PCI API
Important - ONLY for PCI-DSS compliant companies!
We provide an API endpoint to fetch sensitive card data like the PAN and CVV. This endpoint is ONLY available for companies that are PCI-DSS certified. All other API consumer need to use the PCI widget solution.
Introduction
Part of our API for PCI-DSS certified companies is the access to sensitive card data like PAN and CVV.
To access sensitive card data, a special encryption flow is necessary. This ensures that only the API consumer can use the sensitive card data, and no third party has access to it. This aligns with the PCI-DSS compliance framework and the secure handling of such data.
Prerequisites
To access PCI endpoints, partners must submit a valid and active PCI-DSS certification to Pliant. This ensures compliance with security standards and is required before using any PCI-related services.
Overview of How to Access Sensitive Card Data
For accessing sensitive card data we offer a dedicated and specially secured host. Its API is available under the base URLs:
pci-api.getpliant.comfor production environmentpci-sandbox.partner-api.getpliant.comfor the sandbox environment
PCI-DSS
Please make sure to handle such sensitive card data according to the PCI-DSS framework.
Requesting Sensitive Card Data
Synchronous Method (Recommended)
This method allows you to issue a card, activate it, and retrieve sensitive data in a single call. You can access it here.
Asynchronous Method
If your setup doesn't support the synchronous method, you can opt for the asynchronous or partially synchronous approaches. Depending on your infrastructure, you can implement different process flows:
- Call the instant issue card endpoint to create a new card - the status
200means the card is active - Call our dedicated API endpoint and fetch the sensitive card data
- Call the issue card endpoint to create a new card
- Wait for the relevant callback
- Call our dedicated API endpoint and fetch the sensitive card data
HTTP Request
| Parameter | Example Data | Description |
|---|---|---|
cardId | 9b5959d4-cb3b-4f4b-b53f-52cfefb652d5 | Pliant's card id |
curl --request GET \
--url https://pci-sandbox.partner-api.getpliant.com/card-details/9b5959d4-cb3b-4f4b-b53f-52cfefb652d5 \
--header 'Authorization: Bearer YOUR_TOKEN' \
--header 'Pliant-API-Version: 2.1.0' \
--header 'accept: application/json'
HTTP Response
{
"pan": "1234123412341234",
"cvv": "123",
"expiryMonth": 6,
"expiryYear": 2025
}
Additional Information
For more information on this topic contact [email protected]
Updated about 2 months ago