Skip to main content
POST
/
v1
/
cards
Python
import requests

client_id = <YOUR CLIENT ID>
public_key = <YOUR CLIENT TOKEN>

request = requests.post('https://api.malga.io/v1/cards', headers={
    "X-Client-Id": client_id,
    "X-Api-Key": publick_key
  }, json={
  "tokenId": "4918cfd2-b14a-4db2-ade4-d1b8a6bd40e2"              
})
print(request.json().get('cardId'))
curl --request POST \
--url https://api.malga.io/v1/cards \
--header 'Content-Type: application/json' \
--header 'X-Api-Key: <api-key>' \
--header 'X-Client-Id: <api-key>' \
--data '
{
"tokenId": "82aba896-9e37-45b6-aa90-d510c9050596",
"merchantId": "cc4945bc-85f4-495e-adc6-3b281c9d957a",
"cvvCheck": true
}
'
const options = {
method: 'POST',
headers: {
'X-Client-Id': '<api-key>',
'X-Api-Key': '<api-key>',
'Content-Type': 'application/json'
},
body: JSON.stringify({
tokenId: '82aba896-9e37-45b6-aa90-d510c9050596',
merchantId: 'cc4945bc-85f4-495e-adc6-3b281c9d957a',
cvvCheck: true
})
};

fetch('https://api.malga.io/v1/cards', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.malga.io/v1/cards",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'tokenId' => '82aba896-9e37-45b6-aa90-d510c9050596',
'merchantId' => 'cc4945bc-85f4-495e-adc6-3b281c9d957a',
'cvvCheck' => true
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"X-Api-Key: <api-key>",
"X-Client-Id: <api-key>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.malga.io/v1/cards"

payload := strings.NewReader("{\n \"tokenId\": \"82aba896-9e37-45b6-aa90-d510c9050596\",\n \"merchantId\": \"cc4945bc-85f4-495e-adc6-3b281c9d957a\",\n \"cvvCheck\": true\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("X-Client-Id", "<api-key>")
req.Header.Add("X-Api-Key", "<api-key>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.malga.io/v1/cards")
.header("X-Client-Id", "<api-key>")
.header("X-Api-Key", "<api-key>")
.header("Content-Type", "application/json")
.body("{\n \"tokenId\": \"82aba896-9e37-45b6-aa90-d510c9050596\",\n \"merchantId\": \"cc4945bc-85f4-495e-adc6-3b281c9d957a\",\n \"cvvCheck\": true\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.malga.io/v1/cards")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["X-Client-Id"] = '<api-key>'
request["X-Api-Key"] = '<api-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"tokenId\": \"82aba896-9e37-45b6-aa90-d510c9050596\",\n \"merchantId\": \"cc4945bc-85f4-495e-adc6-3b281c9d957a\",\n \"cvvCheck\": true\n}"

response = http.request(request)
puts response.read_body
{
  "id": "148d5db0-f1c3-439f-902d-f1f268086e1d",
  "status": "active",
  "statusReason": null,
  "createdAt": "2012-08-11T19:02:56.713Z",
  "clientId": "cc0b1e41-2936-45c5-947f-93995ffcdc00",
  "brand": "Visa",
  "cardHolderName": "JOAO DA SILVA",
  "cvvChecked": true,
  "fingerprint": "cbd4a441-c63c-4dee-ac6b-bfa7fa1df818",
  "first6digits": "401959",
  "last4digits": "9339",
  "customerId": "82aba896-9e37-45b6-aa90-d510c9050596",
  "expirationMonth": "12",
  "expirationYear": "2026",
  "transactionRequests": [
    {
      "id": "edd0d86a-76d0-4c2c-b924-1528510a5a32",
      "createdAt": "2023-09-25T18:09:59.001Z",
      "providerId": "5ce68ed3-2213-423b-8eaf-9d8c4b40df2b",
      "providerType": "SANDBOX",
      "requestStatus": "success",
      "requestType": "zero_dollar",
      "responseTs": "32ms"
    }
  ]
}
{
"error": {
"code": 123,
"declinedCode": "<string>",
"key": "<string>",
"businessCode": "<string>",
"message": "<string>",
"details": "<array>"
}
}
{
"type": "failed_dependency",
"declinedCode": "<string>",
"message": "<string>",
"details": "<array>"
}
{
"error": {
"code": 123,
"declinedCode": "<string>",
"key": "<string>",
"businessCode": "<string>",
"message": "<string>",
"details": "<array>"
}
}

Authorizations

X-Client-Id
string
header
required
X-Api-Key
string
header
required

Body

application/json

Create credit card

tokenId
string<uuid>
required

Identificador do token gerado

merchantId
string<uuid>

Caso queria validar o cartão via zero dollar, informe o merchantId que possui pelo menos 1 provedor com suporte a validação zero dollar.

cvvCheck
boolean

Mesmo informando o merchantId, é possível desabilitar a validação do cvv (zero dollar). Informe true para validar ou false para pular a validação. Caso você informe false, a verificação será pulada e o cartão será criado como pending necessitando validar via uma transação.

Response

Created

id
string

ID do cartão

status
enum<string>

Status de validação dos dados cartões, failed (cartão inválido para uso), active (cartão válido para uso), pending (validação do cartão pendente, uso autorizado temporariamente)

Available options:
failed,
active,
pending
statusReason
string

Contém uma string com um breve descritivo informando o motivo do status do cartão. Em alguns casos uma string vazia é retornada.

createdAt
string

Data de criação do cartão

clientId
string

Identificação do cliente

brand
enum<string>

Bandeira do cartão

Available options:
American Express,
Mastercard,
Visa,
Elo,
Discover,
JCB,
Diners
cardHolderName
string

Nome do cliente do cartão

cvvChecked
boolean

Identifica se o CVV foi verificado

fingerprint
string

Hash de identificação única do cartão com base nos dados sensíveis

first6digits
string

Primeiros 6 digitos do cartão

last4digits
string

Últimos 4 digitos do cartão

customerId
string

Identificador de comprador para consulta futura

expirationMonth
string

Data de expiração MM

expirationYear
string

Data de expiração YYYY

tokens
object[]

Lista de tokens externos associados ao cartão