Direct Tokenization
POST
https://forwarding.sandbox.braintreegateway.com/tspParameters
The device_data parameter contains session identifiers ultimately used for Risk decisions. Provide the full string received from the Braintree client SDK.
The unique identifier of the merchant whose Vault will be accessed.
The payment_method_nonce of the payment instrument being tokenized.
The payment_method_token of the payment instrument being tokenized.
Tokenization Service Provider options
The currency code the max amount should apply to. Currently only enforced for Discover TPANs. Default USD.
If provided, the tokenized PAN may be used any number of times until expire_at, an ISO 8601 date with optional time. This does not set $expiration_month and/or $expiration_year. Currently only enforced for Discover TPANs.
The maximum amount the tokenized PAN can be charged. Currently only enforced for Discover TPANs.
If set to true, a cryptogram will be returned instead of a dynamic CVV. Currently only compatible with Visa network tokens. Default false.
device_dataStringThe device_data parameter contains session identifiers ultimately used for Risk decisions. Provide the full string received from the Braintree client SDK.
merchant_idStringThe unique identifier of the merchant whose Vault will be accessed.
payment_method_nonceStringThe payment_method_nonce of the payment instrument being tokenized.
payment_method_tokenStringThe payment_method_token of the payment instrument being tokenized.
tspobjectTokenization Service Provider options
currency_codeStringThe currency code the max amount should apply to. Currently only enforced for Discover TPANs. Default USD.
expire_atStringIf provided, the tokenized PAN may be used any number of times until expire_at, an ISO 8601 date with optional time. This does not set $expiration_month and/or $expiration_year. Currently only enforced for Discover TPANs.
max_amountStringThe maximum amount the tokenized PAN can be charged. Currently only enforced for Discover TPANs.
require_cryptogrambooleanIf set to true, a cryptogram will be returned instead of a dynamic CVV. Currently only compatible with Visa network tokens. Default false.
Tokenization in the sandbox environment
When calling the TSP (Token Service Provider) in the sandbox environment, test values for
number, cvv, expiration_month, and
expiration_year will be returned.
Example - Discover TPAN
- bash
curl https://forwarding.sandbox.braintreegateway.com/tsp -H "Content-Type: application/json" -X POST -u "${BRAINTREE_PUBLIC_KEY}:${BRAINTREE_PRIVATE_KEY}" -d '{
"merchant_id": "'"$BRAINTREE_MERCHANT_ID"'",
"payment_method_nonce": "fake-valid-nonce"
}'
# Returns JSON object with cvv, expiration_month, expiration_year and number, eg
# {"expiration_year":"2036","expiration_month":"4","cvv":"939","number":"6011000991300009"}Example - Visa network token
- bash
curl https://forwarding.sandbox.braintreegateway.com/tsp -H "Content-Type: application/json" -X POST -u "${BRAINTREE_PUBLIC_KEY}:${BRAINTREE_PRIVATE_KEY}" -d '{
"merchant_id": "'"$BRAINTREE_MERCHANT_ID"'",
"payment_method_nonce": "fake-valid-visa-nonce",
"tsp": {"require_cryptogram": true}
}'
# Returns JSON object with cryptogram, expiration_month, expiration_year, number and network TRID, eg
# {"cryptogram":"AgAAAAAAALm1mmu9TqJGQAAAAAA=",
# "expiration_year":"2036",
# "expiration_month":"4",
# "network_token_requestor_id":"40010036958",
# "number":"4012000033330521"}