WAPIsv2.0.0Trusted Cards
Retrieve Trusted Cards
Retrieve stored trusted card details
Retrieve trusted cards on file for the authenticated user. You can retrieve all cards or filter by UUID. Card numbers are masked for security.
If a UUID is supplied but is not linked to the authenticated user, the endpoint returns data: [].
Endpoints
GET /trusted-cardsGET /trusted-cards/{uuid}| Access | Requirement |
|---|---|
| Authenticated | Yes |
| Required Scope | wapi-trusted-cards-retrieve, or wapi-trusted-cards-all |
| Rate Limit | 15 requests per minute |
Request
Headers
| Header | Value |
|---|---|
Accept | application/json |
Authorization | Bearer <access_token> |
X-WAPI-Key | wapi_live_<kid>_<secret> or wapi_test_<kid>_<secret> |
Send exactly one of Authorization or X-WAPI-Key.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
uuid | string | No | The UUID of a specific trusted card to retrieve. Omit to retrieve all cards. |
Notes:
uuid, when provided, must be a valid UUID.verify_expiryis returned in UTC when the card is still awaiting verification.
Responses
200 OK
{
"message": "OK",
"data": [
{
"card_type": "visa",
"environment": "sandbox",
"exp_yy": "23",
"exp_mm": "12",
"first_name": "TEST",
"last_name": "TESTER",
"pan": "************1111",
"uuid": "213e4777-2179-4fbd-9540-84e8ed83187a",
"verified": false,
"verify_expiry": "2023-04-28T08:57:04+00:00"
}
]
}{
"message": "OK",
"data": [
{
"card_type": "visa",
"environment": "sandbox",
"exp_yy": "23",
"exp_mm": "12",
"first_name": "TEST",
"last_name": "TESTER",
"pan": "************1111",
"uuid": "213e4777-2179-4fbd-9540-84e8ed83187a",
"verified": true,
"verify_expiry": null
}
]
}{
"message": "OK",
"data": []
}Card Object
| Field | Type | Description |
|---|---|---|
uuid | string | Unique card identifier (UUID v4) |
card_type | string | Card brand (e.g., "visa", "mastercard") |
pan | string | Masked card number (last 4 digits visible) |
first_name | string | Cardholder's first name |
last_name | string | Cardholder's last name |
exp_mm | string | Expiration month (2 digits) |
exp_yy | string | Expiration year (2 digits) |
environment | string | "sandbox" or "live" |
verified | boolean | Whether the card has been verified |
verify_expiry | string | null | Verification deadline (null if verified) |
400 Bad Request
{
"message": "The uuid is not a valid UUID (version 4)."
}401 Unauthorized
{
"message": "Unauthorized"
}403 Forbidden
{
"message": "Invalid scope(s) provided."
}Example
curl -X GET "https://ttsb.wipayfinancial.com/wapi/trusted-cards/213e4777-2179-4fbd-9540-84e8ed83187a" \
-H "Accept: application/json" \
-H "Authorization: Bearer <access_token>"