Authentication and headers required

The Cardtokens API is a rest full API over HTTPS connection. Data is encrypted using TLS 1.2. Authentication is required for each request using a shared API key added to the HTTP headers.

Two headers must be added to the HTTP request when transmitting the request:

Content-Type: application/json
X-Api-Key: 5251XXX-THE-API-KEY-XXXXX6bd69

The prefix for the endpoint of the Cardtokens API is: https://api.cardtokens.io/api

Cardtokens.io specializes in connecting acquirers, payment service providers (PSPs), and large enterprise merchants seamlessly with major card schemes through a unified API. Our pre-certified solutions include Network Tokenization and Account Updater.

By choosing to integrate with Cardtokens.io, rather than directly with individual card scheme platforms, you can achieve a faster time-to-market as well as substantial reductions in startup costs.