- Guides
- API
- Forms
- External Links
PCI Vault can send or receive data on your behalf. This is useful for sending data to Payment Service Providers (PSPs).
Decrypt and send data to a third party, the third party's response will be sent to you via a webhook.
If requests to the third party fails with status 429 or 500 or higher, it will be retried.
The request object will be used to populate the request to the third party. The body property can be any valid mustache template. The keys in the mustache template will be matched back to the JSON object for the given token and populated accordingly.
The reply from the third party will be forwarded to the URL specified in the webhook object.
All URLs must use the HTTPS protocol and have valid SSL certificates.
Requests are asynchronous by default, but when the synchronous parameter is set
to true, it will wait and return the response from the third party directly.
Note: the third party is required to return a result within 20 seconds for synchronous calls. Longer running requests are considered a failure.
The token for the data to be decrypted and sent.
The reference with which the token has been stored, both the reference and the token must be supplied in order to decrypt the associated data.
The identifier for the key used to originally encrypt the data.
The passphrase for the key used to originally encrypt the data.
How many times the request to the the third party will be tried until it succeeds. Every attempt is billable. The default value is 8, the maximum value is 16, and the minimum is 1.
Debug mode returns the populated template as it will be sent to the third party. Debug mode requests are still treated as live requests: the request to the third party will be made and be billed accordingly.
A comma seperated list of rule ids to apply to the sent data in order. This does not change stored data.
The request body as described in the Proxy Data Guide.
Execute the request synchronously and wait for response.
A webhook to send the asynchronous proxy request result to.
The URL for the webhook. This must be an https URL.
A secret that will be returned in the webhook call's X-PCIVault-Webhook-Secret header.
A value between 1 and 8 for the maximum amount of times the webhook should be called per token update. Calls to the webhook will stop on a 200 HTTP response, or when max_attempts are reached.
Some metadata which will be merged into the webhook response. This is useful for uniquely identifying webhook responses to requests.
Retrieve and encrypt data from a third party, the token will be sent to you via a webhook.
If requests to the third party fails with status 429 or 500 or higher, it will be retried.
All URLs must use the HTTPS protocol and have valid SSL certificates.
Requests are asynchronous by default, but when the synchronous parameter is set
to true, it will wait and return the response from the third party directly.
Note: the third party is required to return a result within 20 seconds for synchronous calls. Longer running requests are considered a failure.
The user for the key to use when storing the third party response.
The passphrase to use when storing the third party response.
The tokenization algorithm to use when storing the third party response.
Set to true to use PCI Vault's smart parse algorithm to interpret the third party response.
The tokenization algorithm to use when storing the third party response.
How many times the request to the the third party will be tried until it succeeds. Every attempt is billable. The default value is 8, the maximum value is 16, and the minimum is 1.
A comma seperated list of rule ids to apply to the received data in order. The rules are applied right before the data is stored.
The request body that needs to be sent.
Execute the request synchronously and wait for response.
A webhook to send the asynchronous proxy request result to.
The URL for the webhook. This must be an https URL.
A secret that will be returned in the webhook call's X-PCIVault-Webhook-Secret header.
A value between 1 and 8 for the maximum amount of times the webhook should be called per token update. Calls to the webhook will stop on a 200 HTTP response, or when max_attempts are reached.
Some metadata which will be merged into the webhook response. This is useful for uniquely identifying webhook responses to requests.
The specifications on this endpoint are subject to change.
If you have a Network Token Requester ID, PCI Vault can assist in requesting and returning network tokens.
The token for the data to be decrypted and sent.
The reference with which the token has been stored, both the reference and the token must be supplied in order to decrypt the associated data.
The identifier for the key used to originally encrypt the data.
The passphrase for the key used to originally encrypt the data.
Your Network Token Requester ID.
A webhook to send the network tokenization result to.
The URL for the webhook. This must be an https URL.
A secret that will be returned in the webhook call's X-PCIVault-Webhook-Secret header.
A value between 1 and 8 for the maximum amount of times the webhook should be called per token update. Calls to the webhook will stop on a 200 HTTP response, or when max_attempts are reached.
Some metadata which will be merged into the webhook response. This is useful for uniquely identifying webhook responses to requests.