Skip to content
/
Get gateway tokens

Get gateway tokens

Retrieve card data related to a specific gateway token.

Get masked card data

GET
/v1/token-vault/{ownerType}/{ownerId}/vaults/gateway-tokens/{gatewayTokenId}/card-data

Request example

Use the following request to retrieve the masked card data related to a gateway token.

curl -i -X GET \
  https://api-services.pxp.io/api/v1/token-vault/MerchantGroup/MERCHANT-GROUP-1/vaults/gateway-tokens/7f46c09d-d1d1-4f94-9a88-6e8ac32e6341/card-data

Path parameters

ParameterDescription
ownerId
string (0 to 20 characters)
required		The unique identifier of the entity that owns the token.
ownerType
string (enum)
required		The type of entity that owns the token.

Possible values:
  • Referrer
  • MerchantGroup
  • Merchant
  • Site
gatewayTokenId
string (UUID)
required		The gateway token ID represents a securely stored token that corresponds to a previously saved payment card. This token is generated and maintained by PXP to facilitate recurring transactions or transactions using stored card details, ensuring enhanced security and convenience. When a transaction is performed with a saved card, this token Id should be provided instead of the full card details. This approach enhances security by reducing the exposure of sensitive card information and simplifies the transaction process for returning customers.

Response example

If your request is successful, you'll receive a 200 response that includes the partially-masked Primary Account Number (PAN).

{
  "maskedPrimaryAccountNumber": "123456******7890",
  "expiryMonth": "12",
  "expiryYear": "2025",
  "holderName": "Mr John Doe",
  "fundingSource": "Credit"
}
ParameterDescription
maskedPrimaryAccountNumber
string		A partially masked version of the card's Primary Account Number (PAN), typically showing only the first six and last four digits.
expiryMonth
string (1 to 2 characters)		The expiry month of the card.
expiryYear
string (4 characters)		The expiry year of the card.
holderName
string		The full name of the individual who owns the payment card. This is printed on the physical card and is used to verify the cardholder's identity. It should be treated with confidentiality to safeguard the cardholder's privacy and prevent potential misuse.
fundingSource
string		The funding source type.

Get encrypted card data

GET
/v1/token-vault/{ownerType}/{ownerId}/vaults/gateway-tokens/{gatewayTokenId}/card-data/encrypted

Request example

Use the following request to retrieve the encrypted card data related to a gateway token.

curl -i -X GET \
  https://api-services.pxp.io/api/v1/token-vault/MerchantGroup/MERCHANT-GROUP-1/vaults/gateway-tokens/7f46c09d-d1d1-4f94-9a88-6e8ac32e6341/card-data/encrypted
ParameterDescription
ownerId
string (0 to 20 characters)
required		The unique identifier of the entity that owns the token.
ownerType
string (enum)
required		The type of entity that owns the token.

Possible values:
  • Referrer
  • MerchantGroup
  • Merchant
  • Site
gatewayTokenId
string (UUID)
required		The gateway token ID represents a securely stored token that corresponds to a previously saved payment card. This token is generated and maintained by PXP to facilitate recurring transactions or transactions using stored card details, ensuring enhanced security and convenience. When a transaction is performed with a saved card, this token Id should be provided instead of the full card details. This approach enhances security by reducing the exposure of sensitive card information and simplifies the transaction process for returning customers.

Response example

If your request is successful, you'll receive a 200 response that includes an encrypted version of the Primary Account Number (PAN) and cardholder name.

{
  "encryptedPrimaryAccountNumber": "QWxhZGRpbjpvcGVuIHNlc2FtZQ==",
  "expiryMonth": "12",
  "expiryYear": "2025",
  "encryptedHolderName": "Sm9obiBEb2U=",
  "fundingSource": "Credit"
}
ParameterDescription
encryptedPrimaryAccountNumber
string
required		An encrypted version of the card's Primary Account Number (PAN).
expiryMonth
string (1 to 2 characters)
required		The expiry month of the card.
expiryYear
string (4 characters)
required		The expiry year of the card.
encryptedholderName
string
required		An encrypted version of the full name of the individual who owns the payment card.
fundingSource
string		The funding source type.
©2025 PXP Financial. PXP Financial Registered Office: The Corn Mill - 1 Roydon Road - Stanstead Abbotts - Hertfordshire - SG12 8XL - United Kingdom Phone +44 2038850598. PXP Financial is Authorised By The Financial Conduct Authority And Our Financial Services Register Number is 504318.