The /tokenize endpoint is designed to securely vault credit card information after every checkout. A tokenized representation of the card information is returned.

Store that token for later use in case of payment decline.

You can send that request in parallel to the Payment Authorization request. If you are already tokenizing with a partner, you can tokenize twice.

Overview

Tokenize and store encrypted credit card information on every checkout.

1. Request

Query parameters


`mid`	Your FlexCharge Merchant Identification Number. Get your Mid
`Environment`	Your unique Tokenization key. Get your key.

Log into into your Sandbox. Go to section Developers > Tokenization get both your Tokenization endpoint and Environment.

Body parameters


payment_method	Object	Required	Contains `creditCard` object:
sense_key	String	Optional	Provide the key generated by senseJS during the checkout.
credit_card	Object	Required	Required fields for this object:
credit_card.first_name	String	Required	Provide name holder.
credit_card.last_name	String	Required	Provide name holder.
credit_card.number	String	Required	Provide credit card number to tokenize.
credit_card.verification_value (CVV)	String	Recommended	CVV: Provide this value if you have it. Leave empty if not.
credit_card.month	String	Required	Provide this value if you have it. Leave empty if not. Format: MM
credit_card.year	String	Required	Format: YYYY

❗️
Real financial data cannot be used in the Sandbox.
Please use our whitelisted test credit cards.

Request example

curl --location -g --request POST '
  https://api-sandbox.flex-charge.com/v1/tokenize?mid={Your mid}&environment={Your Tokenization Key}' \
--header 'Content-Type: application/json' \
--data-raw '{
  "payment_method": {
    	"sense_key": "XXX", //provide the key generated by SenseJS during the checkout
      "credit_card": {
        "first_name": "Joe",
        "last_name": "Jones",
        "number": "4111111111111111",
        "verification_value": "999", //That's the CVV
        "month": "03", // provide 2 numbers
        "year": "2025", // provide 4 numbers
      }
  }
}'

2. Response

{
  "transaction": {
    "payment_method": {
      "token": "baf4abdc-14a3-4458-abfb-c856c711b9c7", //this is the tokenized payment method
      "created_at": "2023-09-03T13:34:17.8720707Z",
      "updated_at": "2023-09-03T13:34:17.8720709Z",
      "email": null,
      "data": null,
      "storage_state": null,
      "test": false,
      "metadata": null,
      "last_four_digits": "1111",
      "first_six_digits": "411111",
      "month": 3,
      "year": 2025,
    }
  },
   "success": true,
   "result": null,
   "status": null,
   "statusCode": null,
   "errors": [],
   "customProperties": {}
 }

3. Token storage

The returned token must be stored in your database for future use, you will need it in case of payment decline.

A payment decline can happen immediately after tokenization (in case of CIT) of a few months after tokenization (in case of MIT).

❕
This vaulted token will not expire.

Store transaction.payment_method.token in alongside with these fields:

paymentMethod information


`holderName`	string	required	Use `creditCard.first_name` and `creditCard.last_name`
`cardType`	string	required	E.g.: Credit, Debit, Prepaid Card
`cardBrand`	string	required	E.g.: VISA, Mastercard, AMEX, etc.
`cardCountry`	string	required	ISO 3166-1 alpha-2 country code (2-letter)
`cardIssuer`	string	optional
`cardLevel`	string	optional
`cardFingerprint`	string	optional
`expirationMonth`	integer	required	Provide this value if you have it. Leave empty if not. Format: MM
`expirationYear`	integer	required	Format: YYYY
`cardBinNumber`	string	required	Use the returned `transaction.first_six_digits`
`cardLast4Digits`	string	required	Use the returned `transaction.last_four_digits`
`cardNumber`	string	required	Use the returned `transaction.payment_method.token`

4. Retrieve that token for /evaluate

On a payment decline, you will need to look up the paymentMethod information and include it in your call to /evaluate.