Retrieve a Customer's Default Payment with an Unmasked
Card Number
This section describes how to retrieve a customer's default payment with an unmasked card
number.
IMPORTANT
To retrieve unmasked payment
details, you must ensure that your MLE key pair and your token vault are configured
correctly. For more information on MLE keys, see Message-Level Encryption Keys. For
more information on token vaults, see Token Vault Management. If
necessary, contact your
Cybersource
account manager or customer
support. The response is BASE 64-encoded JSON web
encryption (JWE) token. The decoded JWE has these elements:
{"alg": "RSA-OAEP-256", //The algorithm used to encrypt the CEK "cty": "json", //The content type "typ": "JWT", //The token type "enc": "A256GCM", //The algorithm that is used to encrypt the message "kid": "keyId" //The serial number of shared public cert for encryption of CEK } <Encrypted Data>//The encrypted payload that matches the JSON response normally returned by theTMSAPI, except with an unmasked payment details
Header Configuration
You must pass this request header to retrieve unmasked payment details:
Accept: application/jose
. The term
application/jose
refers to Javascript Object Signing and
Encryption (JOSE). JOSE is a framework that provides end-to-end security to
JavaScript Object Notation (JSON)-based data structures. JOSE achieves this by
offering a collection of specifications to encrypt and digitally sign JSON payloads.
In this case, the response is message-level encrypted using a JSON Web Token
(JWT).Endpoint
Test:
GET
https://apitest.cybersource.com
/tms/v2/customers/{customerTokenId}
Production:
GET
https://api.cybersource.com
/tms/v2/customers/{customerTokenId}
Production in India:
GET
https://api.in.cybersource.com
/tms/v2/customers/{customerTokenId}
The is the customer token ID returned in the
{customerTokenId}
id
field when you created the customer token. For more information, see Create a Customer.