Create a Card Payment Method

This endpoint allows you to create a new credit or debit card payment method by securely tokenizing the card details. However, using this server-side API solution increases the PCI DSS compliance requirements for your application. For most use cases, it is strongly recommended to use Stax.js, a browser-side solution, to minimize compliance obligations.

Key Features

Tokenizes sensitive card data for secure storage and future use in transactions.
Associates the payment method with a customer if a customer_id is provided.
Provides a tokenized representation of the card without storing sensitive details like the full card number or CVV.

Usage Notes

PCI Compliance:

Using the server-side solution expands your PCI scope and requires an annual SAQ-D assessment.
Avoid handling sensitive card details server-side unless absolutely necessary.
For reduced risk and liability, use Stax.js for tokenization.

Supported Card Details: Ensure that the provided card details, including the number, expiration date, and CVV, are valid.

Customer Association: Include a customer_id to associate the card with an existing customer. If no customer_id is provided, the card will not be linked to a customer.

Error Handling: Invalid or expired cards will result in a validation error.

Response Structure

Code	Response	Reason
200	Success	A successful response returns the tokenized payment method
400	Bad Request	Invalid or missing card details.
401	Unauthorized	Authentication failed.
422	Unprocessable Entity	Validation error for card information (e.g., expired card, invalid number).
500	Internal Server Error	An unexpected error occurred on the server.

Important Considerations

PCI Compliance: Avoid using this server-side API for credit card tokenization unless absolutely necessary. Always prioritize using Stax.js.

Card Validation: Stax does not store the full card number or CVV; these are only used during tokenization.

Customer Association: Linking the card to a customer ensures easier future retrieval.