POSTTokenize Card API

Use Case

Used to tokenize a card to create a server-based Token. Paytm TG will perform both card availability and eligibility checks to check that this specific card is eligible for tokenization. The tokenization decision will be one of Successful or Failed.

Request Attributes

Content Type : JSON

Head

Attribute	Description
Version string mandatory	Version of the API Possible Value: v1
requestTimestamp string mandatory	EPOCH timestamp of the time at which request is being sent Possible Value: 1588402269
requestId string mandatory	Merchant’s Unique Request ID for card tokenization Possible Value: Any
signature string mandatory	Paytm validates the request and ensures that parameters are not tempered by verifying the signature in the request. For creating the checksum (signature) refer to the steps given in Checksum Logic. Note: Create the signature using the body parameter of the request. Possible Value: Any
signatureType string mandatory	Authorization method for this request. Possible Value: CHECKSUM
clientId string optional	Paytm uses the merchant key on the basis of clientId parameter value. It is required only if the merchant has more than one key.
encryptionKeyVersion string optional	Paytm uses the merchant key on the basis of the encryption key version. It is required only if the merchant has more than one key. Possible Value: v1

Body

Attribute

Description

authRefId

string

conditional

Authentication ID for the 2FA transaction generated as received from the acquirer.
Condition: To be provided mandatorily for RupayCards

cardSource

string

mandatory

The source where PAN data was captured. Must be one of the possible values.
CARD_ON_FILE: If the merchant already has the PAN data in storage.
MANUAL_ENTERED: PAN data is manually entered by the cardholder.
CARD_SCAN: PAN data is manually captured via a camera/OCR

encryptedCardData

string

mandatory

Encrypted card data string with RSA Encryption logic

Decrypted String: {"cardNumber":"4111XXXXXXXX1111","expiryMonth":"10","expiryYear":"2022","securityCode":"123"}

Note: This is sample string which is encrypted by RSA Encryption logic and used here.

userInfo

string

mandatory

Customer info object

userInfoCoft

Attribute	Description
custId string mandatory	Merchant customer id/consumer id Possible Values: Any
firstName string optional	Customer/consumer first name Possible Values: Any
lastName string optional	Customer/consumer last name Possible Values: Any
mobileNumber string optional	Customer/consumer mobile no Possible Value: Any (valid mobile no)

tokenizationConsent

string

mandatory

User consent detail

tokenizationConsent

Attribute	Description
userConsent boolean mandatory	Tokenisation consent from the user in a boolean expression Sample Value: (1,0)
createdAt string mandatory	Timestamp when user consented for tokenization was captured Sample Value: Jul 22, 2021 02:46:54 PM
userConsentId string optional	The ID of the message displayed to the user for consent
language string optional	Language in which consent was accepted by end customer Sample Value: en
platform string optional	PHONE, TABLET, PC, WATCH, OTHER,API Sample Value: APP
os string optional	The OS on which consent was given by the user such as Android, IOS, Windows, Web, Others Sample Value:androidapp
appVersion string optional	App version of merchant or Paytm on which consent was collected Sample Value: 9.10.2
locale string optional	Location of application communicating to cardholder sample value. en-IN
ip string optional	IP address of the device that accepted the consent Sample Value: 157.35.79.240
deviceId string optional	Device ID of the device that accepted the consent Sample Value :samsung-SM-A260G-01b9ec5dc11fc570
deviceName string optional	Device Name of the device that accepted the consent Sample Value: SM-A260G\

Response Attributes

Content Type : JSON

Head

Attribute	Description
Version string	Version of the API Possible Value: v1
responseTimestamp string	EPOCH timestamp of the time at which request is being received Possible Value: 1588402269
requestId string	Merchant’s Unique Request ID for card tokenization Possible Value: Any

Body

Attribute

Description

mid

string

Paytm provides MID as a unique identifier to each merchant.
For your staging MID, click here. You get the production MID post the account activation.
Example: INTEGR7769XXXXXX9383

tokenIndexNumber

string

Unique Token Reference ID provided by Paytm Token Service

tokenStatus

string

The status of the token. Must be one of the four possible values.

INIT: Tokenization is not yet complete

ACTIVE: Card token is active and transactions can be processed with the same.

FAILED: Card tokenization failed by system or card network error

resultInfo

string

Status object

ResultInfo

Attribute	Description
resultCode string	Response code for different failure reason Possible Values: Any
resultStatus string	Response status Possible Values: S/F/U
resultMsg string	Response message Possible Values: Any

Response Codes & Messages

resultCode	resultStatus	resultMsg
00	Success	SUCCESS
100	Pending	PENDING
150	PENDING	SYSTEM_ERROR
400	FAILED	BAD_REQUEST
401	FAILED	FAILURE
406	FAILED	Invalid request id
407	FAILED	Incorrect mid
408	FAILED	Incorrect User ID
409	FAILED	Incorrect details passed
410	FAILED	Mandatory fields missing
412	FAILED	DUPLICATE_REQUEST
420	FAILED	Card Bin is not supported
730	FAILED	Error from card network
440	FAILED	Operation not supported by network
442	FAILED	Unable to found TRID
443	FAILED	TRID is not in Active state
500	FAILED	INTERNAL_SYSTEM_ERROR
502	FAILED	SYSTEM_ERROR
1001	FAILED	Signature Validation Failure
1002	FAILED	CheckSum Validation Failure
1003	FAILED	Jwt Validation Failure
1004	FAILED	Merchant Id is missing
1005	FAILED	Signature type is missing
1006	FAILED	Head is missing
1400	FAILED	Signature Type is invalid
700	FAILED	Bad Request from card Network
701	FAILED	Failure from card network
702	FAILED	Error from Network
708	FAILED	Error connecting with card network
709	FAILED	Error communicating with card network
711	FAILED	Invalid card details
712	FAILED	Card not eligible
713	FAILED	Card not allowed
714	FAILED	Further operations for this card are not allowed
716	FAILED	CARD_DECLINED
721	FAILED	Error with Network
723	FAILED	Error While connecting to card network
727	FAILED	INVALID_AUTHREFNO
750	FAILED	REQUIRE_ADDITIONAL_AUTHENTICATION
801	PENDING	Awaiting response from the network

⇾

Staging

Production

https://securestage.paytmpayments.com/coft-center/coft/merchant/{mid}/tokenize?requestId={request-id} copy icon

REQUEST

RESPONSE

CURL

PHP

PYTHON

NODE

DOTNET

curl -X POST 'https://securestage.paytmpayments.com/coft-center/coft/merchant/{mid}/tokenize?requestId={request-id}
' \
--header 'Content-Type: application/json' \
--data '{"body":{"authRefId":"501123338","cardSource":"CARD_ON_FILE","encryptedCardData":"Encrypted cardData object","userInfo":{"custId":"CUST_001","firstName":"","lastName":"","mobileNumber":""},"tokenizationConsent":{"userConsent":1,"createdAtuser":"Jul 22, 2021 02:46:54 PM","userConsentId":"1234","language":"en","platform":"APP","os":"androidapp","appVersion":"9.10.2","locale":"en-IN","ip":"157.35.79.240","deviceId":"samsung-SM-A260G-01b9ec5dc11fc570","deviceName":"SM-A260G"}},"head":{"version":"v1","requestTimestamp":"1544614590000","requestId":"merchre000001","signature":"{signature}","signatureType":"signatureType","clientId":""}}'