POST
/
card

Authorizations

X-API-Key
string
headerrequired

Authentication from public API requests

Body

application/json
type
enum<string>
required

Specify the type of card you'd like to create. At the moment, only virtual cards are supported.

Available options:
virtual
name
string
required
accountId
string

The ID of the account to create the card under. You can get this by calling GET /account. This field is required unless you are authenticating via API key, in which case it will default to your first commercial account. We recommend supplying this even if you are authenticating via API key.

virtualAccountId
string

The ID of the virtual account to create the card under. Virtual accounts can be retrieved by calling GET /virtual-account.

spendingConstraint
object

A constraint that can be applied to a CardGroupSpendingRule

avsAddress
object
isSingleUse
boolean

Defaults to false. When set to true, the card will be automatically closed after a single authorization attempt. Note that the card will be closed even if the authorization declines or drops

userData
object

Arbitrary information that can be attached to the card. This should be a JSON object and cannot exceed 4kb.

cardGroupId
string

Response

201 - application/json
id
string
required
accountId
string
required

The account that this card is associated with

last4
string
required

The last 4 digits of the card number

name
string
required

The name assigned to the card that appears on the user dashboard

expiryMonth
string
required

The month the card expires formatted as MM (01, 02, ..., 12)

expiryYear
string
required

The year the card expires formatted as YYYY (2024, 2025, ...)

status
enum<string>
required

The status of the card

Available options:
active,
paused,
inactive,
closed
isPhysical
boolean
required

When true, a physical card has been issued. Otherwise, this is a virtual card.

virtualAccountId
string

The virtual account that this card is associated with

isSingleUse
boolean

When true, the card will be automatically closed after a single authorization attempt. Note that the card will be closed even if the authorization declines or drops

pan
string

This field contains the full PAN which will only be sent on a request for a single card when you set the query param "include_pan" to "true"

cvv
string

This field will contain full CVV which will only be sent on a request for a single card when you set the query param "include_pan" to "true"

cardGroupId
string

The card group the card belongs to.

createdAt
string
spendingConstraint
object

The spending constraint applied to the card

avsAddress
object

The avs address locked applied to this card

userData
object

Arbitrary information that can be attached to the card. See the PATCH /card/{cardId} endpoint for more details on how to add user data.