Shell HTTP JavaScript Node.JS Ruby Python Java Go

Cards v0.5.0

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

Monitor and manage debit cards associated with a bank account.

This API defines operations for the following resources:

This API provides the following features to bank users:

This API provides the following features to financial institution administrative users:

Note: The default representation of a card returns only the masked card number. To include the full card number, use the ?unmasked=true query parameter on the request.

Download OpenAPI Definition (YAML)

Base URLs:

Terms of service

Email: Apiture Web: Apiture

Authentication

Scope Scope Description
card/read Read access to cards and card replacements.
card/write Write (update) access to cards and card replacements.
card/delete Delete access to cards and card replacements.
card/full Full access to cards and card replacements.

API

Endpoints which describe this API.

getApi

Code samples

# You can also use wget
curl -X GET /cards/ \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY'

GET /cards/ HTTP/1.1

Accept: application/hal+json

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: '/cards/',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY'

};

fetch('/cards/',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get '/cards/',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY'
}

r = requests.get('/cards/', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "/cards/", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Top-level resources and operations in this API

GET /

Return links to the top-level resources and operations in this API.

Example responses

200 Response

{
  "id": "apiName",
  "name": "API name",
  "apiVersion": "1.0.0",
  "_profile": "https://api.apiture.com/schemas/common/root/v1.0.0/profile.json",
  "_links": {}
}

Responses

StatusDescription
200 OK
OK
Schema: root

getApiDoc

Code samples

# You can also use wget
curl -X GET /cards/apiDoc \
  -H 'Accept: application/json' \
  -H 'API-Key: API_KEY'

GET /cards/apiDoc HTTP/1.1

Accept: application/json

var headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

$.ajax({
  url: '/cards/apiDoc',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'API-Key':'API_KEY'

};

fetch('/cards/apiDoc',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'API-Key' => 'API_KEY'
}

result = RestClient.get '/cards/apiDoc',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/json',
  'API-Key': 'API_KEY'
}

r = requests.get('/cards/apiDoc', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/apiDoc");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "API-Key": []string{"API_KEY"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "/cards/apiDoc", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return API definition document

GET /apiDoc

Return the OpenAPI document that describes this API.

Example responses

200 Response

{}

Responses

StatusDescription
200 OK
OK
Schema: Inline

Response Schema

Card Requests

Requests to issue new or replacement cards

getCardRequests

Code samples

# You can also use wget
curl -X GET /cards/cardRequests \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET /cards/cardRequests HTTP/1.1

Accept: application/hal+json

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cardRequests',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cardRequests',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get '/cards/cardRequests',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('/cards/cardRequests', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cardRequests");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "/cards/cardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a collection of card requests

GET /cardRequests

Return a paginated sortable filterable searchable collection of requests for new or replacement card. The links in the response include pagination links.

For bank users, this collection only returns card requests that the user has created or which apply to their cards.

Parameters

Parameter Description
start
(query)
integer(int64)
The zero-based index of the first card request item to include in this page. The default 0 denotes the beginning of the collection.
limit
(query)
integer(int32)
The maximum number of card request representations to return in this page.
sortBy
(query)
string
Optional sort criteria. See sort criteria format, such as ?sortBy=field1,-field2.
filter
(query)
string
Optional filter criteria. See filtering.
q
(query)
string
Optional search string. See searching.
state
(query)
string
Filter responses to list only cards in the listed state or |-separated set of states. Examples: ?state=submitted , ?state=canceled|completed|rejected
Enumerated values:
pending
submitted
canceled
rejected
completed
submittedOn
(query)
string(date)
Filter the response to card requests submitted on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?submittedDate=2019-06-10 or ?submittedDate=2019-06-10|2019-06-08|2019-06-07
modifiedOn
(query)
string(date)
Filter the response to card requests last modified on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?modifiedOn=2019-06-10 or ?modifiedOn=2019-06-10|2019-06-08|2019-06-07
resolvedOn
(query)
string(date)
Filter the response to card requests resolved on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?resolvedOn=2019-06-10 or ?resolvedOn=2019-06-10|2019-06-08|2019-06-07
modifiedBy
(query)
string
Filter the response to card requests resolved by the user named by this user ID.

Example responses

200 Response

{
  "_profile": "https://api.apiture.com/schemas/cards/cardRequests/v1.0.0/profile.json",
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cardRequests",
  "_links": {
    "self": {
      "href": "/cards/cardRequests?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cardRequests?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cardRequests?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cardRequests"
    }
  },
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cardRequests/0399abed-fd3d-4830-a88b-30f38b8a365c"
          }
        }
      },
      {
        "_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
        "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cardRequests/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Responses

StatusDescription
200 OK
OK
Schema: cardRequests
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

createCardRequest

Code samples

# You can also use wget
curl -X POST /cards/cardRequests \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/cardRequests HTTP/1.1

Content-Type: application/hal+json
Accept: application/hal+json

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cardRequests',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "_links": {
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cardRequests',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/cardRequests',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/cardRequests', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cardRequests");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/cardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Request a new or replacement card

POST /cardRequests

Request a new or replacement card by creating a new card request resource, adding it to the cardRequests collection.

Body parameter

{
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "_links": {
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Parameters

Parameter Description
body
(body)
createCardRequest (required)
The data necessary to create a new card request resource.

Example responses

201 Response

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Responses

StatusDescription
201 Created
Created
Schema: cardRequest
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
201 Location string uri
The URI of the new resource. If the URI begins with / it is relative to the API root context. Else, it is a full URI starting with scheme://host
201 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

getCardRequest

Code samples

# You can also use wget
curl -X GET /cards/cardRequests/{cardRequestId} \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET /cards/cardRequests/{cardRequestId} HTTP/1.1

Accept: application/hal+json
If-None-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cardRequests/{cardRequestId}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cardRequests/{cardRequestId}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get '/cards/cardRequests/{cardRequestId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('/cards/cardRequests/{cardRequestId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cardRequests/{cardRequestId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "/cards/cardRequests/{cardRequestId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a representation of this card request

GET /cardRequests/{cardRequestId}

Return a HAL representation of this card request resource.

Parameters

Parameter Description
cardRequestId
(path)
string (required)
The unique identifier of this card request resource. This is an opaque string.
If-None-Match
(header)
string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET will return 304 (Not Modified) and no response body, else the resource representation will be returned.

Example responses

200 Response

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Responses

StatusDescription
200 OK
OK
Schema: cardRequest
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
404 Not Found
Not Found. There is no such card card request resource at the specified {cardRequestId}. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update this card request resource.

updateCardRequest

Code samples

# You can also use wget
curl -X PUT /cards/cardRequests/{cardRequestId} \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PUT /cards/cardRequests/{cardRequestId} HTTP/1.1

Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cardRequests/{cardRequestId}',
  method: 'put',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');
const inputBody = '{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cardRequests/{cardRequestId}',
{
  method: 'PUT',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.put '/cards/cardRequests/{cardRequestId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.put('/cards/cardRequests/{cardRequestId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cardRequests/{cardRequestId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PUT", "/cards/cardRequests/{cardRequestId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update this card request

PUT /cardRequests/{cardRequestId}

Perform a complete update of this card request resource.

Body parameter

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Parameters

Parameter Description
cardRequestId
(path)
string (required)
The unique identifier of this card request resource. This is an opaque string.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body
(body)
cardRequest (required)

Example responses

200 Response

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Responses

StatusDescription
200 OK
OK
Schema: cardRequest
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
404 Not Found
Not Found. There is no such card card request resource at the specified {cardRequestId}. The _error field in the response will contain details about the request error.
Schema: errorResponse
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update this card request resource.

patchCardRequest

Code samples

# You can also use wget
curl -X PATCH /cards/cardRequests/{cardRequestId} \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PATCH /cards/cardRequests/{cardRequestId} HTTP/1.1

Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cardRequests/{cardRequestId}',
  method: 'patch',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');
const inputBody = '{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cardRequests/{cardRequestId}',
{
  method: 'PATCH',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.patch '/cards/cardRequests/{cardRequestId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.patch('/cards/cardRequests/{cardRequestId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cardRequests/{cardRequestId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PATCH");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PATCH", "/cards/cardRequests/{cardRequestId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Patch this card request

PATCH /cardRequests/{cardRequestId}

Perform a partial update of this card request. Fields which are omitted are not updated. Nested _embedded and _links are ignored if included.

Body parameter

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Parameters

Parameter Description
cardRequestId
(path)
string (required)
The unique identifier of this card request resource. This is an opaque string.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body
(body)
cardRequest (required)

Example responses

200 Response

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Responses

StatusDescription
200 OK
OK
Schema: cardRequest
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
404 Not Found
Not Found. There is no such card card request resource at the specified {cardRequestId}. The _error field in the response will contain details about the request error.
Schema: errorResponse
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update this card request resource.

deleteCardRequest

Code samples

# You can also use wget
curl -X DELETE /cards/cardRequests/{cardRequestId} \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

DELETE /cards/cardRequests/{cardRequestId} HTTP/1.1

var headers = {
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cardRequests/{cardRequestId}',
  method: 'delete',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cardRequests/{cardRequestId}',
{
  method: 'DELETE',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.delete '/cards/cardRequests/{cardRequestId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.delete('/cards/cardRequests/{cardRequestId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cardRequests/{cardRequestId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("DELETE");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("DELETE", "/cards/cardRequests/{cardRequestId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Delete this card request resource

DELETE /cardRequests/{cardRequestId}

Delete this card request resource and any resources that are owned by it. This effectively cancels the card request request.

Parameters

Parameter Description
cardRequestId
(path)
string (required)
The unique identifier of this card request resource. This is an opaque string.

Responses

StatusDescription
204 No Content
No Content. The resource was deleted successfully.

Card Request Actions

Actions on card requests

completeCardRequest

Code samples

# You can also use wget
curl -X POST /cards/completedCardRequests?cardRequest=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/completedCardRequests?cardRequest=string HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/completedCardRequests',
  method: 'post',
  data: '?cardRequest=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/completedCardRequests?cardRequest=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/completedCardRequests',
  params: {
  'cardRequest' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/completedCardRequests', params={
  'cardRequest': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("/cards/completedCardRequests?cardRequest=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/completedCardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Complete a card request

POST /completedCardRequests

Mark a card request as completed when the card has been issued. This changes the state property of the card request to completed. This operation is available via the apiture:complete link on the card request resource, if and only if the card request is eligible for the complete operation. Only the FI admin may invoke this operation. The responses is the updated representation of the card request. The If-Match request header value must match the current entity tag value of the card request.

Parameters

Parameter Description
cardRequest
(query)
string (required)
A string which uniquely identifies a card request which is to added to the canceled card requests resource set. This may be the unique cardRequestId or the URI of the card request.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card request was updated and its state changed to completed.
Schema: cardRequest
400 Bad Request
Bad Request. The cardRequest parameter was malformed or does not refer to an existing or accessible card request.
Schema: errorResponse
409 Conflict
Conflict. The request to complete the card request is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

rejectCardRequest

Code samples

# You can also use wget
curl -X POST /cards/rejectedCardRequests?cardRequest=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/rejectedCardRequests?cardRequest=string HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/rejectedCardRequests',
  method: 'post',
  data: '?cardRequest=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/rejectedCardRequests?cardRequest=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/rejectedCardRequests',
  params: {
  'cardRequest' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/rejectedCardRequests', params={
  'cardRequest': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("/cards/rejectedCardRequests?cardRequest=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/rejectedCardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Reject a card request

POST /rejectedCardRequests

Mark a card request as rejected. This changes the state property of the card request to rejected. Only the FI admin may invoke this operation.

This operation is available via the apiture:reject link on the card request resource, if and only if the card request is eligible for the reject operation. The responses is the updated representation of the card request. The If-Match request header value, if passed, must match the current entity tag value of the card request.

Parameters

Parameter Description
cardRequest
(query)
string (required)
A string which uniquely identifies a card request which is to added to the canceled card requests resource set. This may be the unique cardRequestId or the URI of the card request.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card request was updated and its state changed to rejected.
Schema: cardRequest
400 Bad Request
Bad Request. The cardRequest parameter was malformed or does not refer to an existing or accessible card request.
Schema: errorResponse
409 Conflict
Conflict. The request to reject the card request is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

cancelCardRequest

Code samples

# You can also use wget
curl -X POST /cards/canceledCardRequests?cardRequest=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/canceledCardRequests?cardRequest=string HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/canceledCardRequests',
  method: 'post',
  data: '?cardRequest=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/canceledCardRequests?cardRequest=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/canceledCardRequests',
  params: {
  'cardRequest' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/canceledCardRequests', params={
  'cardRequest': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("/cards/canceledCardRequests?cardRequest=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/canceledCardRequests", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Cancel a card request

POST /canceledCardRequests

Cancel a card replacement request. This changes the state property of the card request to canceled. This operation is available via the apiture:cancel link on the card request resource, if and only if the card request is eligible for the cancel operation. The responses is the updated representation of the card request. The If-Match request header value, if passed, must match the current entity tag value of the card request.

Parameters

Parameter Description
cardRequest
(query)
string (required)
A string which uniquely identifies a card request which is to added to the canceled card requests resource set. This may be the unique cardRequestId or the URI of the card request.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card request was updated and its state changed to canceled.
Schema: cardRequest
400 Bad Request
Bad Request. The cardRequest parameter was malformed or does not refer to an existing or accessible card request.
Schema: errorResponse
409 Conflict
Conflict. The request to cancel the card request is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

Card Actions

Actions on debit and other cards

activateCard

Code samples

# You can also use wget
curl -X POST /cards/activeCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/activeCards?card=string HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/activeCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/activeCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/activeCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/activeCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("/cards/activeCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/activeCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Activate a card

POST /activeCards

Change a card's state to active. Bank customers may use this operation to unlock a card that they have locked with the lockCard operation. This changes the state property of the card to active. The back end or admins may also activate a requested card after a card request has been approved. Bank users may not use this operation for activating their new cards.

This operation is available via the apiture:activate link on the card resource, if and only if the activation operation is available. The responses is the updated representation of the card. The If-Match request header value must match the current entity tag value of the card.

Parameters

Parameter Description
card
(query)
string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to active.
Schema: card
400 Bad Request
Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.
Schema: errorResponse
409 Conflict
Conflict. The request to activate the card is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

lockCard

Code samples

# You can also use wget
curl -X POST /cards/lockedCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/lockedCards?card=string HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/lockedCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/lockedCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/lockedCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/lockedCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("/cards/lockedCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/lockedCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Lock a card

POST /lockedCards

Lock a card so that it be used for debits or other financial activity. (This differs from locking the entire account.) This is also referred to a placing a hold on the card. This is one step before reporting a card as lost or stolen. A user can unlock the card (restore it to the normal, active state) by using the activateCard operation. This is a self-service operation which a card holder may take if they want to prevent fraudulent use of the card, such as if they have misplaced it (but expect to find it again), or will be out of the country.

This operation changes the state property of the card to locked. This operation is available via the apiture:lock link on the card resource, if and only if the card is eligible for the lock operation. The responses is the updated representation of the card. The If-Match request header value must match the current entity tag value of the card.

Parameters

Parameter Description
card
(query)
string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to locked.
Schema: card
400 Bad Request
Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.
Schema: errorResponse
409 Conflict
Conflict. The request to lock the card is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

freezeCard

Code samples

# You can also use wget
curl -X POST /cards/frozenCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/frozenCards?card=string HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/frozenCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/frozenCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/frozenCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/frozenCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("/cards/frozenCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/frozenCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Freeze a card

POST /frozenCards

Freeze a card for suspicion of fraud, security, or other reasons. The financial institution (FI) freezes cards when there is evidence of fraudulent use or other suspicious activity. This is not tied to freezing the associated account. Only the FI can freeze a card.

This changes the state property of the card to frozen. This operation is available via the apiture:freeze link on the card resource, if and only if the card is eligible for the freeze operation. The responses is the updated representation of the card. The If-Match request header value, if passed, must match the current entity tag value of the card.

Parameters

Parameter Description
card
(query)
string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to frozen.
Schema: card
400 Bad Request
Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.
Schema: errorResponse
409 Conflict
Conflict. The request to freeze the card is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

unfreezeCard

Code samples

# You can also use wget
curl -X POST /cards/unfrozenCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/unfrozenCards?card=string HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/unfrozenCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/unfrozenCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/unfrozenCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/unfrozenCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("/cards/unfrozenCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/unfrozenCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Unfreeze a card

POST /unfrozenCards

Unfreeze a card. Change the state property of the card back to the state it had before freezing (active or locked). Only the FI may unfreeze cards. This operation is available via the apiture:unfreeze link on the card resource, if and only if the card is eligible for the unfreeze operation. The responses is the updated representation of the card. The If-Match request header value, if passed, must match the current entity tag value of the card.

Parameters

Parameter Description
card
(query)
string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to unfrozen.
Schema: card
400 Bad Request
Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.
Schema: errorResponse
409 Conflict
Conflict. The request to unfreeze the card is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

dissociateCard

Code samples

# You can also use wget
curl -X POST /cards/dissociatedCards \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/dissociatedCards HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/dissociatedCards',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/dissociatedCards',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/dissociatedCards',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/dissociatedCards', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/dissociatedCards");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/dissociatedCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Dissociate a user or account from card

POST /dissociatedCards

Remove the association of the card to a user or account. This can happen when a user is removed from an account, such as an authorized signer being removed from a business account, or a joint owner removed from a personal account. This allows the financial institution to suspend maintenance of cards that are not in use. The financial institution may either close the card or assign it to another user at a later time.

The caller can either specify a specific card to process, or the caller can pass in either a user or an account to dissociate all cards for the named user or account.

This changes the state property of the card to unassociated. The responses is the updated representation of the card. The If-Match request header value, if passed, must match the current entity tag value of the card.

Parameters

Parameter Description
card
(query)
string
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card. One of card, user or account is required.
user
(query)
string
The ID of the user to dissociate from the card. One of card, user or account is required.
account
(query)
string
The ID of the account to dissociate from the card. Note: This is the resource ID ({accountId}) of the account and not the account number. One of card, user or account is required.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to frozen.
Schema: card
400 Bad Request
Bad Request. The card, user, or account query parameter was malformed or does not refer to an existing card, user, or account
Schema: errorResponse
409 Conflict
Conflict. The request to dissociate the card is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

closeCard

Code samples

# You can also use wget
curl -X POST /cards/closedCards?card=string \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/closedCards?card=string HTTP/1.1

Accept: application/hal+json
If-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/closedCards',
  method: 'post',
  data: '?card=string',
  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/closedCards?card=string',
{
  method: 'POST',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/closedCards',
  params: {
  'card' => 'string'
}, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/closedCards', params={
  'card': 'string'
}, headers = headers)

print r.json()

URL obj = new URL("/cards/closedCards?card=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/closedCards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Close a card

POST /closedCards

Update a card by adding it to the set of closed cards. This changes the state property of the card to closed. This operation is available via the apiture:close link on the card resource, if and only if the card is eligible for the close operation. The responses is the updated representation of the card. The If-Match request header value, if passed, must match the current entity tag value of the card.

Parameters

Parameter Description
card
(query)
string (required)
A string which uniquely identifies a card. This may be the unique {cardId} or the URI of the card.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK. The operation succeeded. The card was updated and its state changed to closed.
Schema: card
400 Bad Request
Bad Request. The card parameter was malformed or does not refer to an existing or accessible card.
Schema: errorResponse
409 Conflict
Conflict. The request to close the card is not allowed. The _error field in the response will contain details about the request error.
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

Card

getCards

Code samples

# You can also use wget
curl -X GET /cards/cards \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET /cards/cards HTTP/1.1

Accept: application/hal+json

var headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cards',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cards',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get '/cards/cards',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('/cards/cards', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cards");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "/cards/cards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a collection of cards

GET /cards

Return a paginated sortable filterable searchable collection of cards. The links in the response include pagination links.

For bank users, this collection only returns items for their cards.

There is another version of this operation which allows getting a list of cards based on the query constraints passed in the request body; see the getCardsForAccount operation.

Parameters

Parameter Description
start
(query)
integer(int64)
The zero-based index of the first card item to include in this page. The default 0 denotes the beginning of the collection.
limit
(query)
integer(int32)
The maximum number of card representations to return in this page.
sortBy
(query)
string
Optional sort criteria. See sort criteria format, such as ?sortBy=field1,-field2.
filter
(query)
string
Optional filter criteria. See filtering.
q
(query)
string
Optional search string. See searching.
unmasked
(query)
boolean
When requesting a card, the full card number is not included in the response by default, for security reasons. Include this query parameter, with a value of true, to request that the response body includes the card account number. Such requests are auditable.
account
(query)
string
Filter cards to only those for the account with the account ID named in this query parameter. (By default, the list is pre-filtered to only accounts that the user has access to; this further narrows that list. FI admins can use this to view cards for a user.) This can match exactly one account ID, or a set of |-separated IDs This parameter is mutually exclusive with ?accountName=. Examples: ?account=d8631e97-e9d7-4902-bf19-a223db933809 or ?account=d8631e97-e9d7-4902-bf19-a223db933809|493e36b3-4545-48ca-a1e0-fd89d651283b.
accountName
(query)
string
Filter cards to those whose account name matches this value. This can match exactly one account name, or a set of |-separated names. This parameter is mutually exclusive with ?account=. Examples: ?accountName=My%20Basic%20Savings or ?accountName=My%20Basic%20Savings|My%20Joint%02Savings.
accountType
(query)
string
Filter cards based whose corresponding account type matches this value. This can match exactly one type, or a set of |-separated states. Examples: ?accountCategory=SDA , ?accountCategory=SDA|DDA
accountCategory
(query)
string
Filter cards based whose corresponding account category matches this value. This can match exactly one category, or a set of |-separated states. Examples: ?accountCategory=Savings , ?accountCategory=Savings|Checking
state
(query)
string
Filter cards on the state of the card. This can match exactly one state, or a set of |-separated states. Examples: ?state=requested , ?state=lost|stolen|damaged.
Enumerated values:
requested
issued
active
locked
lost
stolen
damaged
frozen
unassociated
closed
replacementState
(query)
string
Filter the response to card by the state of their replacement states. This can match exactly one state, or a set of |-separated states. Examples: ?replacementState=requested , ?replacementState=replacedWithSameNumber|replacedWithNewNumber
Enumerated values:
none
requested
replacedWithSameNumber
replacedWithNewNumber
modifiedOn
(query)
string(date)
Filter the response to cards last modified on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?modifiedOn=2019-06-10 , ?modifiedOn=2019-06-10|2019-06-08|2019-06-07
issuedOn
(query)
string(date)
Filter the response to cards issued on this date or set of |-separated dates. Dates are in RFC 3339 YYYY-MM-DD format. Examples: ?issuedOn=2019-06-10 , ?issuedOn=2019-06-10|2019-06-08|2019-06-07
modifiedBy
(query)
string
Filter the response to card requests resolved by the user named by this user ID.

Example responses

200 Response

{
  "_profile": "https://api.apiture.com/schemas/cards/cards/v1.0.0/profile.json",
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cards",
  "_links": {
    "self": {
      "href": "/cards/cards?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cards?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cards?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cards"
    }
  },
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
          }
        }
      },
      {
        "_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
        "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cards/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Responses

StatusDescription
200 OK
OK
Schema: cards
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

createCard

Code samples

# You can also use wget
curl -X POST /cards/cards \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/cards HTTP/1.1

Content-Type: application/hal+json
Accept: application/hal+json

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cards',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "accountName": "My Premiere Savings",
  "_links": {
    "apiture:account": {
      "href": "/accounts/accounts/e7076b86-0f0b-4126-92eb-d90f4be1ae6a"
    }
  }
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cards',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/cards',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/cards', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cards");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/cards", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Create a new card

POST /cards

Create a new card resource that represents a physical debit card. The URI to the associated account should be passed in the request in the link named `apiture:account'. The response will include the unmasked card number

Body parameter

{
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "accountName": "My Premiere Savings",
  "_links": {
    "apiture:account": {
      "href": "/accounts/accounts/e7076b86-0f0b-4126-92eb-d90f4be1ae6a"
    }
  }
}

Parameters

Parameter Description
body
(body)
createCard (required)
The data necessary to create a new card.

Example responses

201 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
201 Created
Created
Schema: card
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
201 Location string uri
The URI of the new resource. If the URI begins with / it is relative to the API root context. Else, it is a full URI starting with scheme://host
201 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update the resource.

getCardsForAccount

Code samples

# You can also use wget
curl -X POST /cards/cardsForAccount \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

POST /cards/cardsForAccount HTTP/1.1

Content-Type: application/hal+json
Accept: application/hal+json

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cardsForAccount',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');
const inputBody = '{
  "_profile": "https://api.apiture.com/schemas/cards/cardsQuery/v1.0.0/profile.json",
  "accountId": "e6a999ce-8152-4830-8289-cae8e7e279ca",
  "accountNumber": "9876543210",
  "type": "DDA",
  "subtype": "Checking with Interest"
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cardsForAccount',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post '/cards/cardsForAccount',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('/cards/cardsForAccount', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cardsForAccount");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "/cards/cardsForAccount", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Return a collection of cards for an accuont.

POST /cardsForAccount

Return a collection of cards for a specific account.

This operations differs from the getCards operation which uses the conventional GET HTTP method. This operation is idempotent like a GET, but it uses a request body so that the account number may be passed securely (in the request body instead of in the query URL). This helps keep such data from being snooped or logged. Because this operation lists cards for a specific account, it does not support the more flexible filtering allowed in the getCards operation.

Bank users may only request a list of cards for an account they own.

Body parameter

{
  "_profile": "https://api.apiture.com/schemas/cards/cardsQuery/v1.0.0/profile.json",
  "accountId": "e6a999ce-8152-4830-8289-cae8e7e279ca",
  "accountNumber": "9876543210",
  "type": "DDA",
  "subtype": "Checking with Interest"
}

Parameters

Parameter Description
unmasked
(query)
boolean
When requesting a card, the full card number is not included in the response by default, for security reasons. Include this query parameter, with a value of true, to request that the response body includes the card account number. Such requests are auditable.
body
(body)
cardsQuery (required)
The data necessary to return a collection of cards.

Example responses

200 Response

{
  "_profile": "https://api.apiture.com/schemas/cards/cards/v1.0.0/profile.json",
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cards",
  "_links": {
    "self": {
      "href": "/cards/cards?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cards?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cards?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cards"
    }
  },
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
          }
        }
      },
      {
        "_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
        "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cards/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Responses

StatusDescription
200 OK
OK
Schema: cards
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

getCard

Code samples

# You can also use wget
curl -X GET /cards/cards/{cardId} \
  -H 'Accept: application/hal+json' \
  -H 'If-None-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

GET /cards/cards/{cardId} HTTP/1.1

Accept: application/hal+json
If-None-Match: string

var headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cards/{cardId}',
  method: 'get',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/hal+json',
  'If-None-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cards/{cardId}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/hal+json',
  'If-None-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get '/cards/cards/{cardId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Accept': 'application/hal+json',
  'If-None-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('/cards/cards/{cardId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cards/{cardId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/hal+json"},
        "If-None-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "/cards/cards/{cardId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Fetch a representation of this card

GET /cards/{cardId}

Return a HAL representation of this card resource.

Parameters

Parameter Description
cardId
(path)
string (required)
The unique identifier of this card. This is an opaque string.
If-None-Match
(header)
string
The entity tag that was returned in the ETag response. If the resource's current entity tag matches, the GET will return 304 (Not Modified) and no response body, else the resource representation will be returned.
unmasked
(query)
boolean
When requesting a card, the full card number is not included in the response by default, for security reasons. Include this query parameter, with a value of true, to request that the response body includes the card account number. Such requests are auditable.

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK
Schema: card
304 Not Modified
Not Modified. The resource has not been modified since it was last fetched.
404 Not Found
Not Found. There is no such card resource at the specified {cardId}. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update this card resource.

updateCard

Code samples

# You can also use wget
curl -X PUT /cards/cards/{cardId} \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PUT /cards/cards/{cardId} HTTP/1.1

Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cards/{cardId}',
  method: 'put',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');
const inputBody = '{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cards/{cardId}',
{
  method: 'PUT',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.put '/cards/cards/{cardId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.put('/cards/cards/{cardId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cards/{cardId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PUT", "/cards/cards/{cardId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update this card

PUT /cards/{cardId}

Perform a complete update of this card resource.

Body parameter

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Parameters

Parameter Description
cardId
(path)
string (required)
The unique identifier of this card. This is an opaque string.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body
(body)
card (required)

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK
Schema: card
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
404 Not Found
Not Found. There is no such card resource at the specified {cardId}. The _error field in the response will contain details about the request error.
Schema: errorResponse
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update this card resource.

patchCard

Code samples

# You can also use wget
curl -X PATCH /cards/cards/{cardId} \
  -H 'Content-Type: application/hal+json' \
  -H 'Accept: application/hal+json' \
  -H 'If-Match: string' \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

PATCH /cards/cards/{cardId} HTTP/1.1

Content-Type: application/hal+json
Accept: application/hal+json
If-Match: string

var headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cards/{cardId}',
  method: 'patch',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');
const inputBody = '{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}';
const headers = {
  'Content-Type':'application/hal+json',
  'Accept':'application/hal+json',
  'If-Match':'string',
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cards/{cardId}',
{
  method: 'PATCH',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/hal+json',
  'Accept' => 'application/hal+json',
  'If-Match' => 'string',
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.patch '/cards/cards/{cardId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/hal+json',
  'Accept': 'application/hal+json',
  'If-Match': 'string',
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.patch('/cards/cards/{cardId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cards/{cardId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PATCH");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/hal+json"},
        "Accept": []string{"application/hal+json"},
        "If-Match": []string{"string"},
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("PATCH", "/cards/cards/{cardId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Update this card

PATCH /cards/{cardId}

Perform a partial update of this card. Fields which are omitted are not updated. Nested _embedded and _links are ignored if included.

Body parameter

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Parameters

Parameter Description
cardId
(path)
string (required)
The unique identifier of this card. This is an opaque string.
If-Match
(header)
string (required)
The entity tag that was returned in the ETag response. This must match the current entity tag of the resource.
body
(body)
card (required)

Example responses

200 Response

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Responses

StatusDescription
200 OK
OK
Schema: card
400 Bad Request
Bad Request. The request body or one or more of the query parameters was not well formed. The _error field in the response will contain details about the request error.
Schema: errorResponse
404 Not Found
Not Found. There is no such card resource at the specified {cardId}. The _error field in the response will contain details about the request error.
Schema: errorResponse
412 Precondition Failed
Precondition Failed. The supplied if-Match header value does not match the most recent ETag response header value. The resource has changed in the interim.
Schema: errorResponse
422 Unprocessable Entity
Unprocessable Entity. One or more of the query parameters was well formed but otherwise invalid. The _error field in the response will contain details about the request error.
Schema: errorResponse

Response Headers

StatusDescription
200 ETag string
The ETag response header specifies an entity tag which must be provided in an If-Match request header for PUT or PATCH operations which update this card resource.

deleteCard

Code samples

# You can also use wget
curl -X DELETE /cards/cards/{cardId} \
  -H 'API-Key: API_KEY' \
  -H 'Authorization: Bearer {access-token}'

DELETE /cards/cards/{cardId} HTTP/1.1

var headers = {
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

$.ajax({
  url: '/cards/cards/{cardId}',
  method: 'delete',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

const fetch = require('node-fetch');

const headers = {
  'API-Key':'API_KEY',
  'Authorization':'Bearer {access-token}'

};

fetch('/cards/cards/{cardId}',
{
  method: 'DELETE',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'API-Key' => 'API_KEY',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.delete '/cards/cards/{cardId}',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'API-Key': 'API_KEY',
  'Authorization': 'Bearer {access-token}'
}

r = requests.delete('/cards/cards/{cardId}', params={

}, headers = headers)

print r.json()

URL obj = new URL("/cards/cards/{cardId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("DELETE");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "API-Key": []string{"API_KEY"},
        "Authorization": []string{"Bearer {access-token}"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("DELETE", "/cards/cards/{cardId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Delete this card resource

DELETE /cards/{cardId}

Delete this card resource and any resources that are owned by it.

Parameters

Parameter Description
cardId
(path)
string (required)
The unique identifier of this card. This is an opaque string.

Responses

StatusDescription
204 No Content
No Content. The resource was deleted successfully.

Schemas

cardsQuery

{
  "_profile": "https://api.apiture.com/schemas/cards/cardsQuery/v1.0.0/profile.json",
  "accountId": "e6a999ce-8152-4830-8289-cae8e7e279ca",
  "accountNumber": "9876543210",
  "type": "DDA",
  "subtype": "Checking with Interest"
}

Card Query

The parameters needed to get cards associated with account.

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
accountId string
This is the resource ID of the account, for informational purposes, and is not the account number. This will not be used to find the account.
accountNumber string (required)
The full account number (as a string).
minLength: 9
maxLength: 32
type productTypeName (required)
The account type.
subtype string (required)
The name of the banking account subtype,

createCard

{
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "accountName": "My Premiere Savings",
  "_links": {
    "apiture:account": {
      "href": "/accounts/accounts/e7076b86-0f0b-4126-92eb-d90f4be1ae6a"
    }
  }
}

Create Card

Representation used to create a new card.

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
name string
The user's name for this card.
minLength: 1
maxLength: 128
accountName string (required)
The name of the account that this card is tied to.
read-only
minLength: 1
maxLength: 128
accountNumbers accountNumbers
The masked and (optionally) full number for the account this card is associated with. This is derived from the account used in the initial card request. By default, only the masked number is returned; use ?unmasked=true to reveal the full account number.
read-only
accountCategory string
The category of the account, such as Savings or Checking. This is derived from the product associated with the account for this card.
read-only
accountType productTypeName
The type of the account, such as CDA or DDA for savings and checking (demand deposit accounts).

summaryCard

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Card Summary

Summary representation of a card resource in cards collections. This representation normally does not contain any _embedded objects. If needed, call the GET operation on the item's self link to get _embedded objects.

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
name string
The user's name for this card.
minLength: 1
maxLength: 128
accountName string
The name of the account that this card is tied to.
read-only
minLength: 1
maxLength: 128
accountNumbers accountNumbers
The masked and (optionally) full number for the account this card is associated with. This is derived from the account used in the initial card request. By default, only the masked number is returned; use ?unmasked=true to reveal the full account number.
read-only
accountCategory string
The category of the account, such as Savings or Checking. This is derived from the product associated with the account for this card.
read-only
accountType productTypeName
The type of the account, such as CDA or DDA for savings and checking (demand deposit accounts).
_id string
The unique identifier for this card resource. This is an immutable opaque string.
holderName string
The card holder's full name, as it appears on the card. This value is ALL CAPS.
read-only
cardNumbers cardNumbers
The masked and full account number.
read-only
replacementState string
Indicates the state of a card request. The user cannot change this property.


Enumerated values:
none
requested
replacedWithSameNumber
replacedWithNewNumber

state string
The state of this card. This is derived.
read-only


Enumerated values:
unknown
requested
issued
active
locked
lost
stolen
damaged
frozen
unassociated
closed

issuedAt string(date-time)
The date-time when this card was issued. This is in RFC 3339 UTC format. This field is present only after the card has been issued, and if the card vendor provides the time stamp.
activatedAt string(date-time)
The date-time when this card was activated. This is in RFC 3339 UTC format. This field is present only after the card has been activated, and if the card vendor provides the time stamp.
expiresOn string(date)
The card's expiration date. The day should is the last day of the month, such as 2021-10-31 if the card expires at the end of October, 2021. in RFC 3339 YYYY-MM-DD format.
read-only
modifiedAt string(date-time)
The date-time when this card's state or other attributes were last changed. This is in RFC 3339 UTC format.
read-only
modifiedBy string
The username of the person who last modified this card resource.
read-only

card

{
  "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
  "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
  "holderName": "LUCILLE WELLPHUNDED",
  "name": "My debit card for Premiere Checking",
  "accountName": "Premiere Checking",
  "accountNumbers": {
    "masked": "*************3210",
    "full": "9876543210"
  },
  "cardNumbers": {
    "masked": "************3210",
    "full": "9999000088883210"
  },
  "accountCategory": "DDA",
  "state": "active",
  "issuedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "expiresOn": {},
  "_embedded": {},
  "_links": {
    "self": {
      "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
    },
    "apiture:lock": {
      "href": "/cards/lockedCards?card=0399abed-fd3d-4830-a88b-30f38b8a365c"
    }
  }
}

Card

A card resource, which represents physical Debit cards associated with a banking account or credit cards.

The default representation includes only a masked card number. Use ?unmasked=true on the request to include the full card number.

The hypermedia _links in the response include several action links which change the state of the card. These links should be used with the POST verb (see Resource sets) and correspond to the following API operations

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
name string
The user's name for this card.
minLength: 1
maxLength: 128
accountName string
The name of the account that this card is tied to.
read-only
minLength: 1
maxLength: 128
accountNumbers accountNumbers
The masked and (optionally) full number for the account this card is associated with. This is derived from the account used in the initial card request. By default, only the masked number is returned; use ?unmasked=true to reveal the full account number.
read-only
accountCategory string
The category of the account, such as Savings or Checking. This is derived from the product associated with the account for this card.
read-only
accountType productTypeName
The type of the account, such as CDA or DDA for savings and checking (demand deposit accounts).
_id string
The unique identifier for this card resource. This is an immutable opaque string.
holderName string
The card holder's full name, as it appears on the card. This value is ALL CAPS.
read-only
cardNumbers cardNumbers
The masked and full account number.
read-only
replacementState string
Indicates the state of a card request. The user cannot change this property.


Enumerated values:
none
requested
replacedWithSameNumber
replacedWithNewNumber

state string
The state of this card. This is derived.
read-only


Enumerated values:
unknown
requested
issued
active
locked
lost
stolen
damaged
frozen
unassociated
closed

issuedAt string(date-time)
The date-time when this card was issued. This is in RFC 3339 UTC format. This field is present only after the card has been issued, and if the card vendor provides the time stamp.
activatedAt string(date-time)
The date-time when this card was activated. This is in RFC 3339 UTC format. This field is present only after the card has been activated, and if the card vendor provides the time stamp.
expiresOn string(date)
The card's expiration date. The day should is the last day of the month, such as 2021-10-31 if the card expires at the end of October, 2021. in RFC 3339 YYYY-MM-DD format.
read-only
modifiedAt string(date-time)
The date-time when this card's state or other attributes were last changed. This is in RFC 3339 UTC format.
read-only
modifiedBy string
The username of the person who last modified this card resource.
read-only

cards

{
  "_profile": "https://api.apiture.com/schemas/cards/cards/v1.0.0/profile.json",
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cards",
  "_links": {
    "self": {
      "href": "/cards/cards?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cards?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cards?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cards"
    }
  },
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cards/0399abed-fd3d-4830-a88b-30f38b8a365c"
          }
        }
      },
      {
        "_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
        "_profile": "https://api.apiture.com/schemas/cards/card/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cards/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Card Collection

Collection of cards. The items in the collection are ordered in the _embedded.items array; the name is cards. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
Embedded objects.
» items [summaryCard]
An array containing a page of card items.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
count integer
The number of items in the collection. This value is optional and my be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start integer
The start index of this page of items.
limit integer
The maximum number of items per page.
name string
The name of the collection.

createCardRequest

{
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "_links": {
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Create Card Request

Representation used to create a request for a new or replacement card. For new cards, the request must include the accountNumbers object with the full account number of the account that the card is associated with; the user must have access to that account.

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
cardId string
The resource ID of the card that is to be replaced.
reason string
Reasons which describe why the user is requesting a a card.


Enumerated values:
initial
lost
stolen
damaged

description any
The card holder's description, note, or explanation of why they requested a card. type: string
accountNumbers accountNumbers
The masked and (optionally) full number for the account this card is associated with. The accountNumbers.full is required in the request body of a new card request; this object is immutable afterwards. The full number is only returned when requests contain the ?unmasked query parameter.

summaryCardRequest

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cards/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Card Request Summary

Summary representation of a card request resource in replacements collections. This representation normally does not contain any _embedded objects. If needed, call the GET operation on the item's self link to get _embedded objects.

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
cardId string
The resource ID of the card that is to be replaced.
reason string
Reasons which describe why the user is requesting a a card.


Enumerated values:
initial
lost
stolen
damaged

description any
The card holder's description, note, or explanation of why they requested a card. type: string
accountNumbers accountNumbers
The masked and (optionally) full number for the account this card is associated with. The accountNumbers.full is required in the request body of a new card request; this object is immutable afterwards. The full number is only returned when requests contain the ?unmasked query parameter.
_id string
The unique identifier for this card request resource. This is an immutable opaque string.
state string
Indicates the state of a card request request.
read-only


Enumerated values:
pending
submitted
canceled
rejected
completed

submittedAt string(date-time)
The date-time when this card request request was submitted. This is in RFC 3339 UTC format.
resolvedAt string(date-time)
The date-time when this card request request was completed, rejected, or canceled. This is in RFC 3339 UTC format.
modifiedAt string(date-time)
The date-time when this card request attributes were last changed. This is in RFC 3339 UTC format.
resolutionReason string
The explanation for why the card was resolved. This may be the reason the card request was rejected.
maxLength: 2048
modifiedBy string
The username of the person who last modified or resolved this card request at the time indicated by the resolvedAt time stamp).

cardRequest

{
  "_id": "35eb0e67-ac9b-44d7-8799-6648ba6b1c65",
  "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
  "cardId": "9e5a519c-ed3d-48ec-84d0-ef29b2843803",
  "reason": "lost",
  "description": "Replace lost card",
  "submittedAt": {},
  "modifiedAt": {},
  "modifiedBy": "lucy.wellphunded@bankcustomer.example.com",
  "_links": {
    "self": {
      "href": "/cards/cardRequests/35eb0e67-ac9b-44d7-8799-6648ba6b1c65"
    },
    "apiture:card": {
      "href": "/cards/cards/9e5a519c-ed3d-48ec-84d0-ef29b2843803"
    },
    "apiture:account": {
      "href": "https://api.example.com/accounts/accounts/617c31ce-7bf0-4e55-a5df-12916ff22ada"
    },
    "apiture:cancel": {
      "href": "https://api.example.com/cards/canceledCardRequests?cardRequest=617c31ce-7bf0-4e55-a5df-12916ff22ada"
    }
  }
}

Card Request

Representation of a card request resource. A request to replace a lost, stolen, or damaged card.

The hypermedia _links in the card request representation include several action links which change the state of the card request. These links should be used with the POST verb (see Resource sets) and correspond to the following API operations

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
cardId string
The resource ID of the card that is to be replaced.
reason string
Reasons which describe why the user is requesting a a card.


Enumerated values:
initial
lost
stolen
damaged

description any
The card holder's description, note, or explanation of why they requested a card. type: string
accountNumbers accountNumbers
The masked and (optionally) full number for the account this card is associated with. The accountNumbers.full is required in the request body of a new card request; this object is immutable afterwards. The full number is only returned when requests contain the ?unmasked query parameter.
_id string
The unique identifier for this card request resource. This is an immutable opaque string.
state string
Indicates the state of a card request request.
read-only


Enumerated values:
pending
submitted
canceled
rejected
completed

submittedAt string(date-time)
The date-time when this card request request was submitted. This is in RFC 3339 UTC format.
resolvedAt string(date-time)
The date-time when this card request request was completed, rejected, or canceled. This is in RFC 3339 UTC format.
modifiedAt string(date-time)
The date-time when this card request attributes were last changed. This is in RFC 3339 UTC format.
resolutionReason string
The explanation for why the card was resolved. This may be the reason the card request was rejected.
maxLength: 2048
modifiedBy string
The username of the person who last modified or resolved this card request at the time indicated by the resolvedAt time stamp).

cardRequests

{
  "_profile": "https://api.apiture.com/schemas/cards/cardRequests/v1.0.0/profile.json",
  "start": 10,
  "limit": 10,
  "count": 67,
  "name": "cardRequests",
  "_links": {
    "self": {
      "href": "/cards/cardRequests?start=10&limit=10"
    },
    "first": {
      "href": "/cards/cardRequests?start=0&limit=10"
    },
    "next": {
      "href": "/cards/cardRequests?start=20&limit=10"
    },
    "collection": {
      "href": "/cards/cardRequests"
    }
  },
  "_embedded": {
    "items": [
      {
        "_id": "0399abed-fd3d-4830-a88b-30f38b8a365c",
        "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cardRequests/0399abed-fd3d-4830-a88b-30f38b8a365c"
          }
        }
      },
      {
        "_id": "d62c0701-0d74-4836-83f9-ebf3709442ea",
        "_profile": "https://api.apiture.com/schemas/cards/cardRequest/v1.0.0/profile.json",
        "_links": {
          "self": {
            "href": "/cards/cardRequests/d62c0701-0d74-4836-83f9-ebf3709442ea"
          }
        }
      }
    ]
  }
}

Card Requests Collection

Collection of requests to issue a new or replacement card. The items in the collection are ordered in the _embedded.items array; the name is replacements. The top-level _links object may contain pagination links (self, next, prev, first, last, collection).

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
Embedded objects.
» items [summaryCardRequest]
An array containing a page of replacement items.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
count integer
The number of items in the collection. This value is optional and my be omitted if the count is not computable efficiently. If a filter is applied to the collection (either implicitly or explicitly), the count, if present, indicates the number of items that satisfy the filter.
start integer
The start index of this page of items.
limit integer
The maximum number of items per page.
name string
The name of the collection.

cardNumbers

{
  "masked": "************3210",
  "full": "9999000088883210"
}

Card Numbers

Masked and full representation of a card number.

Properties

NameDescription
masked string
A partial (masked) card number that does not contain all the digits of the full card number. This masked number appears in statements or in user experience presentation. It is sufficient for a user to differentiate this card from other cards the user hold, but is not sufficient for initiating transactions, etc. The first character is the mask character and is repeated; this does not indicate that the full card number is the same as the mask length. This value is derived and immutable.
read-only
maxLength: 16
full string(^[0-9]{16}$)
The full card number. This value only appears when ?unmasked=true is passed on the GET request. Not included in the summary representation of the card that is included in card collection responses.
read-only
minLength: 16
maxLength: 16

root

{
  "id": "apiName",
  "name": "API name",
  "apiVersion": "1.0.0",
  "_profile": "https://api.apiture.com/schemas/common/root/v1.0.0/profile.json",
  "_links": {}
}

API Root

A HAL response, with hypermedia _links for the top-level resources and operations in API.

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.
_id string
This API's unique ID.
name string
This API's name.
apiVersion string
This API's version.

errorResponse

{
  "_profile": "https://api.apiture.com/schemas/common/errorResponse/v1.0.0/profile.json",
  "_error": {
    "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
    "message": "The value for deposit must be greater than 0.",
    "statusCode": 422,
    "type": "positiveNumberRequired",
    "attributes": {
      "value": -125.5
    },
    "remediation": "Provide a value which is greater than 0",
    "occurredAt": "2018-01-25T05:50:52.375Z",
    "_links": {
      "describedby": {
        "href": "https://api.apiture.com/errors/positiveNumberRequired"
      }
    },
    "_embedded": {
      "errors": []
    }
  }
}

Error Response

Describes an error response, typically returned on 4xx or 5xx errors from API operations. The _error object contains the error details.

Properties

NameDescription
_links object
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
» additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.
_embedded object
An optional map of nested resources, mapping each nested resource name to a nested resource representation.
_profile string(uri)
The URI of a resource profile which describes the representation.
_error error
An object which describes an error. This value is omitted if the operation succeeded without error.

productTypeName

"CCA"

Product Type Names

A code which identifies the product type. This is one of the IFX AcctType values.

Type: string
Enumerated values:
CCA
CDA
CLA
CMA
DDA
EQU
GLA
ILA
INV
IRA
IRL
LOC
MLA
MMA
PBA
PPA
RWD
SDA

accountNumbers

{
  "masked": "*************3210",
  "full": "9876543210"
}

Account Numbers

Different representations of an account number.

Properties

NameDescription
masked string
A partial account number that does not contain all the digits of the full account number. This masked number appears in statements or in user experience presentation. It is sufficient for a user to differentiate this account from other accounts they hold, but is not sufficient for initiating transfers, etc. The first character is the mask character and is repeated; this does not indicate that the full account number is the same as the mask length. This value is derived and immutable.
read-only
minLength: 9
maxLength: 32
full string
The full account number. This value only appears when ?unmasked=true is passed on the GET request. Not included in the summary representation of the account that is included in account collection responses. This value is derived and immutable.
read-only
minLength: 9
maxLength: 32

{
  "href": "/contacts/contacts/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
  "title": "Applicant"
}

Link

Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.

Properties

NameDescription
href string(uri) (required)
The URI or URI template for the resource/operation this link refers to.
type string
The media type for the resource.
templated boolean
If true, the link's href is a URI template.
title string
An optional human-readable localized title for the link.
deprecation string(uri)
If present, the containing link is deprecated and the value is a URI which provides human-readable text information about the deprecation.
profile string(uri)
The URI of a profile document, a JSON document which describes the target resource/operation.

error

{
  "_id": "2eae46e1-575c-4d69-8a8f-0a7b0115a4b3",
  "message": "The value for deposit must be greater than 0.",
  "statusCode": 422,
  "type": "positiveNumberRequired",
  "attributes": {
    "value": -125.5
  },
  "remediation": "Provide a value which is greater than 0",
  "occurredAt": "2018-01-25T05:50:52.375Z",
  "_links": {
    "describedby": {
      "href": "https://developer.apiture.com/errors/positiveNumberRequired"
    }
  },
  "_embedded": {
    "errors": []
  }
}

Error

Describes an error in an API request or in a service called via the API.

Properties

NameDescription
message string (required)
A localized message string describing the error condition.
_id string
A unique identifier for this error instance. This may be used as a correlation ID with the root cause error (i.e. this ID may be logged at the source of the error). This is is an opaque string.
statusCode integer
The HTTP status code associate with this error.
minimum: 100
maximum: 599
type string
An error identifier which indicates the category of error and associate it with API support documentation or which the UI tier can use to render an appropriate message or hint. This provides a finer level of granularity than the statusCode. For example, instead of just 400 Bad Request, the type may be much more specific. such as integerValueNotInAllowedRange or numericValueExceedsMaximum or stringValueNotInAllowedSet.
occurredAt string(date-time)
An RFC 3339 UTC time stamp indicating when the error occurred.
attributes attributes
Informative values or constraints which describe the error. For example, for a value out of range error, the attributes may specify the minimum and maximum values. This allows clients to present error messages as they see fit (the API does not assume the client/presentation tier). The set of attributes varies by error type.
remediation string
An optional localized string which provides hints for how the user or client can resolve the error.
_links links
An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.
_embedded object
Embedded objects. An error object may contain nested errors. For example, an API which validates its request body may find multiple errors in the request, which are returned with an error response with nested errors. These are held in an items array of errorResponse objects. _embedded or _embedded.items may not exist if the error does not have nested errors.
» items [errorResponse]
An array of error objects.

attributes

{}

Attributes

An optional map of name/value pairs which contains additional dynamic data about the resource.

Properties

{
  "property1": {
    "href": "/contacts/contacts/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
    "title": "Applicant"
  },
  "property2": {
    "href": "/contacts/contacts/328f6bf6-d762-422f-a077-ab91ca4d0b6f",
    "title": "Applicant"
  }
}

Links

An optional map of links, mapping each link relation to a link object. This model defines the _links object of HAL representations.

Properties

NameDescription
additionalProperties link
Describes a hypermedia link within a _links object in HAL representations. In Apiture APIs, links are HAL links, but Apiture APIs do not use the name or hreflang properties of HAL. Apiture links may include a method property.