Proxy JOSE
This endpoint allows processing tokenized transactions using the JOSE standard for information security
Prerequisites
Before using this endpoint, a configuration process must be completed on our side using the RSA keys provided by the client:
Processor's public key
Merchant's private key
Base URL
https://api.firstoken.co/proxy/jose
Note: In case, you have to make some sandbox tests you must be called from the base URL https://api.firstoken-staging.co/proxy/jose
curl -X POST --location 'https://api.firstoken.co/proxy/jose' \
--header 'Content-Type: application/json' \
--header 'ft-access-key: <YOUR_API_KEY>' \
--data '{
"uniqueCode": "010200001",
"terminalId": "000AAAAA",
"purchaseAmount": 1200000,
"ivaTax": 0,
"currencyCode": "170",
"cardData": {
"cardNumber": "{{token:detokenize | extract:card}}",
"cardExpireMonth": "{{token:detokenize | extract:expiration | date: MM }}",
"cardExpireYear": "{{token:detokenize | extract:expiration | date: YY }}",
"cvv": null,
"brandId": "01",
"cardAccountTypeId": "00"
},
"installmentsNumber": 1,
"ipAddress": "190.66.124.31",
"references": [
{
"referenceKey": "codReferencia",
"referenceDescription": "9922"
},
{
"referenceKey": "documentoComprador",
"referenceDescription": "1111111111111"
}
],
"iacTax": 0,
"merchantNameAggregate": null,
"mcc": null,
"services": null,
"cofTransaction": null,
"recurringTransaction": "R",
"credentialOnFile": null
}'
Important notes
Token fields use special syntax depending on the token type:
For Permanent Tokens (using detokenization):
Card number:
{{token:detokenize | extract:card}}
Expiration date:
Month:
{{token:detokenize | extract:expiration | date: MM }}
Year:
{{token:detokenize | extract:expiration | date: YY }}
For Temporary Tokens (using transaction):
Card number:
{{token:transaction | extract:card}}
Expiration date:
Month:
{{token:transaction | extract:expiration | date: MM }}
Year:
{{token:transaction | extract:expiration | date: YY }}
Security
Communication is done through HTTPS.
Authentication is required via the
ft-access-key
header.Sensitive information is processed using the JOSE standard.
Last updated
Was this helpful?