Mange Card Tokens
Learn how to retrieve, and delete card tokens.
Throughout this page, you will learn how to:
List Card Tokens
This API can be used to retrieve saved card tokens for one of your clients. In case you are still in development phase, you will need to call our API using GET at the following staging endpoint API point URL
Meanwhile, whenever you are ready for production, you should use the following production API endpoint URL instead
Detailed description of the parameters that you need to incorporate into your GET request are given in the table below.
| Parameter | type | required | Description |
|---|---|---|---|
| merchantCode | String |
required | The merchant code provided by FawryPay team during the account setup. |
| customerProfileId | Integer |
required | The unique customer profile ID in merchant system. This can be the user ID. |
| signature | String |
required | The SHA-256 digested for the following concatenated string merchantCode + customerProfileId + secureKey |
An example call of list card token API is given below.
function FawryPayListCardToken(transaction_data) {
const PaymentData = {
merchantCode: transaction_data.merchantCode,
customerProfileId : transaction_data.customerProfileId,
signature : transaction_data.signature
};
// Use fetch to send the request to list card tokens API.
// https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch
const response = await fetch('https://www.FawryPay.com/ECommerceWeb/Fawry/cards/cardToken', {
method: 'GET',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(PaymentData),
});
// Return and display the result of the charge.
return response.json();
}
$merchantCode = '1tSa6uxz2nTwlaAmt38enA==';
$merchant_cust_prof_id = '777777';
$merchant_sec_key = '259af31fc2f74453b3a55739b21ae9ef'; // For the sake of demonstration
$signature = hash('sha256' , $merchantCode . $merchant_cust_prof_id . $merchant_sec_key);
$httpClient = new \GuzzleHttp\Client(); // guzzle 6.3
$response = $httpClient->request('GET', 'https://www.FawryPay.com/ECommerceWeb/Fawry/cards/cardToken', [
'query' => [
'merchantCode' => $merchantCode,
'customerProfileId'=> '777777',
'signature' => $signature
]
]);
$response = json_decode($response->getBody()->getContents(), true);
$paymentStatus = $response['type']; // get response values
# importing the requests library
import requests
# importing Hash Library
import hashlib
# FawryPay List Card Tokens API Endpoint
URL = "https://www.FawryPay.com/ECommerceWeb/Fawry/cards/cardToken"
# Payment Data
merchantCode = '1tSa6uxz2nRbgY+b+cZGyA=='
merchant_cust_prof_id = '777777'
merchant_sec_key = '259af31fc2f74453b3a55739b21ae9ef' // For the sake of demonstration
signature = hashlib.sha256(merchantCode + merchant_cust_prof_id + merchant_sec_key).hexdigest()
# defining a params dict for the parameters to be sent to the API
PaymentData = {
'merchantCode' : merchantCode,
'customerProfileId' : '777777',
'signature' : signature
}
# sending get request and saving the response as response object
status_request = requests.get(url = URL, params = json.dumps(PaymentData))
# extracting data in json format
status_response = status_request.json()
function FawryPayListCardToken() {
let merchantCode = "1tSa6uxz2nRbgY+b+cZGyA==";
let merchant_cust_prof_id = "777777";
let merchant_sec_key = "259af31fc2f74453b3a55739b21ae9ef";
let signature_body = merchantCode.concat(merchantCode , merchant_cust_prof_id , merchant_sec_key);
let sha256 = new jsSHA('SHA-256', 'TEXT');
sha256.update(signature_body);
let hash_signature = sha256.getHash("HEX");
axios.get('https://www.FawryPay.com/ECommerceWeb/Fawry/cards/cardToken', {
'merchantCode' : merchantCode,
'customerProfileId' : '777777',
'signature' : hash_signature
})
.then(response => {
// Get Response Contents
let type = response.data.type;
let token = response.data.cards.token;
//
})
.catch(error => {
console.log(error.response.data)
})
}
$ curl https://www.FawryPay.com/ECommerceWeb/Fawry/cards/cardToken \
-H "content-type: application/json" \
-X GET \
-d "{
"merchantCode" : "1tSa6uxz2nTwlaAmt38enA==",
"customerProfileId" : "777777",
"signature" : "3f527d0209f4fa5e370caf46f66597c6a7c04580c827ca1f29927ec0d9215131"
}"
URL url = new URL ("https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken");
HttpURLConnection con = (HttpURLConnection)url.openConnection();
con.setRequestMethod("GET");
con.setRequestProperty("Content-Type", "application/json; utf-8");
con.setRequestProperty("Accept", "application/json");
con.setDoOutput(true);
String jsonInputString = "{
"merchantCode" : "1tSa6uxz2nTwlaAmt38enA==",
"customerProfileId" : "777777",
"signature" : "3f527d0209f4fa5e370caf46f66597c6a7c04580c827ca1f29927ec0d9215131",
}";
try(OutputStream os = con.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try(BufferedReader br = new BufferedReader(
new InputStreamReader(con.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
using System;
using System.IO;
using System.Linq;
using System.Net;
using System.Text;
using Newtonsoft.Json;
namespace FawryPayRequest
{
public class Program
{
static void Main(string[] args)
{
PostJson("https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken", new fawrypay_request
{
merchantCode = "1tSa6uxz2nRbgY+b+cZGyA==",
customerProfileId = "777777",
signature = "3f527d0209f4fa5e370caf46f66597c6a7c04580c827ca1f29927ec0d9215131"
});
}
private static void PostJson(string uri, fawrypay_request postParameters)
{
string postData = JsonConvert.SerializeObject(postParameters);
byte[] bytes = Encoding.UTF8.GetBytes(postData);
let httpWebRequest = (HttpWebRequest) WebRequest.Create(uri);
httpWebRequest.Method = "GET";
httpWebRequest.ContentLength = bytes.Length;
httpWebRequest.ContentType = "text/json";
using (Stream requestStream = httpWebRequest.GetRequestStream())
{
requestStream.Write(bytes, 0, bytes.Count());
}
var httpWebResponse = (HttpWebResponse) httpWebRequest.GetResponse();
if (httpWebResponse.StatusCode != HttpStatusCode.OK)
{
string message = String.Format("GET failed. Received HTTP {0}", httpWebResponse.StatusCode);
throw new ApplicationException(message);
}
}
}
public class fawrypay_request
{
public string merchantCode { get; set; }
public string customerProfileId { get; set; }
public string signature { get; set; }
}
}
Sample Request Query Parameters
https://www.fawrypay.com/ECommerceWeb/Fawry/cards/cardToken?merchantCode=1tSa6uxz2nRbgY%2Bb%2BcZGyA%3D%3D&customerProfileId=777777&signature=2ca4c078ab0d4c50ba90e31b3b0339d4d4ae5b32f97092dd9e9c07888c7eef36
FawryPay Sample Response
Whenever you call FawryPay list card token API, you should expect a response in the form of JSON object which contains the saved token information of your client.
Sample List Card Tokens API Response
Response Parameters Description
| Parameter | type | Description | Example | |
|---|---|---|---|---|
| type | String |
Response Type | CardTokenResponse | |
| cards
|
||||
| token | String |
The saved card token for your requested client ID. | c44f3f20d92e..... | |
| creationDate | Integer |
Timestamp of the token creation date. | 1514744801948 | |
| lastFourDigits | Integer |
The last four digits of the card | 1234 | |
| brand | String |
The card issuer brand name | VISA - Master Card | |
| statusCode | Integer |
The response status code | 200 | |
| statusDescription | String |
required | Operation done successfully | |
GEThttps://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardTokenResponse
// API Response Data Should Appear here
// This is a sample successful Response
{
"type": "CustomerTokensResponse",
"cards": [{
"token": "175ad7e434474c6aa31f6e026b30fcfafbc8a27f754f64d237f48ee9f217317e",
"creationDate": 1514747422308,
"lastFourDigits": "0001",
"brand": "Visa Card"
}],
“statusCode": 200,
"statusDescription": "Operation done successfully"
}
Delete Card Token
This API can be used to delete a pre-saved card token of one of your clients. In case you are still in development phase, you will need to call our API using DELETE at the following staging endpoint API point URL
Meanwhile, whenever you are ready for production, you should use the following production API endpoint URL instead
Detailed description of the parameters that you need to incorporate into your DELETE request are given in the table below.
| Parameter | type | required | Description |
|---|---|---|---|
| merchantCode | String |
required | The merchant code provided by FawryPay team during the account setup. |
| customerProfileId | Integer |
required | The unique customer profile ID in merchant system. This can be the user ID. |
| signature | String |
required | The SHA-256 digested for the following concatenated string merchantCode + customerProfileId + cardToken + secureKey |
| cardToken | String |
required | The specific card token you wish to delete. |
An example call of delete card token API is given below.
function FawryPayDeleteCardToken(transaction_data) {
const RequestData = {
merchantCode: transaction_data.merchantCode,
customerProfileId : transaction_data.customerProfileId,
signature : transaction_data.signature,
cardToken : transaction_data.cardToken
};
// Use fetch to send the delete request to FawryPay Delete Token API.
// https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch
const response = await fetch('https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken', {
method: 'DELETE',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(RequestData),
});
// Return and display the result of the charge.
return response.json();
}
$merchantCode = '1tSa6uxz2nTwlaAmt38enA==';
$merchant_cust_prof_id = '777777';
$cardToken = '48527d0209f4fa5e37cdeaf46f66f5c6a7c04580c827ca1f29927ec0d9215131';
$merchant_sec_key = '259af31fc2f74453b3a55739b21ae9ef'; // For the sake of demonstration
$signature = hash('sha256' , $merchantCode . $merchant_cust_prof_id . $cardToken . $merchant_sec_key);
$httpClient = new \GuzzleHttp\Client(); // guzzle 6.3
$response = $httpClient->request('DELETE', 'https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken', [
'query' => [
'merchantCode' => $merchantCode,
'customerProfileId'=> '777777',
'cardToken' => $card_token,
'signature' => $signature
]
]);
$response = json_decode($response->getBody()->getContents(), true);
$paymentStatus = $response['type']; // get response values
# importing the requests library
import requests
# importing Hash Library
import hashlib
# FawryPay Delete Token API Endpoint
URL = "https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken"
# Request Data
merchantCode = '1tSa6uxz2nRbgY+b+cZGyA=='
merchant_cust_prof_id = '777777'
merchant_sec_key = '259af31fc2f74453b3a55739b21ae9ef' // For the sake of demonstration
cardToken = '48527d0209f4fa5e37cdeaf46f66f5c6a7c04580c827ca1f29927ec0d9215131'
signature = hashlib.sha256(merchantCode + merchant_cust_prof_id + cardToken + merchant_sec_key).hexdigest()
# defining a params dict for the parameters to be sent to the API
PaymentData = {
'merchantCode' : merchantCode,
'customerProfileId' : '777777',
'cardToken' : cardToken,
'signature' : signature
}
# sending delete request and saving the response as response object
status_request = requests.delete(url = URL, params = json.dumps(PaymentData))
# extracting data in json format
status_response = status_request.json()
function FawryPayDeleteCardToken() {
let merchantCode = "1tSa6uxz2nRbgY+b+cZGyA==";
let merchant_cust_prof_id = "777777";
let merchant_sec_key = "259af31fc2f74453b3a55739b21ae9ef";
vaf cardToken = "48527d0209f4fa5e37cdeaf46f66f5c6a7c04580c827ca1f29927ec0d9215131";
let signature_body = merchantCode.concat(merchantCode , merchant_cust_prof_id , cardToken , merchant_sec_key);
let sha256 = new jsSHA('SHA-256', 'TEXT');
sha256.update(signature_body);
let hash_signature = sha256.getHash("HEX");
axios.delete('https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken', {
'merchantCode' : merchantCode,
'customerProfileId' : '777777',
'cardToken' : cardToken,
'signature' : hash_signature
})
.then(response => {
// Get Response Contents
let type = response.data.type;
let statusCode = response.data.statusCode;
//
})
.catch(error => {
console.log(error.response.data)
})
}
$ curl https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken \
-H "content-type: application/json" \
-X DELETE \
-d "{
"merchantCode" : "1tSa6uxz2nTwlaAmt38enA==",
"customerProfileId" : "777777",
"cardToken" : "48527d0209f4fa5e37cdeaf46f66ff5c6a7c04580c827ca1f29927ec0d921513",
"signature" : "3f527d0209f4fa5e370caf46f66597c6a7c04580c827ca1f29927ec0d9215131"
}"
URL url = new URL ("https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken");
HttpURLConnection con = (HttpURLConnection)url.openConnection();
con.setRequestMethod("DELETE");
con.setRequestProperty("Content-Type", "application/json; utf-8");
con.setRequestProperty("Accept", "application/json");
con.setDoOutput(true);
String jsonInputString = "{
"merchantCode" : "1tSa6uxz2nTwlaAmt38enA==",
"customerProfileId" : "777777",
"cardToken" : "4f2f5dc87684fd67cb54c5dfbe30daec7e35e14265168db2a800c6553ef1aae1",
"signature" : "3f527d0209f4fa5e370caf46f66597c6a7c04580c827ca1f29927ec0d9215131",
}";
try(OutputStream os = con.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try(BufferedReader br = new BufferedReader(
new InputStreamReader(con.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
using System;
using System.IO;
using System.Linq;
using System.Net;
using System.Text;
using Newtonsoft.Json;
namespace FawryPayRequest
{
public class Program
{
static void Main(string[] args)
{
PostJson("https://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardToken", new fawrypay_request
{
merchantCode = "1tSa6uxz2nRbgY+b+cZGyA==",
customerProfileId = "777777",
cardToken = "4f2f5dc87684fd67cb54c5dfbe30daec7e35e14265168db2a800c6553ef1aae1",
signature = "3f527d0209f4fa5e370caf46f66597c6a7c04580c827ca1f29927ec0d9215131"
});
}
private static void PostJson(string uri, fawrypay_request postParameters)
{
string postData = JsonConvert.SerializeObject(postParameters);
byte[] bytes = Encoding.UTF8.GetBytes(postData);
let httpWebRequest = (HttpWebRequest) WebRequest.Create(uri);
httpWebRequest.Method = "DELETE";
httpWebRequest.ContentLength = bytes.Length;
httpWebRequest.ContentType = "text/json";
using (Stream requestStream = httpWebRequest.GetRequestStream())
{
requestStream.Write(bytes, 0, bytes.Count());
}
var httpWebResponse = (HttpWebResponse) httpWebRequest.GetResponse();
if (httpWebResponse.StatusCode != HttpStatusCode.OK)
{
string message = String.Format("GET failed. Received HTTP {0}", httpWebResponse.StatusCode);
throw new ApplicationException(message);
}
}
}
public class fawrypay_request
{
public string merchantCode { get; set; }
public string customerProfileId { get; set; }
public string cardToken { get; set; }
public string signature { get; set; }
}
}
Sample Request Data
{
"merchantCode" : "GHKjd452155z",
"customerProfileId" : "777777",
"cardToken" : "48527d0209f4fa5e37cdeaf46f66ff5c6a7c04580c827ca1f29927ec0d921513",
"signature" : "2ca4c078ab0d4c50ba90e31b3b0339d4d4ae5b32f97092dd9e9c07888c7eef36"
}
FawryPay Sample Response
Whenever you call FawryPay delete card token API, you should expect a response in the form of JSON object which contains the status of your delete request.
Sample Delete Card Token API Response
Response Parameters Description
| Parameter | type | Description | Example |
|---|---|---|---|
| type | String |
Response Type | CardTokenResponse |
| statusCode | Integer |
The response status code | 200 |
| statusDescription | String |
required | Operation done successfully |
DELETEhttps://atfawry.fawrystaging.com/ECommerceWeb/Fawry/cards/cardTokenResponse
// API Response Data Should Appear here
// This is a sample successful Response
{
"type": "CardTokenResponse",
"statusCode": 200,
"statusDescription": "Operation done successfully"
}
Error Handling
Depending on the HTTP status code of the response, you should build some logic to handle any errors that a request or the system may return. A list of possible potential error codes that you may receive can found below. For a full list of all possible error codes can be found in the Error Codes section.
| Error Code | Description |
|---|---|
| 200 | Operation done successfully. |
| 9901 | Merchant code is blank or invalid. |
| 9910 | Blank or invalid client's mobile number. |
| 9919 | Invalid card date. |
| 9944 | Customer profile or card token is empty. |
| 9946 | Blank or invalid signature. |
Next steps
Was this page helpful?
Thank you for helping improve FawryPay's documentation. If you need help or have any questions, please consider contacting support.