curl https://api.onepay.la/v1/cards/tokenized \
-X POST \
-H "Authorization: Bearer sk_test_xxx" \
-H "Content-Type: application/json" \
-H "x-idempotency: tokenized-card-001" \
-d '{
"card_token": "3f484621-29da-4632-954a-150953707e78",
"customer_id": "9dd4158b-0e45-42bc-b56f-a4c1f856814d",
"authorization": true,
"authentication": {
"cavv": "AAABBEg0VhI0VniQEjRWAAAAAAA=",
"eci": "05",
"ds_trans_id": "f25084f0-5b16-4c0a-ae5d-b24808571000",
"version": "2.2.0",
"status": "Y"
}
}'
const response = await fetch('https://api.onepay.la/v1/cards/tokenized', {
method: 'POST',
headers: {
'Authorization': 'Bearer sk_test_xxx',
'Content-Type': 'application/json',
'x-idempotency': 'tokenized-card-001'
},
body: JSON.stringify({
card_token: '3f484621-29da-4632-954a-150953707e78',
customer_id: '9dd4158b-0e45-42bc-b56f-a4c1f856814d',
authorization: true,
authentication: {
cavv: 'AAABBEg0VhI0VniQEjRWAAAAAAA=',
eci: '05',
ds_trans_id: 'f25084f0-5b16-4c0a-ae5d-b24808571000',
version: '2.2.0',
status: 'Y'
}
})
});
const card = await response.json();
import requests
response = requests.post(
'https://api.onepay.la/v1/cards/tokenized',
headers={
'Authorization': 'Bearer sk_test_xxx',
'Content-Type': 'application/json',
'x-idempotency': 'tokenized-card-001'
},
json={
'card_token': '3f484621-29da-4632-954a-150953707e78',
'customer_id': '9dd4158b-0e45-42bc-b56f-a4c1f856814d',
'authorization': True,
'authentication': {
'cavv': 'AAABBEg0VhI0VniQEjRWAAAAAAA=',
'eci': '05',
'ds_trans_id': 'f25084f0-5b16-4c0a-ae5d-b24808571000',
'version': '2.2.0',
'status': 'Y'
}
}
)
card = response.json()
<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.onepay.la/v1/cards/tokenized",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
"Authorization: Bearer sk_test_xxx",
"Content-Type: application/json",
"x-idempotency: tokenized-card-001"
],
CURLOPT_POSTFIELDS => json_encode([
"card_token" => "3f484621-29da-4632-954a-150953707e78",
"customer_id" => "9dd4158b-0e45-42bc-b56f-a4c1f856814d",
"authorization" => true,
"authentication" => [
"cavv" => "AAABBEg0VhI0VniQEjRWAAAAAAA=",
"eci" => "05",
"ds_trans_id" => "f25084f0-5b16-4c0a-ae5d-b24808571000",
"version" => "2.2.0",
"status" => "Y"
]
])
]);
$response = curl_exec($curl);
$card = json_decode($response, true);
?>
{
"id":"9e01eeae-2868-4564-9d04-84d1d1d027d2",
"brand":"Mastercard",
"last_four":"8099",
"card_name":"Juan Pérez",
"expiration_date":"2026-09-30T00:00:00.000000Z",
"customer_id":"9df8018b-6a28-4696-b7b2-63615f34a2f5",
"created_at":"2025-01-19T18:29:25.000000Z",
"type":"credit_card",
"country":"CO",
"cvc_check":true,
"verified":true,
"title":"Mastercard • 8099",
"method_type":"credit_card",
"action":{
"action":"NULL",
"next":null
}
}
{
"message":"El campo customer id es obligatorio. (y 6 errores m\u00e1s)",
"code":10001,
"code_name":"validation_error",
"errors":{
"customer_id":[
"El campo customer id es obligatorio."
],
"card_number":[
"El campo card number es obligatorio."
],
"expiration_year":[
"El campo expiration year es obligatorio."
],
"expiration_month":[
"El campo expiration month es obligatorio."
],
"ccv":[
"El campo ccv es obligatorio."
],
"holder_name":[
"El campo holder name es obligatorio."
],
"authorization":[
"El campo authorization es obligatorio."
]
}
}
{
"message": "No se puede generar la operación, genera un token de idempotencia y envíelo en los headers como x-idempotency",
"code": 10003,
"code_name": "idempotency_error"
}
Crear tarjetas tokenizadas
Endpoint para registrar una tarjeta que ha sido previamente tokenizada por el SDK.
POST
/
cards
/
tokenized
curl https://api.onepay.la/v1/cards/tokenized \
-X POST \
-H "Authorization: Bearer sk_test_xxx" \
-H "Content-Type: application/json" \
-H "x-idempotency: tokenized-card-001" \
-d '{
"card_token": "3f484621-29da-4632-954a-150953707e78",
"customer_id": "9dd4158b-0e45-42bc-b56f-a4c1f856814d",
"authorization": true,
"authentication": {
"cavv": "AAABBEg0VhI0VniQEjRWAAAAAAA=",
"eci": "05",
"ds_trans_id": "f25084f0-5b16-4c0a-ae5d-b24808571000",
"version": "2.2.0",
"status": "Y"
}
}'
const response = await fetch('https://api.onepay.la/v1/cards/tokenized', {
method: 'POST',
headers: {
'Authorization': 'Bearer sk_test_xxx',
'Content-Type': 'application/json',
'x-idempotency': 'tokenized-card-001'
},
body: JSON.stringify({
card_token: '3f484621-29da-4632-954a-150953707e78',
customer_id: '9dd4158b-0e45-42bc-b56f-a4c1f856814d',
authorization: true,
authentication: {
cavv: 'AAABBEg0VhI0VniQEjRWAAAAAAA=',
eci: '05',
ds_trans_id: 'f25084f0-5b16-4c0a-ae5d-b24808571000',
version: '2.2.0',
status: 'Y'
}
})
});
const card = await response.json();
import requests
response = requests.post(
'https://api.onepay.la/v1/cards/tokenized',
headers={
'Authorization': 'Bearer sk_test_xxx',
'Content-Type': 'application/json',
'x-idempotency': 'tokenized-card-001'
},
json={
'card_token': '3f484621-29da-4632-954a-150953707e78',
'customer_id': '9dd4158b-0e45-42bc-b56f-a4c1f856814d',
'authorization': True,
'authentication': {
'cavv': 'AAABBEg0VhI0VniQEjRWAAAAAAA=',
'eci': '05',
'ds_trans_id': 'f25084f0-5b16-4c0a-ae5d-b24808571000',
'version': '2.2.0',
'status': 'Y'
}
}
)
card = response.json()
<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.onepay.la/v1/cards/tokenized",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
"Authorization: Bearer sk_test_xxx",
"Content-Type: application/json",
"x-idempotency: tokenized-card-001"
],
CURLOPT_POSTFIELDS => json_encode([
"card_token" => "3f484621-29da-4632-954a-150953707e78",
"customer_id" => "9dd4158b-0e45-42bc-b56f-a4c1f856814d",
"authorization" => true,
"authentication" => [
"cavv" => "AAABBEg0VhI0VniQEjRWAAAAAAA=",
"eci" => "05",
"ds_trans_id" => "f25084f0-5b16-4c0a-ae5d-b24808571000",
"version" => "2.2.0",
"status" => "Y"
]
])
]);
$response = curl_exec($curl);
$card = json_decode($response, true);
?>
{
"id":"9e01eeae-2868-4564-9d04-84d1d1d027d2",
"brand":"Mastercard",
"last_four":"8099",
"card_name":"Juan Pérez",
"expiration_date":"2026-09-30T00:00:00.000000Z",
"customer_id":"9df8018b-6a28-4696-b7b2-63615f34a2f5",
"created_at":"2025-01-19T18:29:25.000000Z",
"type":"credit_card",
"country":"CO",
"cvc_check":true,
"verified":true,
"title":"Mastercard • 8099",
"method_type":"credit_card",
"action":{
"action":"NULL",
"next":null
}
}
{
"message":"El campo customer id es obligatorio. (y 6 errores m\u00e1s)",
"code":10001,
"code_name":"validation_error",
"errors":{
"customer_id":[
"El campo customer id es obligatorio."
],
"card_number":[
"El campo card number es obligatorio."
],
"expiration_year":[
"El campo expiration year es obligatorio."
],
"expiration_month":[
"El campo expiration month es obligatorio."
],
"ccv":[
"El campo ccv es obligatorio."
],
"holder_name":[
"El campo holder name es obligatorio."
],
"authorization":[
"El campo authorization es obligatorio."
]
}
}
{
"message": "No se puede generar la operación, genera un token de idempotencia y envíelo en los headers como x-idempotency",
"code": 10003,
"code_name": "idempotency_error"
}
Elementos de captura de datos sensibles
Captura datos sensibles de manera segura y personalizada.
Headers
Token único para garantizar la idempotencia de la petición
Body
Token de la tarjeta tokenizada.
ID del cliente que tokenizó la tarjeta. Crear cliente.
Indica si el usuario ha autorizado débitos automáticos para esta tarjeta.
Datos de autenticación 3D Secure. Envía este campo si realizaste la autenticación 3DS de forma externa.
Show Campos de authentication
Show Campos de authentication
Cardholder Authentication Verification Value. Criptograma generado por el servidor 3DS.
Electronic Commerce Indicator. Indica el resultado de la autenticación (ejemplo:
05, 02, 07).Directory Server Transaction ID. Identificador único de la transacción 3DS.
Transaction ID de la autenticación (usado en 3DS 1.0).
Versión del protocolo 3DS utilizado (ejemplo:
2.2.0).Estado de la autenticación. Valores comunes:
Y (autenticado), A (intento), N (fallido).{
"id":"9e01eeae-2868-4564-9d04-84d1d1d027d2",
"brand":"Mastercard",
"last_four":"8099",
"card_name":"Juan Pérez",
"expiration_date":"2026-09-30T00:00:00.000000Z",
"customer_id":"9df8018b-6a28-4696-b7b2-63615f34a2f5",
"created_at":"2025-01-19T18:29:25.000000Z",
"type":"credit_card",
"country":"CO",
"cvc_check":true,
"verified":true,
"title":"Mastercard • 8099",
"method_type":"credit_card",
"action":{
"action":"NULL",
"next":null
}
}
{
"message":"El campo customer id es obligatorio. (y 6 errores m\u00e1s)",
"code":10001,
"code_name":"validation_error",
"errors":{
"customer_id":[
"El campo customer id es obligatorio."
],
"card_number":[
"El campo card number es obligatorio."
],
"expiration_year":[
"El campo expiration year es obligatorio."
],
"expiration_month":[
"El campo expiration month es obligatorio."
],
"ccv":[
"El campo ccv es obligatorio."
],
"holder_name":[
"El campo holder name es obligatorio."
],
"authorization":[
"El campo authorization es obligatorio."
]
}
}
{
"message": "No se puede generar la operación, genera un token de idempotencia y envíelo en los headers como x-idempotency",
"code": 10003,
"code_name": "idempotency_error"
}
curl https://api.onepay.la/v1/cards/tokenized \
-X POST \
-H "Authorization: Bearer sk_test_xxx" \
-H "Content-Type: application/json" \
-H "x-idempotency: tokenized-card-001" \
-d '{
"card_token": "3f484621-29da-4632-954a-150953707e78",
"customer_id": "9dd4158b-0e45-42bc-b56f-a4c1f856814d",
"authorization": true,
"authentication": {
"cavv": "AAABBEg0VhI0VniQEjRWAAAAAAA=",
"eci": "05",
"ds_trans_id": "f25084f0-5b16-4c0a-ae5d-b24808571000",
"version": "2.2.0",
"status": "Y"
}
}'
const response = await fetch('https://api.onepay.la/v1/cards/tokenized', {
method: 'POST',
headers: {
'Authorization': 'Bearer sk_test_xxx',
'Content-Type': 'application/json',
'x-idempotency': 'tokenized-card-001'
},
body: JSON.stringify({
card_token: '3f484621-29da-4632-954a-150953707e78',
customer_id: '9dd4158b-0e45-42bc-b56f-a4c1f856814d',
authorization: true,
authentication: {
cavv: 'AAABBEg0VhI0VniQEjRWAAAAAAA=',
eci: '05',
ds_trans_id: 'f25084f0-5b16-4c0a-ae5d-b24808571000',
version: '2.2.0',
status: 'Y'
}
})
});
const card = await response.json();
import requests
response = requests.post(
'https://api.onepay.la/v1/cards/tokenized',
headers={
'Authorization': 'Bearer sk_test_xxx',
'Content-Type': 'application/json',
'x-idempotency': 'tokenized-card-001'
},
json={
'card_token': '3f484621-29da-4632-954a-150953707e78',
'customer_id': '9dd4158b-0e45-42bc-b56f-a4c1f856814d',
'authorization': True,
'authentication': {
'cavv': 'AAABBEg0VhI0VniQEjRWAAAAAAA=',
'eci': '05',
'ds_trans_id': 'f25084f0-5b16-4c0a-ae5d-b24808571000',
'version': '2.2.0',
'status': 'Y'
}
}
)
card = response.json()
<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.onepay.la/v1/cards/tokenized",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
"Authorization: Bearer sk_test_xxx",
"Content-Type: application/json",
"x-idempotency: tokenized-card-001"
],
CURLOPT_POSTFIELDS => json_encode([
"card_token" => "3f484621-29da-4632-954a-150953707e78",
"customer_id" => "9dd4158b-0e45-42bc-b56f-a4c1f856814d",
"authorization" => true,
"authentication" => [
"cavv" => "AAABBEg0VhI0VniQEjRWAAAAAAA=",
"eci" => "05",
"ds_trans_id" => "f25084f0-5b16-4c0a-ae5d-b24808571000",
"version" => "2.2.0",
"status" => "Y"
]
])
]);
$response = curl_exec($curl);
$card = json_decode($response, true);
?>
Was this page helpful?
⌘I