PCI Vault Logo
Enterprise

The Enterprise Endpoints provide access to a suite of advanced PCI Vault capabilities designed for organizations with complex security, compliance, and integration requirements. These features are exclusively available to customers on the Enterprise plan, enabling greater flexibility, enhanced control, and enterprise-grade functionality for large-scale deployments.

If you require one or more of these features on another plan, please contact our support team and let us know about your use case. We'll evaluate your requirements and recommend the most appropriate solution for your business. In many cases, we can enable specific Enterprise features where they are a good fit.

The BIN lookup takes the first digits of a card and returns the details of the issuer and the card itself.

The length of the BIN can be anything from 6 - 11 digits, the longer the number the more specific the details that are returned. Results are returned as an array of issuer details, the first item being the most specific and the last one being the least specific. The first item will therefore represent the card queried most accurately.

(query)

The first digits of a card number. At least the first 6 digits, but more can be entered for more accurate details.

API Operation Usage +
GET
https://api.pcivault.io/v1/bin
# No Body
Response Code: 200 (example) [CardMetadata]
POST /update Account Updater beta
PCI DSS Scope: SAQ-A/D
This feature is currently in the "beta" testing phase. The endpoint is live so that you can start building your integration while we finalise and test our implementation. Keep in mind that responses are likely to be queued and there may be a delay to fulfill requests.
The specifications on this endpoint are subject to small changes.

The account updater takes a list of cards and queries the card network for updates of PAN numbers. If an updated PAN is found, it will be stored in a new token.

You can poll the update result by invoking this endpoint. You can also specify a webhook in the request body. Update results will be sent to the webhook.

(query)

The identifier for the key used to originally encrypt the data. All the tokens encrypted by this key will be added to the account updater, unless filtered further by one of the fields below.

(query)

The passphrase for the key used to originally encrypt the data. This is necessary for PCI Vault to decrypt the cards before submitting the data to the Payment Network

(query)

If the token is specified, only the card with this token will be submitted to the account updater.

(query)

The reference by which data must be filtered. If a token has been stored with a reference, both the reference and the token must be supplied in order to submit the associated PAN to the account updater.

(query)

Limit the number of cards to submit and return. This limit is 1024 by default. To remove the limit, specify a negative limit. Warning: Your browser might not be able to render too many cards, we recommend you set the limit fairly low when trying this endpoint out.

(query)

Set this flag to resubmit token which already are in the updater.

(body) [WebhookRequest]

A webhook to reply to when the account updater returned a match.

(body -> webhook)

The URL for the webhook. This must be an https URL.

(body -> webhook)

A secret that will be returned in the webhook call's X-PCIVault-Webhook-Secret header.

(body -> webhook)

A value between 1 and 8 for the maximum amount of times the webhook should be called per token update. Calls to the webhook will stop on a 200 HTTP response, or when max_attempts are reached.

API Operation Usage +
POST
https://api.pcivault.io/v1/update?limit=250&retry=true
Response Code: 200 (example) [PostUpdateResponse]
POST /find_expired Find Expired Cards
PCI DSS Scope: SAQ-A/D

Find expired cards, and queue notifications for the expiry of non-expired cards.

You will be notified via webhook if a card expires. The webhook will be sent on the first of the month in which the card expires. For example: If the card's expiry date is "03/25", the webhook will be sent on 1 March 2025.

(query)

The identifier for the key used to originally encrypt the data. All the tokens encrypted by this key will be checked, unless filtered further by one of the fields below.

(query)

The passphrase for the key used to originally encrypt the data. This is necessary for PCI Vault to decrypt the cards to check the expiry dates.

(query)

If the token is specified, only the card with this token will be checked for expiry.

(query)

The reference by which data must be filtered. If a token has been stored with a reference, both the reference and the token must be supplied in order to check the expiry date.

(query)

Limit the number of cards to check and return. This limit is 1024 by default. To remove the limit, specify a negative limit. Warning: Your browser might not be able to render too many cards, we recommend you set the limit fairly low when trying this endpoint out.

(query)

A comma separated list of fields to check for expiry dates. The values expiry, card_expiry, expiry_date, expiration_date, expiration, exp, exp_date, and e will be appended to the list specified in this field. The first field in this list that parses to a valid date will be used as the expiry date.

(body) [WebhookRequest]

A webhook to reply to when the card expired. Leave this as an empty JSON object to disable the webhook.

(body -> webhook)

The URL for the webhook. This must be an https URL.

(body -> webhook)

A secret that will be returned in the webhook call's X-PCIVault-Webhook-Secret header.

(body -> webhook)

A value between 1 and 8 for the maximum amount of times the webhook should be called per token update. Calls to the webhook will stop on a 200 HTTP response, or when max_attempts are reached.

API Operation Usage +
POST
https://api.pcivault.io/v1/find_expired?limit=250
Response Code: 200 (example) [PostFindExpiredResponse]