Firstoken API Docs
  • ⚙️API Reference
    • Firstoken API
      • Tokenization As A Service
        • Simple Tokenization
        • Simple Detokenization
        • Inspect Token
        • Delete Tokens
      • Transactions
        • Create a Transaction
        • Retrieve a Transaction
        • Inspect a Transaction
        • Delete a Transaction
        • Tokenize a Transaction
      • Proxy
        • Allowed Headers
        • Actions
        • Methods
          • POST - Proxy
          • GET - Proxy
          • PUT - Proxy
          • PATCH - Proxy
          • DELETE - Proxy
        • Get Payload Hash
        • Proxy JOSE
        • Proxy WSSEC
      • Inbound Routes
        • Create an Inbound - POST
      • Payments
        • Attributes of the Request
        • Common response
        • Endpoints
          • Authorizations
          • Reversals
          • Capture
            • Capture Refunds
            • Capture Void
          • Payments
            • Payment Refunds
            • Payment Void
          • Refunds void
          • Credit
            • Credit Void
          • Get Transaction Details
        • Decision Manager
          • How it works
          • Create decision
          • Update Decision
        • Risk Payer Authentication
          • How to use it
          • 3-D Secure Flows
            • Successful Frictionless Authentication
            • Unsuccessful Frictionless Authentication
            • Attempts Processing Frictionless Authentication
            • Unavailable Frictionless Authentication
            • Rejected Frictionless Authentication
            • Authentication not available on Lookup
            • Enrollment check error
            • Time-out
            • Bypassed Authentication
            • Successful Step-Up Authentication
            • Unsuccessful Step-Up Authentication
            • Unavailable Step-Up Authentication
            • Require Method URL
        • Point of Sale Payments
          • Authorization
          • Capture
          • Payment
          • Credit
  • 📖Guides
    • Firstoken Captures Hosted Iframe
      • How Firstoken Captures works
      • Generating a JSON Web Token
      • JSON form Schema
      • Iframe Communication
    • De-scoping Components
      • How Firstoken De-scoping Components works
      • Inbound Routes Module
        • Create an Inbound Route
        • Edit an Inbound Route
        • Delete an Inbound Route
      • Webhook Module
        • Create a Webhook
        • Edit a Webhook
        • Delete a Webhook
        • Webhook events
        • How to sign Webhooks data
      • Proxy Module
        • Create a Proxy
        • Edit a Proxy
        • Delete a Proxy
    • Firstoken Captures SDK JS
      • Getting Started
      • Functions
      • Type of Elements
      • Elements Options
      • CSS Object
      • Full Example of Usage
      • SDK versions
Powered by GitBook
On this page

Was this helpful?

  1. API Reference
  2. Firstoken API

Proxy

Firstoken Proxy is a rest API that allows you to create HTTP requests containing sensitive tokenized data and send it from your systems securely without needing to access raw token data. The third-party application may include token identifiers, as "{{ | extract | encrypt }}", within the request and send this request through Firstoken systems to replace the token data in the request before forwarding it to the desired destination.

Proxy API uses JSON-encoded requests and responses and uses standard authentication, like the other FirsToken APIs.

In other words, our Proxy is a simple way to simplify the secure transfer of sensitive data via HTTP API calls.

Note: All Proxies must be called from the base URL https://api.firstoken.co/

Note: In case, you have to make some sandbox tests you must be called from the base URL https://api.firstoken-staging.co/proxy

When making a request through the Proxy, it will attempt to detokenize any expressions present in the request, containing the token with the filters sent, and then inject the raw token data corresponding to each filter, into the request body before to be sent to the subsequent destination.

This allows to resolve the case where tokenized information needs to be sent to a third party and the third party receives the raw information securely while keeping your systems out of compliance scope.

PreviousTokenize a TransactionNextAllowed Headers

Last updated 10 months ago

Was this helpful?

⚙️