Card
A card is tied to one or more savings or checking accounts managed by CorePro.
To correlate a specific card in CorePro to a specific card record in your system, store your system's unique key in the tag
property, or store CorePro's cardId
in your system.
Creating a real, physical card and shipping it to the end user is a multi-day process. Here is the "normal" production workflow for a card:
- Call
/card/initiate
- Wait multiple day(s) for physical card to be printed and shipped to the end user.
- End user would need to activate the card prior to use -- or in CorePro terms, "verify" the card via
/card/verify
- End user can now use the card immediately
Note: When reissuing a card in the sandbox, if a card is currently in PendingVerification
or ReissuePendingVerification status
, the new status will be ReissuePendingVerification
. Otherwise, the new status will be Verified
.
card Object
Represents a single card in CorePro. A single customer can have multiple cards. A single card can be tied to multiple accounts (4 checking, and 4 savings). A single account can be tied to multiple cards.
details
Property | Data Type (length) |
Description |
---|---|---|
cardId |
integer | The unique identifier for a card. |
customerId |
integer | The unique identifier of the customer who actually created the card (the customer who called /card/initiate ).
|
cardHolderCustomerId |
integer | The unique identifier of the customer who typically has the card in their possession. e.g.: a parent wants a card for their child (who is a minor) to use.
|
typeCode |
string (3) | The type of card. Possible values include:
|
vendorTypeCode |
string (5) | The type of vendor for the card. Possible values include:
|
status |
string (15) | The status of the card. Possible values include:
|
cardNumberMasked |
string (19) | The masked value of the PAN (Primary Account Number) for the card. e.g.: *************1234 . NOTE: This property returns all asterisks (* ) until the card has been verified. |
tag |
string (50) | A caller-specified, unique identifier for this card. Must be unique within a given Program in production. Maximum length is 50 characters. |
firstName |
string (64) | The card holder's first name as it should appear on the card verbatim. See /card/initiate for restrictions. |
middleName |
string (64) | The card holder's middle name as it should appear on the card verbatim. See /card/initiate for restrictions. |
lastName |
string (128) | The card holder's last name as it should appear on the card verbatim. See /card/initiate for restrictions. |
nickName |
string (50) | A display-friendly name that applies to the card itself. |
expireMonth |
integer | The month the card expired / will expire |
expireYear |
integer | The 4-digit year the card expired / will expire |
primaryAccountId |
integer | The accountId of the default account for this card. Should typically be a DDA-type account (type of Checking , or some other DDA). |
lockTypeCode |
string (20) | The type of lock applied to the card. Possible values include:
CST locks but none of the SYS locks. See /card/unlock for the matrix detailing out all possibilities.
|
lockReasonTypeCode |
string (20) |
The reason the lock was applied to the card. Possible values include:
* Can be set via /card/hotlist API route only. Cannot be subsequently unlocked. ** Can be set via Admin console or background processing only; not via API |
createdDate |
datetime | Date the card was created |
requestedDate |
datetime | Date the request to create the card was sent to the card provider |
verifiedDate |
datetime | Date the card was set to a Verified status by the successfully calling /card/verify |
reissuedDate |
datetime | Date the card was set to a Reissued status due to calling /card/reissue |
deniedDate |
datetime | Date the card was set to a Denied status. |
expiredDate |
datetime | Date the card was set to an Expired status due to the customer never calling /card/verify |
archivedDate |
datetime | Date the card was set to an Archived status due to calling /card/archive |
lastModifiedDate |
datetime | Date when the object was last altered in any way.Note: This property updates when a card is locked or unlocked. |
accounts |
List of partially-populated account objects |
Properties that are populated on each partial account object are:
|
newPin |
string |
The new 4-digit (0-9 only) value to assign to the PIN. Must be encrypted using this public key and converted to base64 per RFC 4648. For example, if your PIN is ahbL0fFx/do4mBEpURziDUEJftK5OZKhIts5yThxDgHcmvC56vX/GGrnAenz an3PuO9ZYm353KB/jYqupR0/3UDs0i0PNoeFro3fE5eZZuB3UZzO3HGaf8dJ XSg63CDeqDnuSFCMOhMciZwolgx+jGrSncTt3wWvwysreQ9RFN0+pgJsD8TZ LqZ5oWG/sdUG1yQej8Q/S3HOMmmPou9FIh4H7ZPeQGnkydCxpOKhfuLXKjW8 gc5yhaKA8lmTio+rQ1nA+zDaG/TeNx8FYIBX2TwB8HBkLe1vfQNpVEE8A/H4 SvhxmHrajrZmg2BA9xP/f/JoFTk7mwgeOWYwSC7VnA== This value will never be returned from the API Note: OAEP must be enabled during the encryption process. See the |
qualifierCode |
string |
The QualifierCode property is optional and accepts any alphanumeric (max length 3) characters. Valid values are defined by DPS at the time of BIN creation. |
binId |
int |
The BinId property is optional and specifies which bin a card will be created under, if left null the first valid bin for the program will be used. |
addAccount
Adds an account to a card. Can be reversed by calling /card/removeAccount
.
The customerId
attempting to add the account must have an accessTypeCode
of FULL
to that account and the customer itself must have a accessTypeCode
of FULL
or ACCT
.
POST /card/addAccount
Request Body Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
accountId |
Required | Account ID that should be accessible via the given cardId . The customerId must have FULL access to the account . |
cardPriority |
Required | Priority the Account ID will have. Must be between 1 and 4 inclusive. If this matches the priority of an existing account, that account's priority will be slid down one slot (as will all other lower priority accounts as needed) |
Response Data
A card object |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150601 | Invalid CardId {0} or CustomerId {1} is not associated with the card. | |
150602 | CardId {0} must be unlocked to add an account. | |
150603 | AccountId {0} must be a Checking or Savings account. | |
150604 | CardId {0} already has the maximum of 4 {1} accounts. | |
150605 | AccountId {0} is in a status of {1}. Must be Open to add it to a card. | |
150606 | AccountId {0} is already tied to CardId {1} with a priority of {2}. | |
150607 | New priority of {0} must be between 1 and {1}. |
Example
Request
POST /card/addAccount Authorization: Basic PutBase64TokenHere
{ "accountId": 810056, "cardId": 441612, "cardPriority": 1, "customerId": 809953 }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 810056, "accountNumberMasked": "*************0148", "availableBalance": 0.0, "balanceLastModifiedDate": "2019-01-18T13:37:48.893-06:00", "cardPriority": 1, "customerId": 809953, "lastModifiedDate": "2019-01-18T13:37:48.890-06:00", "name": "New Bike", "pendingBalance": 0.0, "status": "Open", "tag": "", "type": "Checking" }, { "accountBalance": 0.0, "accountId": 1325696, "accountNumberMasked": "*************3030", "availableBalance": 0.0, "balanceLastModifiedDate": "2019-06-13T15:57:18.102-05:00", "cardPriority": 2, "customerId": 809953, "lastModifiedDate": "2019-06-13T15:57:18.098-05:00", "name": "{{name}}", "pendingBalance": 0.0, "status": "Open", "tag": "", "type": "Checking" }, { "accountBalance": 3100.0, "accountId": 809999, "accountNumberMasked": "*************9751", "availableBalance": 3100.0, "balanceLastModifiedDate": "2019-04-03T16:02:31.743-05:00", "cardPriority": 3, "customerId": 809953, "lastModifiedDate": "2019-06-14T12:54:09.357-05:00", "name": "shdkfjhdkjfdf", "pendingBalance": 0.0, "status": "Open", "tag": "", "type": "Checking" } ], "cardHolderCustomerId": 809953, "cardId": 441612, "cardNumberMasked": "****************", "createdDate": "2019-03-15T15:37:21.609-05:00", "customerId": 809953, "expireMonth": 3, "expireYear": 2022, "firstName": "JOHN", "lastModifiedDate": "2019-06-17T14:07:58.607-05:00", "lastName": "SMITH", "limits": [], "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "middleName": "", "nameOnCard": "JOHN SMITH", "nickName": "My Card", "primaryAccountId": 810056, "status": "Verified", "tag": "OZJM1wkc4x3XVFeRikd8l8ue1XzxG5VOR9xtAl8n", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "e75a932a-402e-4f13-af18-b83f9aa20b48", "status": 200 }
archive
Archives a card. Note this is a one-way function; once archived, a card can not be un-archived.
POST /card/archive
Request Body Parameters
customerId |
Required | Id of the customer who created the card (customerId ) OR to whom the card is assigned (cardHolderCustomerId )i.e. either the card creator or the card assignee can archive a card. |
cardId |
Required | Id of the card (returned when the card was created) |
Response Data
The envelope's "data" property will be absent, but a status of 200 is returned upon success. |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150701 | Invalid CardId {0} or CustomerId '{1}' is not associated with the card. | |
153101 | Invalid CardId {0} or CustomerId '{1}' is not associated with the card. | |
153102 | CardId {0} is in a status of '{1}' and cannot be archived. |
Example
Request
POST /card/archive Authorization: Basic PutBase64TokenHere
{ "customerId":3, "cardId":87941 }
Response
200
{ "errors":[], "status":200 }
get
Retrieve card information by the given customerId and cardId
Note: When you provide an invalid identifier (id,tag, or emailAddress), all routes ending with /get
returns 400 (Bad Request). This route returns a filled out corresponding accounts array.
GET /card/get/{customerId}/{cardId}
Request Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
Response Data
A card Object |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
Example
Request
GET /card/get/1587534/1587540 Authorization: Basic PutBase64TokenHere
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587539, "accountNumberMasked": "*************1034", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "********************", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Initiated", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "620c11c5-4674-4f2f-9cc1-2237cb1ad467", "status": 200 }
getByTag
Retrieve card information by the given customerId and tag
Note: When you provide an invalid identifier (id,tag, or emailAddress), all routes ending with /getByTag
returns 400 (Bad Request). This route returns a filled out corresponding accounts array.
GET /card/getbytag/{customerId}/{tag}
Request Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
tag |
Required | Tag value provided when card was created |
Response Data
A card Object |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150801 | Invalid CardId '{0}' or CustomerId '{1}' is not associated with the card. |
Example
Request
GET /card/getbytag/1587534/cfe9e6b6-4b3a-49d2-9133-9641d45ea61e Authorization: Basic PutBase64TokenHere
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587539, "accountNumberMasked": "*************1034", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "cfe9e6b6-4b3a-49d2-9133-9641d45ea61e", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "********************", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Initiated", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "45c8b54d-057a-4fd2-b1ae-526b6209424d", "status": 200 }
hotlist
Permanently locks a card with a FRD
(Suspected Fraud), LST
(Lost), or STL
(Stolen) lockReasonTypeCode
. This is a one-way function.
POST /card/hotlist
Request Body Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
lockReasonTypeCode |
Required |
Possible values include:
|
Response Data
A card object |
The card will have a lockTypeCode of CST upon successful completion of this call. All card-based transfers will fail. |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150401 | Invalid Card Lock Reason Type Code '{0}'. | |
150402 | CardId {0} has been locked by the System and cannot be unlocked by a customer. | |
150403 | CustomerId {0} does not have access to CardId {1}. | |
150801 | Must specify a lockReasonTypeCode of 'FRD', 'STL', or 'LST' when hotlisting a card. |
Example
Request
POST /card/hotlist Authorization: Basic PutBase64TokenHere
{ "cardId":1587540, "customerId":1587534, "lockReasonTypeCode": "STL" }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587539, "accountNumberMasked": "*************1034", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "********************", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "STL", "lockTypeCode": "CST", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Verified", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "620c11c5-4674-4f2f-9cc1-2237cb1ad467", "status": 200 }
initiate
Initiate a request to create a new card and send it to a customer.
In the Sandbox environment, cards will always be created with a cardNumberMasked
value of 1111
and can be verified via /card/verify
immediately afterwards. This is to facilitate faster testing only.
POST /card/initiate
Request Body Parameters
customerId |
Required | The customerId of the customer who is creating the card. |
cardHolderCustomerId |
Required | The customerId of the customer who will be using the card. This should almost always match the customerId property. Exception is when the card is being created for another user. e.g.: A parent wants to create a debit card for their child. |
vendorTypeCode |
Required | The vendor offering the card. Possible values include:
|
typeCode |
Optional | The type of card to create. Possible values include:
|
primaryAccountId |
Required | The account to use when no account is specified by an ISO-8583 request. e.g.: Swiping a card at a Point Of Sale. |
firstName |
Required | The first name that is to appear verbatim on the physical card itself. Can contain only A-Z, " " (space), or "-" (hyphen). If not provided in uppercase, will be converted to uppercase. NOTE: only the first 22 characters of firstName + {space} + middleName + {space} + lastName will appear on the card; this is a limitation of the card provider. |
middleName |
Optional | The middle name that is to appear verbatim on the physical card itself. Can contain only A-Z, " " (space), or "-" (hyphen). If not provided in uppercase, will be converted to uppercase. NOTE: only the first 22 characters of firstName + {space} + middleName + {space} + lastName will appear on the card; this is a limitation of the card provider. |
lastName |
Required | The last name that is to appear verbatim on the physical card itself. Can contain only A-Z or "-" (hyphen). If not provided in uppercase, will be converted to uppercase. NOTE: only the first 22 characters of firstName + {space} + middleName + {space} + lastName will appear on the card; this is a limitation of the card provider. |
nickName |
Required | A display-friendly name given to the card itself. e.g.: My Check Card |
tag |
Optional | A caller-specified, unique identifier for this card. Must be unique within a given Program. Maximum length is 50 characters. |
newPin |
Optional |
The new 4-digit (0-9 only) value to assign to the PIN. Must be encrypted using this public key and converted to base64 per RFC 4648. For example, if your PIN is ahbL0fFx/do4mBEpURziDUEJftK5OZKhIts5yThxDgHcmvC56vX/GGrnAenz an3PuO9ZYm353KB/jYqupR0/3UDs0i0PNoeFro3fE5eZZuB3UZzO3HGaf8dJ XSg63CDeqDnuSFCMOhMciZwolgx+jGrSncTt3wWvwysreQ9RFN0+pgJsD8TZ LqZ5oWG/sdUG1yQej8Q/S3HOMmmPou9FIh4H7ZPeQGnkydCxpOKhfuLXKjW8 gc5yhaKA8lmTio+rQ1nA+zDaG/TeNx8FYIBX2TwB8HBkLe1vfQNpVEE8A/H4 SvhxmHrajrZmg2BA9xP/f/JoFTk7mwgeOWYwSC7VnA== This value will never be returned from the API Note: OAEP must be enabled during the encryption process. See the |
qualifierCode |
string |
The QualifierCode property is optional and accepts any alphanumeric (max length 3) characters. Valid values are defined by DPS at the time of BIN creation. |
binId |
int |
The BinId property is optional and specifies which bin a card will be created under, if left null the first valid bin for the program will be used. |
Response Data
A card object in an Initiated state |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150201 | TypeCode {0} is not valid. Must be 'DBT' or 'CDT'. | |
150202 | VendorTypeCode {0} is not valid. Must be 'VS' or 'MC'. | |
150203 | NameOnCard is a required field. | |
150204 | Tag {0} is already associated with another card. | |
150205 | Invalid Card Holder CustomerId {0}. | |
150206 | Assigned Customer {0} status is '{1}'. Must be 'Initiated', 'Manual Review', or 'Verified'. | |
150207 | Assigned Customer {0} access type is '{1}'. Must be 'FULL', 'ACCT', or 'CARD'. | |
150208 | Invalid Primary AccountId {0}. | |
150209 | Primary AccountId {0} is in invalid status of {1}. Must be Open or PendingOpen. | |
150210 | Primary AccountId {0} must be a Checking or Savings account. | |
150211 | Insufficient access type {0} for CustomerId {1} to Primary AccountId {2} to add a card. FULL is required. | |
150212 | A Primary Account must be specified. | |
150213 | Both FirstName and LastName are required. | |
150230 | Another card for CustomerId {0} is using NickName of {1}. NickName must be unique. | |
150231 | The primary customer {0} must have its Mobile or Home phone specified prior to creating a card. | |
150232 | The primary customer {0} must have its Mailing or Residence address specified prior to creating a card. | |
150240 | FirstName ({0}) must contain only characters A-Z, hyphen, apostrophe, period, comma, ampersand, or space. | |
150241 | MiddleName ({0}) must contain only characters A-Z, hyphen, apostrophe, period, comma, ampersand, or space. | |
150242 | LastName ({0}) must contain only characters A-Z, hyphen, apostrophe, period, comma, or ampersand. | |
150243 | Card Bin {0} is not valid. |
Example
Request
POST /card/initiate Authorization: Basic PutBase64TokenHere
{ "customerId": 1587542, "cardHolderCustomerId": 1587542, "typeCode": "DBT", "vendorTypeCode": "VS", "tag": "", "firstName": "John", "middleName": "Q", "lastName": "Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587547 }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587547, "accountNumberMasked": "*************1038", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587542, "cardId": 1587549, "cardNumberMasked": "********************", "createdDate": "2016-08-24T19:28:04.3031184-05:00", "customerId": 1587542, "expireMonth": 8, "expireYear": 2018, "lockReasonType": "UNK", "lockType": "UNL", "firstName": "John", "middleName": "Q", "lastName": "Smith", "nickName": "My Card", "primaryAccountId": 1587547, "status": "Initiated", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "9f7d34bd-2b24-424e-9e87-62b49e3f0bbe", "status": 200 }
list
Retrieve all card information for the given customerId
GET /card/list/{customerId}
Request Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
Response Data
A list of card objects |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
Example
Request
GET /card/list/1587542 Authorization: Basic PutBase64TokenHere
Response
200
{ "data": [ { "accounts": [ { "accountBalance": 0.0, "accountId": 1587547, "accountNumberMasked": "*************1038", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587542, "cardId": 1587548, "cardNumberMasked": "XXXXXXXXXXXXXXXXXXXX", "createdDate": "2016-08-24T19:26:42.3331488-05:00", "customerId": 1587542, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587547, "status": "Initiated", "typeCode": "DBT", "vendorTypeCode": "VS" }, { "accounts": [ { "accountBalance": 0.0, "accountId": 1587547, "accountNumberMasked": "*************1038", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587542, "cardId": 1587549, "cardNumberMasked": "********************", "createdDate": "2016-08-24T19:28:04.3031184-05:00", "customerId": 1587542, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Card", "primaryAccountId": 1587547, "status": "Initiated", "typeCode": "DBT", "vendorTypeCode": "VS" } ], "errors": [], "requestId": "e7470b66-556f-40bc-b394-a9ec1e44911b", "status": 200 }
lock
Temporarily locks a card. Will apply a lockTypeCode
of CST
on success. Will remain in effect until it is reversed by calling /card/unlock
.
POST /card/lock
Request Body Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
lockReasonTypeCode |
Required | Possible values include:
|
Response Data
A card object |
The card will have a lockTypeCode of CST upon successful completion of this call. All card-based transfers will fail. |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150401 | Invalid Card Lock Reason Type Code '{0}'. | |
150402 | CardId {0} has been locked by the System and cannot be unlocked by a customer. | |
150403 | CustomerId {0} does not have access to CardId {1}. | |
150404 | Use the /customer/hotlist route to report a lost, stolen, or suspected fraud card. | Occurs only if given lockReasonTypeCode is LST or STL |
150405 | Must specify a valid lockReasonTypeCode. Values include UNK, FRD, DMG, ADM, TMP. |
Example
Request
POST /card/lock Authorization: Basic PutBase64TokenHere
{ "cardId":1587540, "customerId":1587534, "lockReasonTypeCode": "TMP" }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587539, "accountNumberMasked": "*************1034", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "********************", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "TMP", "lockTypeCode": "CST", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Verified", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "620c11c5-4674-4f2f-9cc1-2237cb1ad467", "status": 200 }
lostOrStolen
Deprecated
Please use /card/hotlist instead.
removeAccount
Removes an account from a card. Can be reversed by calling /card/addAccount
.
The customerId
attempting to remove the account must have an accessTypeCode
of FULL
to that account and the customer itself must have a accessTypeCode
of FULL
or ACCT
.
POST /card/removeAccount
Request Body Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
accountId |
Required | Account ID that should be removed from the given cardId . |
Response Data
A card object |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150701 | Invalid CardId {0} or CustomerId {1} is not associated with the card. | |
150702 | Cannot remove primaryAccountId {0} from cardId {1}. First reassign a new primary account to the card, then try again. |
Example
Request
POST /card/removeAccount Authorization: Basic PutBase64TokenHere
{ "cardId":1587540, "customerId":1587534, "accountId":1587539 }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587546, "accountNumberMasked": "*************1055", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "********************", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Verified", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "620c11c5-4674-4f2f-9cc1-2237cb1ad467", "status": 200 }
reissue
Reissue a card and send it to a customer. May or may not generate a new card number depending on the reissue reason type.
POST /card/reissue
Request Body Parameters
customerId |
Required | The customerId of the customer who is creating the card. |
cardId |
Required | The cardId of the card to reissue. |
reissueReasonTypeCode |
Required | The reason the card is being reissued. Possible values include:
* The card will not be automatically locked; the card number can continue to be used. A new card with the SAME card number will be mailed to customer. The card WILL NOT need to be re-verified upon receipt. ** The card will be hotlisted. i.e. All transactions for that card number will denied. A new card with a NEW card number will be mailed to the customer. The card WILL need to be verified upon receipt. |
newPin |
Optional |
The new 4-digit (0-9 only) value to assign to the PIN. Must be encrypted using this public key and converted to base64 per RFC 4648. For example, if your PIN is ahbL0fFx/do4mBEpURziDUEJftK5OZKhIts5yThxDgHcmvC56vX/GGrnAenz an3PuO9ZYm353KB/jYqupR0/3UDs0i0PNoeFro3fE5eZZuB3UZzO3HGaf8dJ XSg63CDeqDnuSFCMOhMciZwolgx+jGrSncTt3wWvwysreQ9RFN0+pgJsD8TZ LqZ5oWG/sdUG1yQej8Q/S3HOMmmPou9FIh4H7ZPeQGnkydCxpOKhfuLXKjW8 gc5yhaKA8lmTio+rQ1nA+zDaG/TeNx8FYIBX2TwB8HBkLe1vfQNpVEE8A/H4 SvhxmHrajrZmg2BA9xP/f/JoFTk7mwgeOWYwSC7VnA== This value will never be returned from the API Note: OAEP must be enabled during the encryption process. See the |
Response Data
A card object in a Verified , PendingVerification or ReissuedPendingVerification |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
Any error codes associated with card locking. | See /card/lock | |
Any error codes associated with card initiation. | See /card/initiate | |
153001 | Invalid Reissue Reason Type {0}. Must be LST, STL, FRD, or DMG. | |
153002 | CardId {0} is not associated with CustomerId {1}. | |
153003 | CardId {0} status is {1}. Must be Verified, Expired, or PendingVerification. |
Example
Request
POST /card/reissue Authorization: Basic PutBase64TokenHere
{ "customerId": 1587542, "cardId": 1587549, "reissueReasonTypeCode": "DMG" }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587547, "accountNumberMasked": "*************1038", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587542, "cardId": 15878949, "cardNumberMasked": "********************", "createdDate": "2016-08-24T19:28:04.3031184-05:00", "customerId": 1587542, "expireMonth": 8, "expireYear": 2018, "lockReasonType": "UNK", "lockType": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Card", "primaryAccountId": 1587547, "status": "Initiated", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "9f7d34bd-2b24-424e-9e87-62b49e3f0bbe", "status": 200 }
reprioritizeAccount
Reprioritizes an account on a card.
The customerId
attempting to reprioritize the account must have a customer accessTypeCode
of FULL
or ACCT
.
POST /card/reprioritizeAccount
Request Body Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
accountId |
Required | Account ID that should be removed from the given cardId . |
cardPriority |
Required | The new priority to give the account. Must be between 1 and 4 inclusive. Other accounts tied to the card in the same productCategoryType as the accountId will be reprioritized accordingly.
NOTE: If the account in the priority 1 slot is changing AND that account is the |
Response Data
A card object |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150801 | Invalid CardId {0} or CustomerId {1} is not associated with the card. | |
150802 | New Priority {0} for CardId {1}, AccountId {2} must be between 1 and {3}. |
Scenarios
Account Name | Priority | Notes |
Checking A | 1 | Checking A is the "primary account" on the card |
Checking B | 2 | |
Checking C | 3 |
"Set priority of Checking A to 3"
- Checking A will change priorities from 1 to 3
- Checking B and Checking C priorities will each "slide up" 1
- Checking B will be marked as the
primaryAccountId
for the card
Account Name | Priority | Notes |
Checking B | 1 | Checking B is now the "primary account" on the card |
Checking C | 2 | |
Checking A | 3 |
"Set priority of Checking C to 1"
- Checking C will change priorities from 3 to 1
- Checking A and Checking B priorities will each "slide down" 1
- Checking C will be marked as the
primaryAccountId
for the card
Account Name | Priority | Notes |
Checking C | 1 | Checking B is now the "primary account" on the card |
Checking A | 2 | |
Checking B | 3 |
"Set priority of Checking B to 3"
- Checking B will change priorities from 2 to 3
- Checking C will "slide up" 1
- Checking A remains the
primaryAccountId
for the card
Account Name | Priority | Notes |
Checking A | 1 | Checking A remains the "primary account" on the card |
Checking C | 2 | |
Checking B | 3 |
Example
Request
POST /card/reprioritizeAccount Authorization: Basic PutBase64TokenHere
{ "cardId":1587540, "customerId":1587534, "accountId":1587539, "priority":1 }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587539, "accountNumberMasked": "*************1055", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" }, { "accountBalance": 20.0, "accountId": 1587547, "accountNumberMasked": "*************1922", "availableBalance": 0.0, "name": "Savings ABC", "pendingBalance": 0.0, "priority": 2, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "********************", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Verified", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "620c11c5-4674-4f2f-9cc1-2237cb1ad467", "status": 200 }
resetPin
Creates a request to reset the PIN for a card. NOTE: This is not a real-time PIN reset. May take up to 24 hours to reset the PIN.
POST /card/resetpin
Request Body Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
newPin |
Required |
The new 4-digit (0-9 only) value to assign to the PIN. Must be encrypted using this public key and converted to base64 per RFC 4648. For example, if your PIN is ahbL0fFx/do4mBEpURziDUEJftK5OZKhIts5yThxDgHcmvC56vX/GGrnAenz an3PuO9ZYm353KB/jYqupR0/3UDs0i0PNoeFro3fE5eZZuB3UZzO3HGaf8dJ XSg63CDeqDnuSFCMOhMciZwolgx+jGrSncTt3wWvwysreQ9RFN0+pgJsD8TZ LqZ5oWG/sdUG1yQej8Q/S3HOMmmPou9FIh4H7ZPeQGnkydCxpOKhfuLXKjW8 gc5yhaKA8lmTio+rQ1nA+zDaG/TeNx8FYIBX2TwB8HBkLe1vfQNpVEE8A/H4 SvhxmHrajrZmg2BA9xP/f/JoFTk7mwgeOWYwSC7VnA== Note: OAEP must be enabled during the encryption process. See the |
Response Data
A card object |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150403 | CustomerId {0} does not have access to CardId {1}. | |
OTHER TBD |
Example
Request
POST /card/resetpin Authorization: Basic PutBase64TokenHere
{ "cardId":1587540, "customerId":1587534, "newPin": "ahbL0fFx/do4mBEpURziDUEJftK5OZKhIts5yThxDgHcmvC56vX/GGrnAenzan3PuO9ZYm353KB/jYqupR0/3UDs0i0PNoeFro3fE5eZZuB3UZzO3HGaf8dJXSg63CDeqDnuSFCMOhMciZwolgx+jGrSncTt3wWvwysreQ9RFN0+pgJsD8TZLqZ5oWG/sdUG1yQej8Q/S3HOMmmPou9FIh4H7ZPeQGnkydCxpOKhfuLXKjW8gc5yhaKA8lmTio+rQ1nA+zDaG/TeNx8FYIBX2TwB8HBkLe1vfQNpVEE8A/H4SvhxmHrajrZmg2BA9xP/f/JoFTk7mwgeOWYwSC7VnA==" }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587539, "accountNumberMasked": "*************1034", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "********************", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Verified", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "620c11c5-4674-4f2f-9cc1-2237cb1ad467", "status": 200 }
unlock
Unlocks a card. Can be reversed by calling /card/lock
.
The following matrix details when this call will succeed or fail.
Current lockTypeCode |
Current lockReasonTypeCode |
Result |
---|---|---|
CST |
UNK - Uknown |
Unlocked Successfully |
CST |
DMG - Physical Damage |
Unlocked Successfully |
CST |
TMP - Temporary |
Unlocked Successfully |
CST |
ADM - Administrative |
Unlocked Successfully |
CST |
LST - Lost |
Unlock Fails - Lost cards can never be used again |
CST |
STL - Stolen |
Unlock Fails - Stolen cards can never be used again |
CST |
FRD - Suspected Fraud |
Unlock Fails - Suspected Fraud cards can never be used again |
SYS |
LST - Lost |
Unlock Fails - Lost cards can never be used again |
SYS |
STL - Stolen |
Unlock Fails - Stolen cards can never be used again |
SYS |
FRD - Suspected Fraud |
Unlock Fails - Suspected Fraud cards can never be used again |
SYS |
ADM - Administrative |
Unlock Fails - Only Admin Console or an automated process can unlock |
SYS |
PIN - PIN Retry Limit Exceeded |
Unlock Fails - Only Admin Console or an automated process can unlock |
CST = Customer Applied SYS = System Applied
|
POST /card/unlock
Request Body Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
Response Data
A card object |
The card will have a lockTypeCode of UNL upon successful completion of this call. The card is unlocked and ready for transfers to take place. |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150501 | Invalid CardId {0} or CustomerId {1}. | |
150502 | CardId {0} has been locked by an Administrator or an automated process. | |
150503 | CardId {0} has been marked as lost, stolen, suspected fraudulent. Cannot unlock. |
Example
Request
POST /card/unlock Authorization: Basic PutBase64TokenHere
{ "cardId":1587540, "customerId":1587534 }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587539, "accountNumberMasked": "*************1034", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "********************", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Verified", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "620c11c5-4674-4f2f-9cc1-2237cb1ad467", "status": 200 }
verify
Verify a customer has received a physical card and activate it for use.
POST /card/verify
Request Body Parameters
customerId |
Required | Customer ID (the customerId or cardHolderCustomerId associated with the card) |
cardId |
Required | Card ID (returned when card was originally created) |
birthDate |
Required | The birthDate of the customerId who created the card. |
cardNumberMasked |
Required | The last 4 digits of the cardNumber value printed on the physical card.
In Sandbox environment, this value is always |
Response Data
A card object |
The card will be in a status of Verified upon successful completion of this call. Transfers may then be made using this card. |
Error Codes
Code | Message (en-US) | Notes |
1-60000 | Any "Common Error Code" may occur. | See Common Error Codes |
150301 | Invalid CardId {0} or CustomerId {1} is not associated with the card. | |
150302 | CardId {0} must be in a PendingVerification status to be verified. Current status is {1}. | |
150303 | Provided values do not match those on file. |
Example
Request
POST /card/verify Authorization: Basic PutBase64TokenHere
{ "cardId":12, "customerId":456, "birthDate": "1975-02-28T00:00:00.000+00:00", "cardNumberMasked":"1111" }
Response
200
{ "data": { "accounts": [ { "accountBalance": 0.0, "accountId": 1587539, "accountNumberMasked": "*************1034", "availableBalance": 0.0, "name": "Savings #1", "pendingBalance": 0.0, "priority": 1, "status": "Open", "tag": "", "type": "Savings" } ], "cardHolderCustomerId": 1587534, "cardId": 1587540, "cardNumberMasked": "************1111", "createdDate": "2016-08-24T18:48:51.6890745-05:00", "customerId": 1587534, "expireMonth": 8, "expireYear": 2018, "lockReasonTypeCode": "UNK", "lockTypeCode": "UNL", "nameOnCard": "John Q. Smith", "nickName": "My Main Debit Card", "primaryAccountId": 1587539, "status": "Verified", "typeCode": "DBT", "vendorTypeCode": "VS" }, "errors": [], "requestId": "620c11c5-4674-4f2f-9cc1-2237cb1ad467", "status": 200 }