Skip to main content
POST
/
payment-methods
/
{payment_method_id}
/
payment-service-tokens
Provision payment service token
using RestSharp;


var options = new RestClientOptions("https://api.sandbox.{id}.gr4vy.app/payment-methods/{payment_method_id}/payment-service-tokens");
var client = new RestClient(options);
var request = new RestRequest("");
request.AddHeader("Authorization", "Bearer <token>");
request.AddJsonBody("{\n  \"payment_service_id\": \"a7d6b829-aea5-407d-ab7f-138784b5ad2c\",\n  \"redirect_url\": \"https://example.com/callback\"\n}", false);
var response = await client.PostAsync(request);

Console.WriteLine("{0}", response.Content);
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.sandbox.{id}.gr4vy.app/payment-methods/{payment_method_id}/payment-service-tokens"

payload := strings.NewReader("{\n \"payment_service_id\": \"a7d6b829-aea5-407d-ab7f-138784b5ad2c\",\n \"redirect_url\": \"https://example.com/callback\"\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.sandbox.{id}.gr4vy.app/payment-methods/{payment_method_id}/payment-service-tokens")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"payment_service_id\": \"a7d6b829-aea5-407d-ab7f-138784b5ad2c\",\n \"redirect_url\": \"https://example.com/callback\"\n}")
.asString();
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.sandbox.{id}.gr4vy.app/payment-methods/{payment_method_id}/payment-service-tokens",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'payment_service_id' => 'a7d6b829-aea5-407d-ab7f-138784b5ad2c',
'redirect_url' => 'https://example.com/callback'
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
import requests

url = "https://api.sandbox.{id}.gr4vy.app/payment-methods/{payment_method_id}/payment-service-tokens"

payload = {
"payment_service_id": "a7d6b829-aea5-407d-ab7f-138784b5ad2c",
"redirect_url": "https://example.com/callback"
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
payment_service_id: 'a7d6b829-aea5-407d-ab7f-138784b5ad2c',
redirect_url: 'https://example.com/callback'
})
};

fetch('https://api.sandbox.{id}.gr4vy.app/payment-methods/{payment_method_id}/payment-service-tokens', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
curl --request POST \
--url https://api.sandbox.{id}.gr4vy.app/payment-methods/{payment_method_id}/payment-service-tokens \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"payment_service_id": "a7d6b829-aea5-407d-ab7f-138784b5ad2c",
"redirect_url": "https://example.com/callback"
}
'
{
  "type": "payment-service-token",
  "id": "d6ad71d5-6908-45d6-ab65-39c55475dd08",
  "payment_method_id": "9bdc4bc4-005e-4658-8eee-a309fc43cd4d",
  "payment_service_id": "50f2e61f-caac-4e12-8d79-30eaf8250423",
  "status": "succeeded",
  "approval_url": "https://api.example.app.gr4vy.com/payment-methods/f4fb0dd1-4ff9-46fb-965e-11de34aa6806/approve",
  "token": "<string>",
  "created_at": "2021-01-01T12:34:00.000+00:00",
  "updated_at": "2021-01-01T12:34:00.000+00:00"
}
{
"type": "error",
"code": "bad_request",
"status": 400,
"message": "Missing '****' field",
"details": [
{
"location": "body",
"type": "value_error.missing",
"pointer": "/payment_method/number",
"message": "field required"
}
]
}
{
"type": "error",
"code": "unauthorized",
"status": 401,
"message": "No valid API authentication found",
"details": []
}
{
"type": "error",
"code": "not_found",
"status": 404,
"message": "The resource could not be found",
"details": []
}
This endpoint requires the payment-methods.write scope.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

payment_method_id
string<uuid>
required

The ID of the payment method.

Example:

"46973e9d-88a7-44a6-abfe-be4ff0134ff4"

Body

application/json

Request body for provision a payment service token.

payment_service_id
string<uuid>
required

The ID of the payment service.

Example:

"a7d6b829-aea5-407d-ab7f-138784b5ad2c"

redirect_url
string<uri>
required

The redirect URL to redirect a buyer to after they have authorized their payment method. This only applies to payment methods that require buyer approval.

Example:

"https://example.com/callback"

security_code
string | null

The 3 or 4 digit security code often found on the card. This often referred to as the CVV or CVD.

The security code can only be set if the stored payment method represents a card.

Required string length: 3 - 4
Pattern: ^\d{3,4}$
Example:

"123"

Response

Returns the created payment service token.

A payment service token.

type
enum<string>

The type of this resource.

Available options:
payment-service-token
Example:

"payment-service-token"

id
string<uuid>

The unique ID of the token.

Example:

"d6ad71d5-6908-45d6-ab65-39c55475dd08"

payment_method_id
string<uuid>

The unique ID of the payment method.

Example:

"9bdc4bc4-005e-4658-8eee-a309fc43cd4d"

payment_service_id
string<uuid>

The unique ID of the payment service.

Example:

"50f2e61f-caac-4e12-8d79-30eaf8250423"

status
enum<string>

The state of the token.

  • processing - The payment method is still being stored.
  • buyer_approval_required - Storing the payment method requires the buyer to provide approval. Follow the approval_url for next steps.
  • succeeded - The payment method is approved and stored with all relevant payment services.
  • failed - Storing the payment method did not succeed.
Available options:
processing,
buyer_approval_required,
succeeded,
failed
Example:

"succeeded"

approval_url
string<uri> | null

The optional URL that the buyer needs to be redirected to to further authorize their payment.

Example:

"https://api.example.app.gr4vy.com/payment-methods/f4fb0dd1-4ff9-46fb-965e-11de34aa6806/approve"

token
string | null

The token value. Will be present if succeeded.

created_at
string<date-time>

The date and time when this token was first created in our system.

Example:

"2021-01-01T12:34:00.000+00:00"

updated_at
string<date-time>

The date and time when this token was last updated in our system.

Example:

"2021-01-01T12:34:00.000+00:00"