Actions

In the FirsToken Proxy there are some elements that allows you to run specifics tasks in the request before being forwarded to the desired destination.

All actions must be send between a double braked string, like this:

"{{ token: detokenize | extract: element | filter: format | encrypt }}"

The actions that are supported are the following:

• To choose the type of token to process, you can use:

  • :detokenize Used for describe a permanent token. Must be send concatenated to the token, Example: "69a96c12-ad1e-4392-b230-c154f8e4aabd:detokenize"

  • :transaction Used for describe an temporal token. Must be send concatenated to the token. Example: "69a96c12-ad1e-4392-b230-c154f8e4aabd:transaction"

• extract:element Used for extract an specific element from the token data, for example in a credit card context can be the pan, card holder name, cvv for temporal tokens and the expiration date.

  • Allowed elements:

    • card: get the card number

    • token: gets the card token

    • name: if exist gets the card holder name.

    • expiration: gets the expiration date.

    • cvv: get the cvv value. (works only with transaction - temporal token)

• filter: format Used to apply an specific date format (Only works with expiration dates values) As expiration just has months and year values, it allows formats like

  • "date: MM/YY"

  • "date: MM/YYYY"

  • "date: MM"

  • "date: YY"

  • "date: YYYY/MM"

• encrypt

  Used to apply an encryption algorithm to the resulting string value

  • Currently only supports RSA algorithm

  • The key must be sent as part of the request in the ft-encryption header

• parse: type Converts string values to numeric types. Only works for card-related fields:

  • Applicable fields:

    • expirationYear

    • expirationMonth

    • number

    • securityCode

  • Supported types:

    • integer

    • int

  • Example:

    {
        "card": {
            "expirationYear": "{{token:detokenize|extract:expiration|date:YYYY|parse:integer}}",
            "expirationMonth": "{{token:detokenize|extract:expiration|date:MM|parse:int}}",
            "number": "{{token:detokenize|extract:card}}",
            "securityCode": "897"
        } 
    }

  • Notes:

    • When using parse, the value will be sent as an integer instead of a string

      • Using unsupported types will result in an error:

    {
        "status_code": 400,
        "status": "fail",
        "description": "Invalid action:option combination received. action:option= parse:string",
        "data": ""
    }

The actions must be follow an order, the first action will indicate the token type (temporal or permanent), the second must be the extract task with an allowed element, next can be the filter, encrypt or parse action.