Firstoken API Docs
  • ⚙️API Reference
    • Firstoken API
      • Tokenization As A Service
        • Simple Tokenization
        • Simple Detokenization
        • Inspect Token
        • Delete Tokens
      • Transactions
        • Create a Transaction
        • Retrieve a Transaction
        • Inspect a Transaction
        • Delete a Transaction
        • Tokenize a Transaction
      • Proxy
        • Allowed Headers
        • Actions
        • Methods
          • POST - Proxy
          • GET - Proxy
          • PUT - Proxy
          • PATCH - Proxy
          • DELETE - Proxy
        • Get Payload Hash
        • Proxy JOSE
        • Proxy WSSEC
      • Inbound Routes
        • Create an Inbound - POST
      • Payments
        • Attributes of the Request
        • Common response
        • Endpoints
          • Authorizations
          • Reversals
          • Capture
            • Capture Refunds
            • Capture Void
          • Payments
            • Payment Refunds
            • Payment Void
          • Refunds void
          • Credit
            • Credit Void
          • Get Transaction Details
        • Decision Manager
          • How it works
          • Create decision
          • Update Decision
        • Risk Payer Authentication
          • How to use it
          • 3-D Secure Flows
            • Successful Frictionless Authentication
            • Unsuccessful Frictionless Authentication
            • Attempts Processing Frictionless Authentication
            • Unavailable Frictionless Authentication
            • Rejected Frictionless Authentication
            • Authentication not available on Lookup
            • Enrollment check error
            • Time-out
            • Bypassed Authentication
            • Successful Step-Up Authentication
            • Unsuccessful Step-Up Authentication
            • Unavailable Step-Up Authentication
            • Require Method URL
        • Point of Sale Payments
          • Authorization
          • Capture
          • Payment
          • Credit
  • 📖Guides
    • Firstoken Captures Hosted Iframe
      • How Firstoken Captures works
      • Generating a JSON Web Token
      • JSON form Schema
      • Iframe Communication
    • De-scoping Components
      • How Firstoken De-scoping Components works
      • Inbound Routes Module
        • Create an Inbound Route
        • Edit an Inbound Route
        • Delete an Inbound Route
      • Webhook Module
        • Create a Webhook
        • Edit a Webhook
        • Delete a Webhook
        • Webhook events
        • How to sign Webhooks data
      • Proxy Module
        • Create a Proxy
        • Edit a Proxy
        • Delete a Proxy
    • Firstoken Captures SDK JS
      • Getting Started
      • Functions
      • Type of Elements
      • Elements Options
      • CSS Object
      • Full Example of Usage
      • SDK versions
Powered by GitBook
On this page
  • API Reference
  • Authentication
  • IP Whitelist
  • Common response
  • Status Codes

Was this helpful?

  1. API Reference

Firstoken API

API Reference

These are the API docs for version 1 of Firstoken. API v1 is organized around REST. Our API allows developers to execute Tokenization functions via HTTPS client using TLS 1.2 protocol. The Firstoken API is a Web API that accepts JSON payloads and returns JSON-encoded responses and API key authentication.

Note: The base URL is https://api.firstoken.co/v1/

Note: For testing in a sandbox environment, the URL is as follows: https://api.firstoken-staging.co/v1/

Authentication

The Firstoken API uses an API key to authenticate requests. An API key is a token that a client provides when making API calls.

Your API keys carry many privileges, so make sure to keep them secure! Do not share your API keys in publicly accessible areas such as, client-side code, and so forth.

All API requests must be made over HTTPS TLS 1.2. Calls made over plain HTTP will fail. API requests without authentication will also fail. To get an API key you must sign in and go to the Keys section.

POST /v1/account
curl -X POST https://api.firstoken.co/v1/account \
-H 'x-api-key: YOUR_API_KEY' \
-H "Content-Type: application/json"

IP Whitelist

For additional protection all requests must be made from a verified IP address. You can add a secure IP address to an API key in the key creation process. If you already have an API key created, you can edit it and add the addresses you need. To start associating secure IPs with an API key or creating a new API key from scratch and associating secure IP addresses you must sign in and go to the API section.

Common response

Firstoken uses JSON-encoded responses. These responses maintain the same structure across all requests as follows:

Attributes

status_code: int

The status code represents the result of the operation that was performed. For successful transactions a code 200 is always returned for the others another code is returned.// Some code

status: string

The status is a string result that only has two possible values. "Success" or "Fail".

desc: string

The desc value represents a short description about the status code.

data: {object}

The data variable represents the information expected from the request made. For success requests a JSON is returned. For failure requests an empty string is returned.

EXAMPLE JSON RESPONSE STRUCTURE

{
    "status_code": 200,
    "status": success,
    "desc": "Success",
    "data": {}
}

Status Codes

Firstoken uses different codes in its responses. You can see the meaning of each response code in the HTTP status code table.

Code
Status
Description

200

Success

Success!

400

Fail

Bad request. Expected request values are missing.

403

Fail

Missing or incorrect authentication credentials. Ip whitelist missing.

500

Fail

Something is broken. This is usually a temporary error.

NextTokenization As A Service

Last updated 6 months ago

Was this helpful?

⚙️