Credentials

openapi: 3.0.3 info: title: Card Credentials - Credentials description: V1 APIs for Card Management Card Credentials version: v1 contact: name: Digital Core @ Jack Henry and Associates, inc. url: https://www.jackhenry.com/ email: DC-Operations@jackhenry.com servers: - url: https://{API_ENDPOINT} variables: API_ENDPOINT: default: digital.garden-fi.com security: - bearerAuth: [] tags: - name: Credentials description: V1 APIs for Card Management Card Credentials paths: /api/card-mgmt/v1/{InstitutionUniversalId}/card-credentials/search-by-pan: post: tags: - Credentials description: "Search Card Credentials by PAN. \n\nRequired permission: SearchCardCredentials\n" operationId: searchCardCredentialsByPan parameters: - name: InstitutionUniversalId in: path description: A unique identifier to establish the identity of an Institution/Environment/Brand combination required: true schema: type: string - name: includeDisplayExpiration in: query required: false description: Whether to include the Display Expiration Date in the Encrypted Card Credentials response. schema: type: boolean default: false - name: includePrimaryAccountNumber in: query required: false description: Whether to include the Primary Account Number in the Encrypted Card Credentials response. schema: type: boolean default: false - name: includeCardVerificationCode in: query required: false description: Whether to include the Card Verification Code in the Encrypted Card Credentials response. schema: type: boolean default: false requestBody: content: application/json: schema: required: - publicKey - encryptedPrimaryAccountNumber - expiration type: object properties: publicKey: type: string description: ECDH public key in base64 format. encryptedPrimaryAccountNumber: type: string description: Encrypted 'PrimaryAccountNumber'. See PrimaryAccountNumber schema. expiration: type: object description: The card's expiration date. required: - month - year properties: month: type: string description: The month that the card is set to expire. minLength: 2 maxLength: 2 year: type: string description: The year that the card is set to expire. minLength: 4 maxLength: 4 responses: '200': description: Ok content: application/json: schema: type: object required: - encryptedCardCredentials properties: encryptedCardCredentials: type: string description: Encrypted 'CardCredentials'. See CardCredentials schema. '400': description: | Bad Request: The server could not understand the request due to an invalid request. content: application/problem+json: schema: type: object required: - type - title - details properties: type: description: A string path which uniquely classifies the domain of the error. type: string nullable: false example: jackhenry/operation-failed title: description: A end-user readable string title of the error type. nullable: false type: string details: description: An array of end-user readable strings which provide additional details for the error message. type: array nullable: false items: type: string data: type: object description: | Additional data that could be useful to a developer or for handing the error programmatically. The schema for the data in this object is intentionally left undefined. nullable: true '401': description: Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. '403': description: The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401, the clients identity is known to the server. '404': description: The server can not find the requested resource. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 to hide the existence of a resource from an unauthorized client. '500': description: An unexpected internal server error occurred while processing the request. content: application/problem+json: schema: type: object required: - type - title - details properties: type: description: A string path which uniquely classifies the domain of the error. type: string nullable: false example: jackhenry/operation-failed title: description: A end-user readable string title of the error type. nullable: false type: string details: description: An array of end-user readable strings which provide additional details for the error message. type: array nullable: false items: type: string data: type: object description: | Additional data that could be useful to a developer or for handing the error programmatically. The schema for the data in this object is intentionally left undefined. nullable: true examples: internalServerError: summary: Internal server error value: type: general/internal-server-error title: Internal server error details: - Unexpected internal server error /api/card-mgmt/v1/{InstitutionUniversalId}/card-credentials/search-by-token: post: tags: - Credentials description: "Search Card Credentials by Token. \n\nRequired permission: SearchCardCredentials\n" operationId: searchCardCredentialsByToken parameters: - name: InstitutionUniversalId in: path description: A unique identifier to establish the identity of an Institution/Environment/Brand combination required: true schema: type: string - name: includeDisplayExpiration in: query required: false description: Whether to include the Display Expiration Date in the Encrypted Card Credentials response. schema: type: boolean default: false - name: includePrimaryAccountNumber in: query required: false description: Whether to include the Primary Account Number in the Encrypted Card Credentials response. schema: type: boolean default: false - name: includeCardVerificationCode in: query required: false description: Whether to include the Card Verification Code in the Encrypted Card Credentials response. schema: type: boolean default: false requestBody: content: application/json: schema: required: - publicKey - cardToken - expiration type: object properties: publicKey: type: string description: ECDH public key in base64 format. cardToken: type: string description: Tokenized PAN of the card. expiration: type: object description: The card's expiration date. required: - month - year properties: month: type: string description: The month that the card is set to expire. minLength: 2 maxLength: 2 year: type: string description: The year that the card is set to expire. minLength: 4 maxLength: 4 responses: '200': description: Ok content: application/json: schema: type: object required: - encryptedCardCredentials properties: encryptedCardCredentials: type: string description: Encrypted 'CardCredentials'. See CardCredentials schema. '400': description: | Bad Request: The server could not understand the request due to an invalid request. content: application/problem+json: schema: type: object required: - type - title - details properties: type: description: A string path which uniquely classifies the domain of the error. type: string nullable: false example: jackhenry/operation-failed title: description: A end-user readable string title of the error type. nullable: false type: string details: description: An array of end-user readable strings which provide additional details for the error message. type: array nullable: false items: type: string data: type: object description: | Additional data that could be useful to a developer or for handing the error programmatically. The schema for the data in this object is intentionally left undefined. nullable: true '401': description: Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. '403': description: The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401, the clients identity is known to the server. '404': description: The server can not find the requested resource. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 to hide the existence of a resource from an unauthorized client. '500': description: An unexpected internal server error occurred while processing the request. content: application/problem+json: schema: type: object required: - type - title - details properties: type: description: A string path which uniquely classifies the domain of the error. type: string nullable: false example: jackhenry/operation-failed title: description: A end-user readable string title of the error type. nullable: false type: string details: description: An array of end-user readable strings which provide additional details for the error message. type: array nullable: false items: type: string data: type: object description: | Additional data that could be useful to a developer or for handing the error programmatically. The schema for the data in this object is intentionally left undefined. nullable: true examples: internalServerError: summary: Internal server error value: type: general/internal-server-error title: Internal server error details: - Unexpected internal server error

Please ignore this field