Provisioning

openapi: 3.0.3 info: title: Digital Provisioning - Provisioning description: V1 APIs for Card Management Digital Provisioning version: v1 contact: name: Digital Core @ Jack Henry and Associates, inc. url: https://www.jackhenry.com/ email: DC-Operations@jackhenry.com servers: - url: https://{API_ENDPOINT} variables: API_ENDPOINT: default: digital.garden-fi.com security: - bearerAuth: [] tags: - name: Provisioning description: V1 APIs for Card Management Provisioning paths: /api/card-mgmt/v1/{InstitutionUniversalId}/digital-wallets/provisionings/apple-pay: post: tags: - Provisioning description: "Create Wallet Provisioning Request ApplePay. \n\nRequired permission: AddDigitalWalletRequest\n" operationId: createProvisioningRequestApplePay parameters: - name: InstitutionUniversalId in: path description: A unique identifier to establish the identity of an Institution/Environment/Brand combination required: true schema: type: string - name: X-Request-ID in: header description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 - name: X-Correlation-ID in: header description: Returned X-Request-ID schema: type: string - name: X-BusinessCorrelationId in: header description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string example: 123e4567-e89b-12d3-a456-426655440000 - name: X-WorkflowCorrelationId in: header description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string example: 123e4567-e89b-12d3-a456-426655440000 - name: X-AuditUserId in: header description: This is the User Id which the consumer would like written to the audit as performing the requested service. It will vary but could be down to the user id. It will not be use to authenticate, only audit information. schema: type: string example: UserId/UserName - name: X-AuditDeviceId in: header description: This is the device Id which the consumer would like written to the audit as performing the requested service. It will vary but could be down to the machine id or address. schema: type: string example: 192.168.0.101 - name: X-AuthenticationUserCredential in: header description: 'Authentication of the end-user (person at keyboard) Credentials in the form of a JSON Web Token (JWT). <br>Format is `type:token`. Type default is jwt. <br>Example `X-AuthenticationUserCredential: jwt:<GeneratedOidcJwt>` <br>Example `X-AuthenticationUserCredential: saml:<Generatedsaml>`' schema: type: string example: jwt:<GeneratedOidcJwt> - name: Authorization in: header description: 'JWT Token. Represents Callers Authentication Token in the form of a JWT generated by a OAuth 2.0 Identity Provider and conforms to the OpenID Connect specification. See [Security section] for other details. <br>Example `Authorization: bearer <GeneratedOidcJwt>`' required: true schema: type: string example: bearer <GeneratedOidcJwt> requestBody: content: application/json: schema: required: - deviceType - nonce - certificates - encryptedCardData type: object properties: deviceType: type: string description: Type of device the digital wallet token will be provisioned. enum: - MobilePhone - Watch - Tablet - Other nonce: type: string description: Random number generated by Apple. maxLength: 32 nonceSignature: type: string description: Required if DeviceType is not 'Other'. certificates: type: array description: Apple device X.509 certificates received from mobile application. items: type: string minItems: 1 encryptedCardData: type: string description: Encrypted 'CardData'. See CardDataV1 schema. responses: '201': description: Created headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-BusinessCorrelationId: description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string X-WorkflowCorrelationId: description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string X-Messages: description: Indicating messages/faults/errors returned schema: type: boolean default: false content: application/json: schema: type: object required: - cardToken - encryptedPassData - activationData - ephemeralPublicKey - network - tokenServiceProvider properties: messageStatus: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string cardToken: type: string description: Tokenized PAN of the card that was provisioned. encryptedPassData: type: string description: Encrypted data consisting of encrypted PAN, expiry, and datetime in base64 format. activationData: type: string description: Activation data consisting of encrypted nonce, noncesignature, and authCode in base64 format. ephemeralPublicKey: type: string description: For VISA, VISA.ECC.ePK generated while creating MBPAD encryptedInformation. EC point with P-256 curve and uncompressed format. Base64 format. network: type: string description: The network the card was issued under. enum: - Visa - Mastercard - Other tokenServiceProvider: type: string description: Indicates which token service provider processed the card data generated for provisioning. enum: - TOKEN_PROVIDER_VISA - TOKEN_PROVIDER_MASTERCARD '400': description: Bad Request<hr> The server could not understand the request due to invalid syntax. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Messages: description: Indicating messages/faults/errors returned schema: type: boolean default: false X-BusinessCorrelationId: description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string X-WorkflowCorrelationId: description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string content: application/json: schema: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string '401': description: Unauthorized<hr> Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '403': description: Forbidden<hr> The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401, the clients identity is known to the server. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '404': description: Not Found<hr> The server can not find the requested resource. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 to hide the existence of a resource from an unauthorized client. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '500': description: Generic Internal Error<hr> The server has encountered a situation it does not know how to handle. content: application/json: schema: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string /api/card-mgmt/v1/{InstitutionUniversalId}/digital-wallets/provisionings/google-pay: post: tags: - Provisioning description: "Create Wallet Provisioning Request GooglePay. \n\nRequired permission: AddDigitalWalletRequest\n" operationId: createProvisioningRequestGooglePay parameters: - name: InstitutionUniversalId in: path description: A unique identifier to establish the identity of an Institution/Environment/Brand combination required: true schema: type: string - name: X-Request-ID in: header description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 - name: X-Correlation-ID in: header description: Returned X-Request-ID schema: type: string - name: X-BusinessCorrelationId in: header description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string example: 123e4567-e89b-12d3-a456-426655440000 - name: X-WorkflowCorrelationId in: header description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string example: 123e4567-e89b-12d3-a456-426655440000 - name: X-AuditUserId in: header description: This is the User Id which the consumer would like written to the audit as performing the requested service. It will vary but could be down to the user id. It will not be use to authenticate, only audit information. schema: type: string example: UserId/UserName - name: X-AuditDeviceId in: header description: This is the device Id which the consumer would like written to the audit as performing the requested service. It will vary but could be down to the machine id or address. schema: type: string example: 192.168.0.101 - name: X-AuthenticationUserCredential in: header description: 'Authentication of the end-user (person at keyboard) Credentials in the form of a JSON Web Token (JWT). <br>Format is `type:token`. Type default is jwt. <br>Example `X-AuthenticationUserCredential: jwt:<GeneratedOidcJwt>` <br>Example `X-AuthenticationUserCredential: saml:<Generatedsaml>`' schema: type: string example: jwt:<GeneratedOidcJwt> - name: Authorization in: header description: 'JWT Token. Represents Callers Authentication Token in the form of a JWT generated by a OAuth 2.0 Identity Provider and conforms to the OpenID Connect specification. See [Security section] for other details. <br>Example `Authorization: bearer <GeneratedOidcJwt>`' required: true schema: type: string example: bearer <GeneratedOidcJwt> requestBody: content: application/json: schema: required: - deviceType - walletAccountId - deviceId - encryptedCardData type: object properties: deviceType: type: string description: Type of device the digital wallet token will be provisioned. enum: - MobilePhone - Watch - Tablet - Other walletAccountId: type: string description: The user's Google wallet account ID. minLength: 2 maxLength: 36 deviceId: type: string description: The user's Android device ID, the device's unique identifier. minLength: 2 maxLength: 24 encryptedCardData: type: string description: Encrypted 'CardData'. See CardDataV1 schema. serverSessionId: type: string description: The GUID-formatted server session ID that is used to identify the provisioning session. Only required if generating a Google Opaque Payment Card. minLength: 36 maxLength: 36 responses: '201': description: Created headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-BusinessCorrelationId: description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string X-WorkflowCorrelationId: description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string X-Messages: description: Indicating messages/faults/errors returned schema: type: boolean default: false content: application/json: schema: type: object required: - cardToken - opaquePaymentCard - network - tokenServiceProvider properties: messageStatus: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string cardToken: type: string description: Tokenized PAN of the card that was provisioned. opaquePaymentCard: type: string description: The opaque card data that is needed by GooglePay for tokenization. network: type: string description: The network the card was issued under. enum: - Visa - Mastercard - Other tokenServiceProvider: type: string description: Indicates which token service provider processed the card data generated for provisioning. enum: - TOKEN_PROVIDER_VISA - TOKEN_PROVIDER_MASTERCARD googleOpc: type: string description: The Google Opaque Payment Card data that is needed by GooglePay for tokenization. This field is only returned if the serverSessionId is provided and the device type is 'Other'. '400': description: Bad Request<hr> The server could not understand the request due to invalid syntax. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Messages: description: Indicating messages/faults/errors returned schema: type: boolean default: false X-BusinessCorrelationId: description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string X-WorkflowCorrelationId: description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string content: application/json: schema: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string '401': description: Unauthorized<hr> Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '403': description: Forbidden<hr> The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401, the clients identity is known to the server. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '404': description: Not Found<hr> The server can not find the requested resource. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 to hide the existence of a resource from an unauthorized client. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '500': description: Generic Internal Error<hr> The server has encountered a situation it does not know how to handle. content: application/json: schema: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string /api/card-mgmt/v1/{InstitutionUniversalId}/digital-wallets/package/build/apple-pay: post: tags: - Provisioning description: "Mastercard Provisioning ApplePay Encryption Request. \n\nRequired permission: AddDigitalWalletRequest\n" operationId: MastercardProvisioningApplePayEncryptionRequest parameters: - name: InstitutionUniversalId in: path description: A unique identifier to establish the identity of an Institution/Environment/Brand combination required: true schema: type: string - name: X-Request-ID in: header description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 - name: X-Correlation-ID in: header description: Returned X-Request-ID schema: type: string - name: X-BusinessCorrelationId in: header description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string example: 123e4567-e89b-12d3-a456-426655440000 - name: X-WorkflowCorrelationId in: header description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string example: 123e4567-e89b-12d3-a456-426655440000 - name: X-AuditUserId in: header description: This is the User Id which the consumer would like written to the audit as performing the requested service. It will vary but could be down to the user id. It will not be use to authenticate, only audit information. schema: type: string example: UserId/UserName - name: X-AuditDeviceId in: header description: This is the device Id which the consumer would like written to the audit as performing the requested service. It will vary but could be down to the machine id or address. schema: type: string example: 192.168.0.101 - name: X-AuthenticationUserCredential in: header description: 'Authentication of the end-user (person at keyboard) Credentials in the form of a JSON Web Token (JWT). <br>Format is `type:token`. Type default is jwt. <br>Example `X-AuthenticationUserCredential: jwt:<GeneratedOidcJwt>` <br>Example `X-AuthenticationUserCredential: saml:<Generatedsaml>`' schema: type: string example: jwt:<GeneratedOidcJwt> - name: Authorization in: header description: 'JWT Token. Represents Callers Authentication Token in the form of a JWT generated by a OAuth 2.0 Identity Provider and conforms to the OpenID Connect specification. See [Security section] for other details. <br>Example `Authorization: bearer <GeneratedOidcJwt>`' required: true schema: type: string example: bearer <GeneratedOidcJwt> requestBody: content: application/json: schema: required: - nonce - nonceSignature - certificates - encryptedCardData - mastercardSignature - issuerInitiatedDigitizationData type: object properties: deviceType: type: string description: Type of device the digital wallet token will be provisioned. enum: - MobilePhone - Watch - Tablet - Other nullable: true nonce: type: string description: Random number generated by Apple. maxLength: 32 nonceSignature: type: string certificates: type: array description: Apple device X.509 certificates received from mobile application. items: type: string minItems: 1 encryptedCardData: type: string description: Encrypted 'CardData'. See CardDataV1 schema. mastercardSignature: type: string description: Encrypted data from Mastercard MDES call response. issuerInitiatedDigitizationData: type: string description: Encrypted data from Mastercard MDES call response. responses: '200': description: Ok headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-BusinessCorrelationId: description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string X-WorkflowCorrelationId: description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string X-Messages: description: Indicating messages/faults/errors returned schema: type: boolean default: false content: application/json: schema: type: object required: - cardToken - encryptedPassData - activationData - ephemeralPublicKey - network - tokenServiceProvider properties: messageStatus: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string cardToken: type: string description: Tokenized PAN of the card that was provisioned. encryptedPassData: type: string description: Authentication data includes IIDD and other data per Apple Specifications, Version 1, Configuration 3.1. (Base64 format) activationData: type: string description: Activation data (Base64 format) ephemeralPublicKey: type: string description: EC point with P-256 curve and uncompressed format. Base64 format. network: type: string description: The network the card was issued under. enum: - Mastercard tokenServiceProvider: type: string description: Indicates which token service provider processed the card data generated for provisioning. enum: - TOKEN_PROVIDER_MASTERCARD '400': description: Bad Request<hr> The server could not understand the request due to invalid syntax. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Messages: description: Indicating messages/faults/errors returned schema: type: boolean default: false X-BusinessCorrelationId: description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string X-WorkflowCorrelationId: description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string content: application/json: schema: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string '401': description: Unauthorized<hr> Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '403': description: Forbidden<hr> The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401, the clients identity is known to the server. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '404': description: Not Found<hr> The server can not find the requested resource. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 to hide the existence of a resource from an unauthorized client. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '500': description: Generic Internal Error<hr> The server has encountered a situation it does not know how to handle. content: application/json: schema: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string /api/card-mgmt/v1/{InstitutionUniversalId}/digital-wallets/package/build/google-pay: post: tags: - Provisioning description: "Mastercard Provisioning GooglePay Encryption Request. \n\nRequired permission: AddDigitalWalletRequest\n" operationId: MastercardProvisioningGooglePayEncryptionRequest parameters: - name: InstitutionUniversalId in: path description: A unique identifier to establish the identity of an Institution/Environment/Brand combination required: true schema: type: string - name: X-Request-ID in: header description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 - name: X-Correlation-ID in: header description: Returned X-Request-ID schema: type: string - name: X-BusinessCorrelationId in: header description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string example: 123e4567-e89b-12d3-a456-426655440000 - name: X-WorkflowCorrelationId in: header description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string example: 123e4567-e89b-12d3-a456-426655440000 - name: X-AuditUserId in: header description: This is the User Id which the consumer would like written to the audit as performing the requested service. It will vary but could be down to the user id. It will not be use to authenticate, only audit information. schema: type: string example: UserId/UserName - name: X-AuditDeviceId in: header description: This is the device Id which the consumer would like written to the audit as performing the requested service. It will vary but could be down to the machine id or address. schema: type: string example: 192.168.0.101 - name: X-AuthenticationUserCredential in: header description: 'Authentication of the end-user (person at keyboard) Credentials in the form of a JSON Web Token (JWT). <br>Format is `type:token`. Type default is jwt. <br>Example `X-AuthenticationUserCredential: jwt:<GeneratedOidcJwt>` <br>Example `X-AuthenticationUserCredential: saml:<Generatedsaml>`' schema: type: string example: jwt:<GeneratedOidcJwt> - name: Authorization in: header description: 'JWT Token. Represents Callers Authentication Token in the form of a JWT generated by a OAuth 2.0 Identity Provider and conforms to the OpenID Connect specification. See [Security section] for other details. <br>Example `Authorization: bearer <GeneratedOidcJwt>`' required: true schema: type: string example: bearer <GeneratedOidcJwt> requestBody: content: application/json: schema: required: - serverSessionId - encryptedCardData type: object properties: deviceType: type: string description: Type of device the digital wallet token will be provisioned. enum: - MobilePhone - Watch - Tablet - Other nullable: true serverSessionId: type: string description: The GUID-formatted server session ID that is used to identify the provisioning session. minLength: 36 maxLength: 36 encryptedCardData: type: string description: Encrypted 'CardData'. See CardDataV1 schema. responses: '200': description: Ok headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-BusinessCorrelationId: description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string X-WorkflowCorrelationId: description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string X-Messages: description: Indicating messages/faults/errors returned schema: type: boolean default: false content: application/json: schema: type: object required: - cardToken - googleOpc - network - tokenServiceProvider properties: messageStatus: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string cardToken: type: string description: Tokenized PAN of the card that was provisioned. googleOpc: type: string description: The Google Opaque Payment Card data that is needed by GooglePay for tokenization. network: type: string description: The network the card was issued under. enum: - Mastercard tokenServiceProvider: type: string description: Indicates which token service provider processed the card data generated for provisioning. enum: - TOKEN_PROVIDER_MASTERCARD '400': description: Bad Request<hr> The server could not understand the request due to invalid syntax. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Messages: description: Indicating messages/faults/errors returned schema: type: boolean default: false X-BusinessCorrelationId: description: The correlation identification as related to business functions and activities. Generally expected to be a GUID. schema: type: string X-WorkflowCorrelationId: description: The correlation identification as related to workflow functions and activities. Generally expected to be a GUID. schema: type: string content: application/json: schema: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string '401': description: Unauthorized<hr> Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '403': description: Forbidden<hr> The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401, the clients identity is known to the server. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '404': description: Not Found<hr> The server can not find the requested resource. In an API, this can also mean that the endpoint is valid but the resource itself does not exist. Servers may also send this response instead of 403 to hide the existence of a resource from an unauthorized client. headers: X-Request-ID: description: To support communications level correlation due to some responses only having header data, a round-trip identifier (GUID) will be sent on every call from the consumer and returned by the service provider (or intermediary) regardless of the final disposition of the request/message. required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 X-Correlation-ID: description: To support communications level tracking between the source and final destinations, a unique round-trip identifier (GUID) will be sent on every call from the caller and returned in the response by the service providers regardless of the final disposition of the request/message. The x-correlation-id can be re-used by intermediaries and/or service-providers to communicate beyond themselves indicating that the calls THEY are making are part of the same original message. (i.e. they are correlated) required: true schema: type: string format: uuid example: 123e4567-e89b-12d3-a456-426655440000 '500': description: Generic Internal Error<hr> The server has encountered a situation it does not know how to handle. content: application/json: schema: type: object description: '`MessageStatus` is required/expected for non 2xx responses.' properties: ResponseCode: description: The code related to message responses type: string Description: description: The description related to the status code in a human readable format type: string MessageSource: description: The source of the response to a message. This would represent the service provider that carry out the business service for the message type: string MessageSourceResponse: type: object additionalProperties: true Details: description: The array of details as related to a fault response code type: array items: type: object properties: Code: description: The code assigned to a providers statuses type: string Category: description: ENUM[Error,Fault,Warning,Overridden] The category assigned to a providers message statuses type: string Description: description: The description related to the status code in a human readable format type: string Element: description: When an Error or Fault occurs this optional element will contain the element which is causing the condition type: string ElementValue: description: When an Error or Fault occurs this optional element will contain the value of the element which is causing the condition type: string Location: description: This is typically the program that generated the status condition type: string Logs: description: The array of logs as related to a response code type: array items: type: object properties: Store: description: The store that retains log entries type: string Key: description: The key related to a log entry specific to the log store type: string

Please ignore this field