post https://test.payu.in/merchant/postservice.php
API Command: get_user_cards
Use the Get User Cards API to get the card details of a customer in Model 2.
Note
While PayU token is sent in payment response, the network/issuer token creation may fail. In this case, the subsequent transaction with the said PayU token may fail. Merchant can do a get_user_cards API to fetch only active/tokenized cards or listen to notification API (to be published) to maintain state at your end.
The Get User Cards API (get_user_cards) is used to fetch all the cards for a customer which were saved earlier. In this API, the card number and other sensitive information are not returned.
HTTP Method: POST
Environment
| Test Environment | https://test.payu.in/merchant/postservice?form=2 |
| Production Environment | https://info.payu.in/merchant/postservice?form=2 |
Sample request
curl --request POST \
--url 'https://test.payu.in/merchant/postservice.php?form=2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'accept: text/html; charset=UTF-8' \
--data key=JPM7Fg \
--data command=get_user_cards \
--data var1=JPM7Fg:abc \
--data hash=3cba79d881a4f82daed99241d60142b1c6816b3c16c96f5a2d1cf2a09910a2e1eb440a5d70ffd232ef80cf9207f9e90378db43ad76f9f545e9dd3a3692c2de18
Sample response
- Cards are found in the vault for PCI Compliant Merchants
{
"status": 1,
"msg": "Cards fetched Succesfully",
"user_cards": {
"0c186bdb8c0ebda30ab9d92816772cbfb946d027": {
"card_no": "XXXXXXXXXXXX8548",
"card_token": "0c186bdbXXXbda3XXXd92816772cbXXX46d027",
"card_name": "nilesh2_card_name",
"card_mode": "CC",
"card_PAR": "RCKGgxEEFX1un19I",
"card_type": "VISA",
"issuer_token": {
"token_value": "8koNvAdC1bT0Hv5a",
"is_expired": 0,
"token_exp_mon": "11",
"token_exp_yr": "2021",
"token_bin": "123456"
},
"network_token": {
"token_value": "8koNvAdC1bT0Hv5a",
"is_expired": 0,
"token_exp_mon": "11",
"token_exp_yr": "2021",
"token_bin": "512345"
}
}
}
}
- Response for Non-PCI Compliant Merchants
{
"msg": "Cards fetched Succesfully",
"status": 1,
"user_cards": {
"9e299603hd4g7201b9cf6": {
"one_click_status": "",
"one_click_flow": "",
"card_type": "MAST",
"expiry_year": "2024",
"isDomestic": "Y",
"issuer_name": null,
"expiry_month": "02",
"card_mode": "DC",
"is_expired": "0",
"card_cvv": 1,
"card_no": "XXXXXXXXXXXX81",
"one_click_card_alias": "",
"card_token": "9e299603hd4g7201b9cf6",
"card_name": "MASTERCARD****7781",
"card_brand": "MAST",
"name_on_card": "TEST",
"card_bin": "519950"
}
}
}
- No cards are found for the user
{
"status": 0
"msg": Card not found.
}
Response parameters
| Parameter | Description | Example |
|---|---|---|
| status | The status of the response can be any of the following: 1: Success 2: Failure | 1 |
| msg | The description of the response whether the card details were stored successfully or not stored. | Cards fetched Succesfully |
| user_cards | (JSON format) | The details are sent by PayU in JSON format for the successful response. For more information, refer to the next table. | Refer the sample response. |
The details on the JSON format for a successful response is described in the following table:
| JSON Field | Description | Example |
|---|---|---|
| card_name | Note: This parameter has been deprecated. | NA |
| card_type | This field returns the card type code. For the list of card type codes, refer to Card Type Codes and Supported Banks for Cards. | CC |
| card_token | This field returns the PayU Token for the card. | 745d72e2fXXX7e88824fef4e7ed7dXXXfe624b7 |
| network_token | This field returns the details of the network token in a JSON format. | "token_value": "51XXX56789012346", "is_expired": 0, "token_exp_mon": "11", "token_exp_yr": "2021", "token_bin": "512345" } |
| issuer_token | This field returns the details of the issuer token in a JSON format. | { "token_value": "51XXX567890XXX46", "is_expired": 0, "token_exp_mon": "11", "token_exp_yr": "2021", "token_bin": "512345" } |
| is_expired | This field returns any of the following values to signify whether the card is active or not: 1: Card has expired 0: Card is active | 1 |
| card_mode | This field returns the card mode. | CC |
| card_no | This field returns a masked card number with only the last four digits. | xxxxxxxxxxxx2356 |
| card_brand | This field returns the card brand. | VISA |
| card_bin | Note: This parameter has been deprecated. | NA |
| token_bin | This field returns the token bin information of respective token type (network or issuer). | 123456 |
| card_PAR | This field returns the PAR (Payment Account Reference). This is a unique identity for the card across all the tokens. Typically, this will be used for offers and risk checks. | abcdefgh123456789123456789fgh |
| card_metadata | This field returns the JSON object with all the metadata and card art. | |
| token_exp_yr | This field returns the expiry year of the network token. | 2022 |
| token_exp_mon | This field returns the expiry month of the network token. | 10 |
| token_value | The field returns the value of the network or issuer token. | 51XXX5678XXX2346 |
Request parameters
Reference info for request parameters
| Parameter | Reference |
|---|---|
| key | For more information on how to generate the Key and Salt, refer to any of the following: - Production: Generate Merchant Key and Salt - Test: Generate Test Merchant Key and Salt |
| hash | Hash logic for this API is:sha512(key|command|var1|salt)
sha512 |