider

requestHeader: userContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier of the digital wallet service provider

requestHeader: userContext: seId: string | mandatory | 5-64

Secure Element ID

requestHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

accountProfileManagementRequest: object | mandatory

Encapsulates profile management request information

accountProfileManagementRequest: tokenId: string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

accountProfileManagementRequest: reason: string | mandatory | 1-256

Reason for the requested change

accountProfileManagementRequest: accountMetadataContext: data dictionary | conditional

AccountMetadataContext is a Wallet-specific representation of the account management request attributes

accountProfileManagementRequest: accountMetadataContext: cardType: string | optional | 1-36

Card type, Debit/Credit

accountProfileManagementRequest: accountMetadataContext: productDescription: string | optional | 1-64

Discover Card Description - "Discover It", "Discover More", "Discover Miles"

accountProfileManagementRequest: accountMetadataContext:cardImageId: string | optional | 1-64

UUID for card image

accountProfileManagementRequest: accountMetadataContext: networkLogoId: string | optional | 1-64

UUID for card networkLogoId

accountProfileManagementRequest: accountMetadataContext: panSuffix: string | optional | 4

last 4 digits of the PAN

accountProfileManagementRequest: accountMetadataContext: foregroundColorRGB: color | optional

Color of the text in the front of the card art (e.g., PAN suffix)

accountProfileManagementRequest: accountMetadataContext: backgroundColorRGB : color | optional

Background color to be displayed in case of partial card art or when card is not loaded

accountProfileManagementRequest: accountMetadataContext: labelColorRGB : color | optional

Color of the label in the front of the card art (Should be used only in case of additional label on top of card art)

accountProfileManagementRequest: secureContext: data dictionary | secure context

Encapsulates the JWE-encrypted version of the accountContext

accountProfileManagementRequest: secureContext: encryptedContent: string | mandatory | variable

Encrypted representation of the content

accountProfileManagementRequest: issuerContext: data dictionary | conditional

This object is a Wallet specific representation of the attributes that define issuer metadata

accountProfileManagementRequest: issuerContext: issuerName: string | mandatory | 1-32

Full name of the issuing bank

accountProfileManagementRequest: issuerContext: website: string | optional | 1-256

Customer service website of issuing bank

accountProfileManagementRequest: issuerContext: email: string | optional | 1-128

Customer service email address of issuing bank

accountProfileManagementRequest: issuerContext: contactNumber: string | optional | 1-24

Customer service phone number of issuing bank

accountProfileManagementRequest: issuerContext: privacyPolicyURL: string | optional | 1-256

Privacy policy URL of the issuer

accountProfileManagementRequest: issuerContext: termsConditionsURL: string | optional | 1-256

Terms & Conditions URL of the issuer

accountProfileManagementRequest: issuerContext: appId: string[] | optional | 1-64 for each element

package name of the app
  • Handset - "com.discoverfinancial.mobile"
  • Tablet - "com.discoverfinancial.tablet"

accountProfileManagementRequest: issuerContext: supportsTokenNotifications: string | optional | 4-5

An indicator for whether the Issuer supports Notifications

accountProfileManagementRequest: issuerContext: supportsInAppPayment: string | optional | 4-5

An indicator for whether the Issuer wants the Card to be used for InApp Payments

accountProfileManagementRequest: issuerContext: supportsContactlessPayment: string | optional | 4-5

An indicator for whether the Issuer wants the Card to be used for Contactless Payments

COLOR TABLE


red: string | conditional | 1-3

Red colors attribute. Valid range 0 - 255

green: string | conditional | 1-3

Green colors attribute. Valid range 0 - 255

blue: string | conditional | 1-3

Blue colors attribute. Valid range 0 - 255

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

content-Type:

Only accept application/json type

Cache-Control:

no-store

X-DFS-AUTH:

JSON Web Token to authenticate Discover requests to the Wallet Service Provider

SAMPLE CURL REQUEST #1 - Issuer initiated (Outbound) Request

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"accountprofilemanagementsamplerequest1", ,
"programId":
"1234567890" ,
"userContext": {
"walletId":
"accountprofilemanagementsamplewallet1" ,
"seId":
"accountprofilemanagementsamplese1" ,
"userId":
"accountprofilemanagementsampleuser1"
}
},
"accountProfileManagementRequest": {
"tokenId":
"accountprofilemanagementsampletokenid1" ,
"reason":
"Card product upgrade" ,
"accountMetadataContext": {
"cardType":
"Credit" ,
"productDescription":
"Discover It" ,
"cardImageId":
"accountprofilemanagementsamplecardimageid1" ,
"foregroundColorRGB": {
"red":
"255" ,
"green":
"255" ,
"blue":
"255"
},
"backgroundColorRGB": {
"red":
"255" ,
"green":
"255" ,
"blue":
"255"
},
"labelColorRGB": {
"red":
"255" ,
"green":
"255" ,
"blue":
"255"
}
}
}
}' \
'/nws/WalletServiceProvider/se/v0/wallet/account/profile/management'

RESPONSE VALUES


responseHeader:object | mandatory

Encapsulates response identifier and program identifier, and userContext data as well as error information

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext:data dictionary | mandatory

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | mandatory | 1-100

This is the value that was provided in the request for walletId

responseHeader: userContext: seId: string | mandatory | 5-64

This is the value that was provided in the request for seId

responseHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

responseHeader: errors: object | conditional

An array of errorCode and errorMessage
This object will be returned if there is at least one error in processing the request

responseHeader: errors: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

responseHeader: errors: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Succesfull Response

HTTP 200
{
"responseHeader": {
"responseId": "accountprofilemanagementsamplerequest1",

"programId": "1234567890",

"userContext": {
"walletId": "accountprofilemanagementsamplewallet1",

"seId": "accountprofilemanagementsamplese1",

"userId": "accountprofilemanagementsampleuser1",}
}
}

SAMPLE RESPONSE # 2 - Structural error found in request

HTTP 400
{
"responseHeader": {
"responseId": "accountprofilemanagementsamplerequest1",

"programId": "1234567890",


"userContext": {
"walletId": "accountprofilemanagementsamplewallet1",

"seId": "accountprofilemanagementsamplese1",

"userId": "accountprofilemanagementsampleuser1"
},


"errors": [{
"errorCode": "90002",

"errorMessage": "Mandatory document/field missing - tokenId"
}]
}
}

wallet/account/pushNotification

/nws/WalletServiceProvider/se/v0/wallet/account/pushNotification


Notification to the wallet service provider to indicate new transactions or messages

REQUEST ARGUMENTS


requestHeader: object | mandatory

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | mandatory | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId : string | mandatory | 1-16

A unique identifier of the digital wallet service provider

requestHeader: userContext: Data Dictionary | conditional

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

requestHeader: userContext: walletId: string | mandatory | 1-100

Unique identifier for the digital wallet specific for the user

requestHeader: userContext: seId: string | mandatory | 5-64

Secure Element ID

requestHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

pushNotificationRequest: object | mandatory

Encapsulates push notification request information

pushNotificationRequest: tokenId:string | mandatory | 1-64

Unique reference of the Payment token that was created as a result of provision

pushNotificationRequest : type: string | mandatory | 1-20

Type of information available to be pulled from the Discover Network. This value should determine which pull API the MPP follows up with. Available values are:
  • "messages" - Wallet Service Provider should follow up with a Pull Messages call
  • "transactions" - Wallet Service Provider should follow up with a Pull Transactions call

pushNotificationRequest: timestamp: string | mandatory | 24

UTC date and time at which request is sent Should be in ISO 8601 Format:
YYYY-MM-DD'T'hh:mm:ss.sss'Z', where:
YYYY - year
MM - month
DD - day of month
'T' - character T; delimiter between date and time
hh - hour 0-23
mm - minute
ss.sss - seconds.millis
'Z' - character Z; indicates UTC time

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

content-Type:

Only accept application/json type

Cache-Control:

no-store

X-DFS-AUTH:

JSON Web Token to authenticate Discover requests to the Wallet Service Provider

SAMPLE CURL REQUEST #1 - Discover Network initiated Request

curl --include --header "x-dfs-c-app-cert:sampleconsumercertificate" \
--header "Accept:application/json" \
--header "Content-Type:application/json" \
--header "Cache-Control:no-store" \
--header "x-dfs-api-plan:sampleapiplan" \
--header "Content-Type:application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"pushnotificationsamplerequest1", ,
"programId":
"1234567890" ,
"userContext": {
"walletId":
"pushnotificationsamplewallet1" ,
"seId":
"pushnotificationsamplese1" ,
"userId":
"pushnotificationsampleuser1"
}
},
"pushNotificationRequest": {
"tokenId":
"pushnotificationsampletoken1",
"type":
"transaction | message" ,
"timestamp":
"2017-03-11T14:27:00.123Z"
}
}' \
'/nws/WalletServiceProvider/se/v0/wallet/account/pushNotification'

RESPONSE VALUES


responseHeader: object | mandatory

Encapsulates response identifier and program identifier, and userContext data as well as error information

responseHeader: responseId: string | mandatory | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | mandatory | 1-16

This is the value that was provided in the request for programId

responseHeader: userContext: data dictionary | mandatory

This object is a Wallet specific representation of the attributes that uniquely define a user within the context of the wallet

responseHeader: userContext: walletId: string | mandatory | 1-100

This is the value that was provided in the request for walletId

responseHeader: userContext: seId: string | mandatory | 5-64

This is the value that was provided in the request for seId

responseHeader: userContext: userId: string | mandatory | 1-100

A Unique identifier for the user. This can be an EmailAddress or other identifier or a hashed version of the data item

responseHeader: errors: object | conditional

An array of errorCode and errorMessage
This object will be returned if there is at least one error in processing the request

responseHeader: error: errorCode: string | mandatory | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | mandatory | 1-1024

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 - Response for valid JSON structure with no header level errors

HTTP 200
{
"responseHeader":
{"responseId": "pushnotificationsamplerequest",

"programId": "1234567890",

"userContext": {
"walletId": "pushnotificationsamplewallet1",

"seId": "pushnotificationsamplese1",

"userId": "pushnotificationsampleuser1"
}
}
}

resource

/nws/nwp/se/v0/{programId}/{resourceUUID}/{requestId}


Get digital asset for the provided resource identifier

REQUEST ARGUMENTS


URI Format

requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

programId: string | required| 1-16

A unique identifier of the digital wallet service provider

resourceUUID: string | required | 1-64

A unique identifier assigned to a digital resource

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store.

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--request GET \
'/nws/nwp/se/v0/resource/1234567890/sampleresourceid1/resourcesamplerequest1'

RESPONSE VALUES


responseHeader: object | required

Encapsulates request, session and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | required | 1-16

This is the value that was provided in the request for programId

responseHeader: error: object | maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | required | 1-1024

Error message corresponding to the error code

responseResource: object | maybe

Encapsulates resource response details. Will not be provided in case of any structure validation errors

responseResource: resourceTypeCode: string | required | 2

Represents the code assigned to type of digital asset

Possible Value
  1. 01

responseResource: resourceType: string | 1-215

Description of the resource e.g., Complete Card Image

responseResource: resourceUUID: string | required | 1-16

This is the value that was provided in the request for the resourceUUID

responseResource: resource: object | required

Encapsulates actual digital asset

responseResource: media : object | required | 3-64

Type of media

Possible values
  1. image/pdf
  2. image/png
  3. image/svg
  4. text/plain
  5. text/html

responseResource: encodedResource: string | required | variable

Base64 encoded resource

responseResource: width: string | maybe | 1-4

Width of the image. Provided only when media type is image

responseResource: height: string | maybe | 1-4

Height of the image. Provided only when media type is image

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Successful response

HTTP 200
{
"responseHeader": {
"responseId": "resourcesamplerequest1",

"programId": "1234567890",

},
"resourceResponse":{
"resourceTypeCode": "01",
"resourceUUID": "sampleresourceid1"
"resource" [{
"media": "image/png",

"encodedResource": "PGh0bWw+DQo8c3R5bGU+......"
}]
}
}

SAMPLE RESPONSE # 2 - Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": ”ondemandcredentialssamplerequest1”,

"programId": "1234567890",

},
"errors": [{
"errorCode": "90002",

"errorMessage”: "Invalid Field Length– programId "
}]
}

account/status

/nws/nwp/se/v0/wallet/account/status


Status of provision and token for the provided payment token identifier

REQUEST ARGUMENTS


requestHeader: object | required

Encapsulates request, session and wallet identification attributes

requestHeader: requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

requestHeader: programId: string | required | 1-16

A unique identifier of the digital wallet service provider

accountStatusRequest: object | required

Encapsulates request payload of account status request

accountStatusRequest: tokens: object | required

An array of Payment Token Reference identifiers

accountLifecycleRequest: tokens: tokenId: string | required | 1-64

An unique reference to the Payment Token for which the mentioned life cycle operation needs to be performed

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate"
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--header "Content-Type: application/json" \
--request POST \
--data '{
"requestHeader": {
"requestId":
"accountstatussamplerequest1" ,
“programId”:
"1234567890" ,
},
"accountStatusRequest": {
"tokens": [{
"tokenId":
”sampletokenid1” ,
}, {
"tokenId":
"sampletokenid2"
}]
}
}' \
'/nws/nwp/se/v0/wallet/account/status'

RESPONSE VALUES


responseHeader: object | required

Encapsulates request, session and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | required | 1-16

This is the value for programId that was provided in the request

responseHeader: error: object | maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 5

A numeric code specific to the error scenario that occurred due to structural validation

responseHeader: error: errorMessage: string | required | 1-1024

Error message corresponding to the error code

accountStatusResponse: object | maybe

Encapsulates Account Status response details. Will not be provided in case of any structure validation errors

accountStatusResponse: tokenStatus: object | required

Array of token ids outlining the current status of each Payment Token associated for each payment token identifier provided in the request

accountStatusResponse: tokenStatus: tokenId: string | required | 1-64

This is the value that was provided in the request for the field tokenId

accountStatusResponse: tokenStatus: provisionStatus: string | maybe | 6-32

Status of provision associated with the payment token identifier. Provided only when there is no issue with the provided payment token identifier

Possible Values
  1. Completed
  2. Pending
  3. Failed

accountStatusResponse: tokenStatus: tokenStatus: string | maybe | 6-32

Status of token associated with the payment token identifier. Provided only when there is no issue with the provided payment token identifier

Possible Values:
  1. Active
  2. Suspended
  3. Unlinked

accountStatusResponse: tokenStatus: errorCode: string | maybe | 5

A numeric code specific to the error scenario that occurred for the requested tokenId

accountStatusResponse: tokenStatus: errorMessage: string | maybe | 1-1024

Error message corresponding to the error code

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Successful response

HTTP 200
{
"responseHeader": {
"responseId": ”accountstatussamplerequest1”,

"programId": "1234567890"
},

"accountStatusResponse": {
"tokenStatus": [{
"tokenId": "sampletokenid1",

"provisionStatus": "Completed",

tokenStatus: "Active"

}, {
"tokenId": "sampletokenid2",

"errorCode": "10102",

"errorMessage": "Invalid payment token identifier"
}]
}
}

SAMPLE RESPONSE # 2 -Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": ”accountstatussamplerequest1”,

"programId": "1234567890"

},
"errors": [{
"errorCode": "90002",

"errorMessage”: "Invalid Field Length– programId "
}]
}

utility/healthCheck

/nws/nwp/se/v0/wallet/utility/healthcheck/{programId}/{requestId}


Check health of the platform for monitoring purposes

REQUEST ARGUMENTS


URI Format

requestId: string | required | 1-64

A unique reference to an API request freshly generated by the Client server

programId: string | required | 1-16

A unique identifier of the digital wallet service provider

REQUEST HTTP HEADERS


Accept:

Only accept application/json type

Content-Type:

Only accept application/json type

Cache-Control:

no-store

Authorization:

access token

X-DFS-C-APP-CERT:

consumer application certificate

X-DFS-API-PLAN:

intended API Plan

SAMPLE CURL REQUEST

curl --include --header "x-dfs-c-app-cert: sampleconsumercertificate" \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--header "Cache-Control: no-store" \
--header "x-dfs-api-plan: sampleapiplan" \
--request GET \
'/nws/nwp/se/v0/wallet/utility/healthcheck/1234567890/
healthchecksamplerequest1'

RESPONSE VALUES


responseHeader: object | required

Encapsulates request and wallet identification attributes from the requestHeader

responseHeader: responseId: string | required | 1-64

This is the value that was provided in the request for the requestId

responseHeader: programId: string | required | 1-16

This is the value that was provided in the request for programId

responseHeader: error: object| maybe

An array of errorCode and errorMessage

responseHeader: error: errorCode: string | required | 5

A numeric code specific to the error scenario that occurred

responseHeader: error: errorMessage: string | required | 1-1024

Error message corresponding to the error code

healthCheckResource: object | maybe

Encapsulates health check response details. Will not be provided in case of any structure validation errors

healthCheckResource: version: string | 1-32

A string indicating version of the platform

healthCheckResource: healthy: string | required | 4-5

Overall platform health

Possible Values
  1. True
  2. False

healthCheckResource: message: string | required | 1-256

Description associated with the health of the platform

RESPONSE HTTP HEADERS


Content-Language:

en-US

Content-Type:

Only accept application/json type

Cache-Control:

no-store

SAMPLE RESPONSE # 1 – Successful response indicating healthy platform

HTTP 200
{
"responseHeader": {
"responseId": ”healthchecksamplerequest1”,

"programId": "1234567890"

},
"healthCheckResponse": {
"version": "1.2.0",

"healthy”: "true",

“message”: "Services health check is successful"
}
}

SAMPLE RESPONSE # 2 - Response for a structural error

HTTP 400
{
"responseHeader": {
"responseId": ”healthchecksamplerequest1”,

"programId": "1234567890"

},
"errors": [{
"errorCode": "90002",

"errorMessage”: "Invalid Field Length– programId"
}]
}

Errors


Header Level Error Codes

Error Code Error Message Error Description HTTP Status Code
90001 Mandatory document/field missing - {name} The named field is not present in the request 400
90002 Invalid field length - {name} The named field is not present in the request 400
90003 Invalid field type - {name} The type of the field is invalid 400
90004 Invalid field value - {name} The named field is invalid in the request 400
90005 Invalid HTTP Header - { name} The named HTTP Header is invalid in the reques 400
90006 No Content-Type in HTTP Header No Content-Type in HTTP Header 400