Tokenization

Converts raw card data into a safe token. Used by your Card Container to securely handle sensitive payment information without exposing it to your servers.

Overview

The tokenization endpoint allows you to securely convert card details into a temporary token that can be used for payment processing. This keeps sensitive card data out of your system and maintains PCI-DSS compliance.

Important:

Tokens expire after 24 hours
Each token can only be used once for payment processing
Never store raw card data on your servers
This endpoint should be called from your frontend Card Container

Request

Request Body

All fields are required

card_number

The card number (13-19 digits)

expiry_month

Two-digit month (01-12)

expiry_year

Four-digit year (e.g., 2025)

cvv

3-4 digit CVV code

cardholder_name

Name on the card

Code Examples

curl -X POST "https://api.altafinex.com/v1/tokens" \
  -H "Authorization: Bearer YOUR_SECRET_KEY" \
  -H "Content-Type: application/json" \
  -d '{
  "card_number": "4111111111111111",
  "expiry_month": "12",
  "expiry_year": "2025",
  "cvv": "123",
  "cardholder_name": "John Doe"
}'

Response

Status Codes

200

Token created successfully

400

Invalid request data

401

Authentication failed

422

Card validation failed

Success Response

Example response for a successful request

{
  "token_id": "tok_1234567890abcdef",
  "expires_at": "2025-12-31T23:59:59Z",
  "last4": "1111",
  "brand": "visa"
}

Error Response

Example response for an error

{
  "error": {
    "code": "invalid_card",
    "message": "The card number provided is invalid",
    "type": "card_error"
  }
}