Token API

The Token API allows you to retrieve information about tokens. A token represents a card and can be used only one time wherever a card is required. Once created, tokens can be converted to cards for attachment to customers for future charges. Tokens are designed to be generated by Omise.js, but the Token API allows for the generation of tokens strictly for internal testing only.

Full credit card data should never go through your server.
Do not send the credit card data to Omise from your servers directly.
You must send the card data from the client browser via Javascript (Omise-JS).
The methods described on this page should only be used with fake data in test mode (e.g.: quickly creating some fake data, testing our API from a terminal, etc.). If you are PCI-DSS compliant, sending card data from server requires a valid PCI-DSS certification. You can learn more about this in Security Best Practices

Attribute

Name Type Description
object string

The string token.

id object_id

The TOKEN_ID matching /tokn(_test)?_[0-9a-z]+/.

livemode boolean

Whether this is a live (true) or test (false) token.

location string

API path to retrieve the current token object.

card card

Card details.

created datetime

UTC datetime of the creation of the token in ISO 8601 format (YYYY-MM-DDThh:mm:ssZ).

used boolean

Whether the token has been used. Tokens can be used only once eithr to make a charge or to associate as a new card on a customer.

Example

  • Json Response

Create a token

- POST https://vault.omise.co/tokens

Request Parameter

Name Type Description
card[name] string

(required) The cardholder name as printed on the card.

card[number] string

(required) The card number. Note that the number you pass can contains spaces and dashes but will be stripped from the response.

card[expiration_month] integer

(required) The expiration month printed on the card in the format M or MM.

card[expiration_year] integer

(required) The expiration year printed on the card in the format YYYY.

card[security_code] string

(optional) The security code (CVV, CVC, etc) printed on the back of the card.

card[city] string

(optional) The city where the card was issued.

card[postal_code] string

(optional) The postal code from the city where the card was issued.

Example

  • Create a token

Retrieve a token

- GET https://vault.omise.co/tokens/TOKEN_ID

Example

  • Retrieve a token