Recent Revisions to This Document

About This Guide

Token Management Service
- Types of Tokens
  - Customer Tokens
  - Shipping Address Tokens
  - Payment Instrument Tokens
  - Instrument Identifier Tokens
  - Network Tokens
- Token Life-Cycle Management

Token Management Service Workflows
- PAN Tokenization Process Using TMS
- Network Token Tokenization Process
- Network Token Provisioning for Merchants
- Network Token CIT Authorizations for Merchants
- Network Token MIT Authorizations for Merchants
- Network Token Provisioning for Partners
- Network Token CIT Authorizations for Partners
- Network Token MIT Authorizations for Partners

Requesting the Token Management Service API
- HTTP Headers
- Case Sensitivity
- Metadata
- Patching Considerations
  - Pagination
- Supported Processors
- Test Card Numbers

Token Management Service Onboarding
- Merchant ID Hierarchy
- Merchant ID Registration
- Portfolio MIDs for Partners
- Token Vault Management
- Message-Level Encryption Keys

Network Tokenization
- Network Token Enablement
- Network Token Onboarding—Partner Model
- Token Requestor IDs

Manage Webhook Subscriptions
- Create Keys for Digital Signature
  - Required Fields for Creating Keys for Digital Signature Using the REST API
  - REST Example: Creating Keys for Digital Signature
- Create Webhook Subscription
  - Required Fields for Creating Webhook Subscription Using the REST API
  - REST Example: Creating a Webhook Subscription
- Retrieve Webhook Subscription Details
  - Required Fields for Retrieving Webhook Subscription Details Using the REST API
  - REST Example: Retrieving Webhook Subscription Details
- Update Webhook Subscription
  - Required Fields for Updating Webhook Subscription Using the REST API
  - REST Example: Updating Webhook Subscriptions
- Delete Webhook Subscription
  - Required Field for Deleting a Webhook Subscription Using the REST API
  - REST Example: Deleting a Webhook Subscription

Customer Tokens
- Manage Customer Tokens
  - Create a Customer
    - Required Fields for Creating a Customer Using the REST API
    - REST Example: Creating a Customer
    - REST Interactive Example: Creating a Customer
  - Retrieve a Customer
    - Required Fields for Retrieving a Customer
    - REST Example: Retrieving a Customer
  - Update a Customer
    - Required Fields for Updating a Customer
    - Optional Fields for Updating a Customer
    - REST Example: Updating a Customer
    - REST Interactive Example: Updating a Customer
  - Delete a Customer
    - Required Fields for Deleting a Customer Token
    - REST Example: Deleting a Customer
  - Retrieve a Customer's Default Payment with Unmasked Card Number
    - Required Fields for Retrieving a Customer's Default Payment with Unmasked Card Number Using the REST API
    - REST Example: Retrieving a Customer's Default Payment with Unmasked Card Number
  - Retrieve a Customer's Default Payment and Shipping Details
    - Required Fields for Retrieving a Customer's Default Payment and Shipping Details Using the REST API
    - REST Example: Retrieving a Customer's Default Payment and Shipping Details
- Payments with Customer Tokens
  - Create a Customer Token with Validated Payment Details
    - Required Fields for Creating a Customer Token with Validated Payment Details Using the REST API
    - REST Example: Creating a Customer Token with Validated Payment Details
  - Authorize a Payment with a Customer Token
    - Required Fields for Authorizing a Payment with a Customer Token Using the REST API
    - REST Example: Authorizing a Payment with a Customer Token
    - REST Example: Authorizing a Payment Using a Customer Token Linked to a Network Token
  - Make a Credit with a Customer Token
    - Required Fields for Making a Credit with a Customer Token Using the REST API
    - REST Example: Making a Credit with a Customer Token

Shipping Address Tokens
- Manage Shipping Address Tokens
  - Create a Customer Shipping Address
    - Required Fields for Creating a Customer Shipping Address
    - REST Example: Creating a Customer Shipping Address
    - REST Interactive Example: Creating a Customer Shipping Address
  - Add a Default Shipping Address
    - Required Fields for Adding a Default Shipping Address Using the REST API
    - REST Example: Adding a Default Shipping Address
  - Add a Non-Default Shipping Address
    - Required Fields for Adding a Non-Default Shipping Address Using the REST API
    - REST Example: Adding a Non-Default Shipping Address
  - Change a Default Shipping Address
    - Required Fields for Changing a Default Shipping Address Using the REST API
    - REST Example: Changing Default Shipping Address
  - Retrieve a Customer Shipping Address
    - Required Fields for Retrieving a Customer Shipping Address
    - REST Example: Retrieving a Shipping Address
  - Retrieve All Customer Shipping Addresses
    - Required Fields for Retrieving all Customer Shipping Addresses
    - REST Example: Retrieving All Customer Shipping Addresses
  - Update a Customer Shipping Address
    - Required Fields for Updating a Customer Shipping Address
    - REST Example: Updating a Customer Shipping Address
    - REST Interactive Example: Updating a Customer Shipping Address
  - Delete a Customer Shipping Address
    - Required Fields for Deleting a Customer Shipping Address
    - REST Example: Deleting a Customer Shipping Address
- Payments with Shipping Address Tokens
  - Authorize a Payment with a Non-Default Shipping Address
    - Required Fields for Authorizing a Payment with a Non-Default Shipping Address Using the REST API
    - REST Example: Authorizing a Payment with a Non-Default Shipping Address

Customer Payment Instrument Tokens
- Manage Customer Payment Instrument Tokens
  - Create a Customer Payment Instrument
    - Required Fields for Creating a Customer Payment Instrument Using the REST API
    - Optional Fields for Creating a Customer Payment Instrument Using the REST API
    - REST Example: Creating a Customer Payment Instrument
    - REST Interactive Example: Creating a Customer Payment Instrument
  - Add a Default Payment Instrument Using Instrument Identifier
    - Required Fields for Adding a Default Payment Instrument Using Instrument Identifier Using the REST API
    - Optional Fields for Adding a Default Payment Instrument Using Instrument Identifier Using the REST API
    - REST Example: Adding a Default Payment Instrument Using Instrument Identifier
  - Add a Default Payment Instrument with Validated Payment
    - Required Fields for Adding a Default Payment Instrument with Validated Payment Using the REST API
    - REST Example: Adding a Default Payment Instrument with Validated Payment
  - Add a Non-Default Payment Instrument Using Instrument Identifier
    - Required Fields for Adding a Non-Default Payment Instrument Using Instrument Identifier Using the REST API
    - Optional Fields for Adding a Non-Default Payment Instrument Using Instrument Identifier Using the REST API
    - REST Example: Adding a Non-Default Payment Instrument Using Instrument Identifier
  - Add a Non-Default Payment Instrument with Validated Payment
    - Required Fields for Adding a Non-Default Payment Instrument with Validated Payment Using the REST API
    - REST Example: Adding a Non-Default Payment Instrument with Validated Payment
  - Change a Customer's Default Payment Instrument
    - Required Fields for Changing a Customer's Default Payment Instrument Using the REST API
    - REST Example: Changing a Customer's Default Payment Instrument
  - Retrieve a Customer Payment Instrument
    - Required Fields for Retrieving a Customer Payment Instrument Using the REST API
    - REST Example: Retrieving a Customer Payment Instrument
  - Retrieve a Customer Payment Instrument with Unmasked Card Number
    - Required Fields for Retrieving a Customer Payment Instrument with Unmasked Card Number Using the REST API
    - REST Example: Retrieving a Customer Payment Instrument with Unmasked Card Number
  - List Payment Instruments for a Customer
    - Required Fields for Listing Payment Instruments for a Customer Using the REST API
    - REST Example: Listing Payment Instruments for a Customer
  - Update a Customer Payment Instrument
    - Required Fields for Updating a Customer Payment Instrument Using the REST API
    - Optional Fields for Updating a Customer Payment Instrument Using the REST API
    - REST Example: Updating a Customer Payment Instrument
    - REST Interactive Example: Updating a Customer Payment Instrument
  - Delete a Customer Payment Instrument
    - Required Fields for Deleting a Customer Payment Instrument Using the REST API
    - REST Example: Deleting a Customer Payment Instrument
- Payments with Customer Payment Instrument Tokens
  - Authorize a Payment with Non-Default Payment Instrument
    - Required Fields for Authorizing a Payment with Non-Default Payment Instrument Using the REST API
    - Optional Fields for Authorizing a Payment with Non-Default Payment Instrument Using the REST API
    - REST Example: Authorizing a Payment with Non-Default Payment Instrument
  - Make a Credit with Non-Default Payment Instrument
    - Required Fields for Making a Credit with Non-Default Payment Instrument Using the REST API
    - Optional Fields for Making a Credit with Non-Default Payment Instrument Using the REST API
    - REST Example: Making a Credit with Non-Default Payment Instrument

Payment Instrument Tokens
- Manage Payment Instrument Tokens
  - Create a Payment Instrument
    - Required Fields for Creating a Payment Instrument Using the REST API
    - Optional Fields for Creating a Payment Instrument Using the REST API
    - REST Example: Creating a Payment Instrument
    - REST Interactive Example: Creating a Payment Instrument
  - Retrieve a Payment Instrument
    - Required Fields for Retrieving a Payment Instrument Using the REST API
    - REST Example: Retrieving a Payment Instrument
  - Find Payment Instruments by Card Number
    - Required Fields for Finding Payment Instruments by Card Number Using the REST API
    - REST Example: Finding Payment Instruments by Card Number
  - Retrieve a Payment Instrument with Unmasked Card Number
    - Required Fields for Retrieving a Payment Instrument with Unmasked Card Number Using the REST API
    - REST Example: Retrieving a Payment Instrument with Unmasked Card Number
  - Update a Payment Instrument
    - Required Fields for Updating a Payment Instrument Using the REST API
    - Optional Fields for Updating a Payment Instrument Using the REST API
    - REST Example: Updating a Payment Instrument
    - REST Interactive Example: Updating a Payment Instrument
  - Delete a Payment Instrument
    - Required Fields for Deleting a Payment Instrument Using the REST API
    - REST Example: Deleting a Payment Instrument
- Payments with Payment Instrument Tokens
  - Authorize a Payment with a Payment Instrument
    - Required Fields for Authorizing a Payment with a Payment Instrument Using the REST API
    - Optional Fields for Authorizing a Payment with a Payment Instrument Using the REST API
    - REST Example: Authorizing a Payment with a Payment Instrument
  - Make a Credit with a Payment Instrument
    - Required Fields for Making a Credit with a Payment Instrument Using the REST API
    - REST Example: Making a Credit with a Payment Instrument

Instrument Identifier Tokens
- Manage Instrument Identifier Tokens
  - Create an Instrument Identifier
    - Required Fields for Creating an Instrument Identifier Using the REST API
    - Optional Fields for Creating an Instrument Identifier Using the REST API
    - REST Example: Creating a Card Instrument Identifier
    - REST Interactive Example: Creating an Instrument Identifier
    - REST Example: Creating a Bank Account Instrument Identifier
  - Retrieve an Instrument Identifier
    - Required Fields for Retrieving an Instrument Identifier Using the REST API
    - REST Example: Retrieving an Instrument Identifier
    - REST Interactive Example: Retrieving an Instrument Identifier
  - Update an Instrument Identifier
    - Required Fields for Updating an Instrument Identifier Using the REST API
    - Optional Fields for Updating an Instrument Identifier Using the REST API
    - REST Example: Updating an Instrument Identifier
    - REST Interactive Example: Updating an Instrument Identifier
  - Retrieve an Instrument Identifier's Payment Instruments
    - Required Fields for Retrieving an Instrument Identifier's Payment Instruments Using the REST API
    - REST Example: Retrieving an Instrument Identifier's Payment Instruments
    - REST Interactive Example: Retrieving an Instrument Identifier's Payment Instruments
  - Retrieve an Instrument Identifier with Unmasked Card Number
    - Required Fields for Retrieving an Instrument Identifier with Unmasked Card Number Using the REST API
    - REST Example: Retrieving an Instrument Identifier with Unmasked Card Number
  - Delete an Instrument Identifier
    - Required Fields for Deleting an Instrument Identifier Using the REST API
    - REST Example: Deleting an Instrument Identifier
    - REST Interactive Example: Deleting an Instrument Identifier
- Payments with Instrument Identifier Tokens
  - Create an Instrument Identifier Token with Validated Payment Details
    - Required Fields for Creating an Instrument Identifier Token with Validated Payment Details Using the REST API
    - REST Example: Creating an Instrument Identifier with Validated Payment Details
  - Authorize a Payment with an Instrument Identifier
    - Required Fields for Authorizing a Payment with an Instrument Identifier Using the REST API
    - REST Example: Authorizing a Payment with an Instrument Identifier
    - REST Interactive Example: Authorizing a Payment with an Instrument Identifier
  - Make a Credit with an Instrument Identifier
    - Required Fields for Making a Credit with an Instrument Identifier Using the REST API
    - REST Example: Making a Credit with an Instrument Identifier
    - REST Interactive Example: Making a Credit with an Instrument Identifier

Legacy Tokens
- Payments with Legacy Tokens
  - Authorize a Payment with Legacy Token
    - Required Fields for Authorizing a Payment with Legacy Token Using the REST API
    - REST Example: Authorizing a Payment with Legacy Token
    - REST Interactive Example: Authorizing a Payment with a Legacy Token
  - Make a Credit with Legacy Token
    - Required Fields for Making a Credit with Legacy Token Using the REST API
    - REST Example: Making a Credit with Legacy Token

Network Tokens for Merchants
- Payments with Network Tokens for Merchants
  - Authorize a Payment Ignoring Network Token
    - Required Fields for Authorizing a Payment Ignoring Network Token Using the REST API
    - REST Example: Authorizing a Payment Ignoring Network Token
- Manage Merchant-Initiated Transactions and Network Tokens
  - Update Merchant-Initiated Transaction Authorization Options
    - Required Fields for Updating MIT Authorization Options Using the REST API
    - REST Example: Updating MIT Authorization Options

Network Tokens for Partners
- Manage Network Tokens for Partners
  - Provision a Network Token for a Card Number
    - Required Fields for Provisioning a Network Token for a Card Number Using the REST API
    - Optional Fields for Provisioning a Network Token for a Card Number Using the REST API
    - REST Example: Provisioning a Network Token for a Card Number
  - Provision a Network Token for an Existing Instrument Identifier
    - Required Fields for Provisioning a Network Token for an Existing Instrument Identifier Using the REST API
    - Optional Fields for Provisioning a Network Token for an Existing Instrument Identifier Using the REST API
    - REST Example: Provisioning a Network Token for an Existing Instrument Identifier
    - REST Interactive Example: Provisioning a Network Token for an Existing Instrument Identifier
  - Retrieve a Network Token for Payment Credentials
    - Required Fields for Retrieving a Network Token for Payment Credentials Using the REST API
    - REST Example: Retrieving a Network Token for Payment Credentials
  - Retrieve an Instrument Identifier
    - Required Fields for Retrieving an Instrument Identifier Using the REST API
    - REST Example: Retrieving an Instrument Identifier
    - REST Interactive Example: Retrieving an Instrument Identifier
  - Delete an Instrument Identifier
    - Required Fields for Deleting an Instrument Identifier Using the REST API
    - REST Example: Deleting an Instrument Identifier
    - REST Interactive Example: Deleting an Instrument Identifier
- Network Token Provision Failures

Using Token Management Service with Wallet Apps
- Manage Tokens with Wallet Apps
  - Create a New Customer Account
  - Add a New Shipping Address
  - Edit or Delete a Shipping Address
  - Create a New Payment Instrument with the Payments API
  - Edit or Delete a Payment Method
  - Change the Default Payment Method
  - Add a New Payment Method Address
  - View Wallet
- Payments with Tokens and Wallet Apps
  - Authorize a Payment

Reference Information
- Encrypt and Decrypt Data
- HTTP Status Codes

Supported Processors

On This Page

Message-Level Encryption Keys

When events contain personally identifiable information, such as payment information, the notifications are sent using message-level encryption. Before you can send requests for Cybersource services using message-level encryption, you must go to the Business Center and create a security key for your Cybersource merchant account.

Message-level encryption keys expire after 3 years.

Security keys can be used to make any request, including payments. Treat your security keys as you would any secure password.

You must use separate keys for the test and production environments.

For more information on how to create message-level encryption keys, see Creating a Message-Level Encryption Key.