Types of Token Credentials

Our system supports four types of token credentials. These are derived from a combination of two key parameters:

1. isPciDss:

   This parameter determines how the PAN (Primary Account Number) is returned in the response for GET requests:

   1. When true, the PAN will be displayed as a clear PAN in the response. This is exactly the petameter that will be available in the token

      

   2. When false, The PAN will be displayed as a masked PAN in the response.

2. role:

   The role defines the backend functionalities accessible for a specific channel. This is entirely managed by our CMS (Card Management System). The two possible values are:

   1. Bank
      1. Example: If a card status (block code) is marked as “Cancelled by Bank,” this status can be restricted from being used by bank channels. These channels will operate using a token configured with the Bank role.
   2. Cardholder
      1. Example: If a card status (block code) is marked as “Cancelled by Cardholder,” this status can be restricted from being used by cardholder channels (such as mobile applications). These channels will operate using a token configured with the Cardholder role.

Key Notes

• The four combinations of token credentials arise from the combinations of these two parameters (isPciDss and Role).
• While all four combinations are optional, at least one of these configurations must be set up to operate effectively.

Sample Token Credentials:

• isPciDss = true

  • client_id: 8eb2b415-a078-48bd-9504-2f4195605a79870181
  • client_secret: 2IrpbTn3t43LCkdOvFBKB4pnUzsHxpwB

• isPciDss = false

  • client_id: 1c36b9e6-a4b1-4dbb-847c-f5aebce4b383545546
  • client_secret: NtNaBKN6OCb1rAx2GGyeNp4cRFd6ALoJ