Skip to main content
POST
/
external_cards
/
tokens
Create External Card from token
curl --request POST \
  --url https://api-sandbox.synctera.com/v0/external_cards/tokens \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "customer_id": "7d943c51-e4ff-4e57-9558-08cab6b963c7",
  "name": "Jean Valjean",
  "token": "<string>",
  "business_id": "7d943c51-e4ff-4e57-9558-08cab6b963c7"
}
'
import requests

url = "https://api-sandbox.synctera.com/v0/external_cards/tokens"

payload = {
"customer_id": "7d943c51-e4ff-4e57-9558-08cab6b963c7",
"name": "Jean Valjean",
"token": "<string>",
"business_id": "7d943c51-e4ff-4e57-9558-08cab6b963c7"
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
customer_id: '7d943c51-e4ff-4e57-9558-08cab6b963c7',
name: 'Jean Valjean',
token: '<string>',
business_id: '7d943c51-e4ff-4e57-9558-08cab6b963c7'
})
};

fetch('https://api-sandbox.synctera.com/v0/external_cards/tokens', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api-sandbox.synctera.com/v0/external_cards/tokens",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'customer_id' => '7d943c51-e4ff-4e57-9558-08cab6b963c7',
'name' => 'Jean Valjean',
'token' => '<string>',
'business_id' => '7d943c51-e4ff-4e57-9558-08cab6b963c7'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api-sandbox.synctera.com/v0/external_cards/tokens"

payload := strings.NewReader("{\n \"customer_id\": \"7d943c51-e4ff-4e57-9558-08cab6b963c7\",\n \"name\": \"Jean Valjean\",\n \"token\": \"<string>\",\n \"business_id\": \"7d943c51-e4ff-4e57-9558-08cab6b963c7\"\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api-sandbox.synctera.com/v0/external_cards/tokens")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"customer_id\": \"7d943c51-e4ff-4e57-9558-08cab6b963c7\",\n \"name\": \"Jean Valjean\",\n \"token\": \"<string>\",\n \"business_id\": \"7d943c51-e4ff-4e57-9558-08cab6b963c7\"\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api-sandbox.synctera.com/v0/external_cards/tokens")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"customer_id\": \"7d943c51-e4ff-4e57-9558-08cab6b963c7\",\n \"name\": \"Jean Valjean\",\n \"token\": \"<string>\",\n \"business_id\": \"7d943c51-e4ff-4e57-9558-08cab6b963c7\"\n}"

response = http.request(request)
puts response.read_body
{
  "currency": "USD",
  "customer_id": "7d943c51-e4ff-4e57-9558-08cab6b963c7",
  "expiration_month": "06",
  "expiration_year": "25",
  "id": "<string>",
  "last_four": "1234",
  "name": "Jean Valjean",
  "bin": "<string>",
  "created_time": "2010-05-06T12:23:34.321Z",
  "deletion_time": "2010-05-06T12:23:34.321Z",
  "issuer": "<string>",
  "last_modified_time": "2010-05-06T12:23:34.321Z",
  "verifications": {
    "pull_enabled": true,
    "push_enabled": true,
    "pull_details": {
      "country": "US",
      "currency": "USD",
      "network": "<string>",
      "regulated": true
    },
    "push_details": {
      "country": "US",
      "currency": "USD",
      "network": "<string>",
      "regulated": true
    }
  }
}
{
"code": "BAD_REQUEST_BODY",
"detail": "missing required fields: first_name, dob",
"status": 400,
"title": "Bad Request Body",
"type": "https://dev.synctera.com/errors/bad-request-body"
}
{
"code": "BAD_REQUEST_BODY",
"detail": "missing required fields: first_name, dob",
"status": 400,
"title": "Bad Request Body",
"type": "https://dev.synctera.com/errors/bad-request-body"
}
{
"code": "BAD_REQUEST_BODY",
"detail": "missing required fields: first_name, dob",
"status": 400,
"title": "Bad Request Body",
"type": "https://dev.synctera.com/errors/bad-request-body"
}
{
"code": "BAD_REQUEST_BODY",
"detail": "missing required fields: first_name, dob",
"status": 400,
"title": "Bad Request Body",
"type": "https://dev.synctera.com/errors/bad-request-body"
}
{
"code": "BAD_REQUEST_BODY",
"detail": "missing required fields: first_name, dob",
"status": 400,
"title": "Bad Request Body",
"type": "https://dev.synctera.com/errors/bad-request-body"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Headers

Idempotency-Key
string

An idempotency key is an arbitrary unique value generated by client to detect subsequent retries of the same request. It is recommended that a UUID or a similar random identifier be used as an idempotency key. A different key must be used for each request, unless it is a retry.

Example:

"7d943c51-e4ff-4e57-9558-08cab6b963c7"

Body

application/json

Details of the External Card to create

customer_id
string<uuid>
required

The unique identifier of a customer

Example:

"7d943c51-e4ff-4e57-9558-08cab6b963c7"

name
string
required

The cardholder name

Example:

"Jean Valjean"

token
string
required

The token that was returned via tokenization iframe

business_id
string<uuid>

The unique identifier of a business

Example:

"7d943c51-e4ff-4e57-9558-08cab6b963c7"

Response

External Card created

currency
string
required

ISO 4217 Alpha-3 currency code

Required string length: 3
Example:

"USD"

customer_id
string<uuid>
required

The unique identifier of a customer

Example:

"7d943c51-e4ff-4e57-9558-08cab6b963c7"

expiration_month
string
required
read-only
Example:

"06"

expiration_year
string
required
read-only
Example:

"25"

id
string
required

External card ID

last_four
string
required
read-only

The last 4 digits of the card PAN

Example:

"1234"

name
string
required

The cardholder name

Example:

"Jean Valjean"

status
enum<string>
required

Status of an External Card

Available options:
ACTIVE,
DELETED,
SUSPENDED
bin
string

Bank Identification Number

created_time
string<date-time>
Example:

"2010-05-06T12:23:34.321Z"

deletion_time
string<date-time>
Example:

"2010-05-06T12:23:34.321Z"

issuer
string

Name of issuing financial institution

last_modified_time
string<date-time>
Example:

"2010-05-06T12:23:34.321Z"

verifications
object

Verify card passed AVS and CVV checks and if it able to perform PUSH/PULL transfers.