--- page_source: https://juspay.io/in/docs/ec-headless/cordova/card-network-tokenization/token-repeat-transaction-flow page_title: Token repeat transaction flow --- ## Token repeat transaction flow --- ### **Token transactions** The token transaction will be processed exactly as saved card transaction is processed. There will be no change in merchant integration ![Image](https://dth95m2xtyv8v.cloudfront.net/tesseract/assets/ec-headless/Untitled-DCjiS.jpeg) *Saved token transaction* #### **1. List the stored card** Call List Card API to show the cards on Payment Page, the same API will also give the tokenized cards in the current format. #### **2. Show card to user** The card_number parameter is used to show the masked card information to the user. Currently the format for this field is "4012-XXXXXXXX-9454", once repeat token transaction is enabled for the merchant the format will change to "XXXX-XXXXXXXX-9454". End users are not exposed to tokens, they will still see card details on payment page. Hence, the card_expiry and card_last_four digits will still be stored even after card is tokenized. #### **3. Start Transaction** There is no change in /txns API for a stored token transactions. ### **API specification** #### **List Card API** #### Request Code Snippet: ```request curl --location --request GET 'https://api.juspay.in/cards?customer_id=cth_6MXbUUSECcxrswgT' \ --header 'Authorization: Basic RjJEMTU0QxxxxxY0NkY4QjE0MUQ5REZBREZCNkZBOg==' \ ``` #### Response Code Snippet: ```response { "customer_id": "cth_6MXbUUSECcxrswgT", "merchantId": "paypal", "cards": [ { "card_token": "tkn_d5de7e878465407a9a8ad8d71b58923e", "card_reference": "d1714874aa102eb8bc933b8f26992225", "card_number": "XXXX-XXXXXXXX-9454", "card_isin": "123456", "card_exp_year": "2025", "card_exp_month": "02", "card_type": "DEBIT", "card_issuer": "HDFC Bank", "card_brand": "MASTERCARD", "nickname": "", "name_on_card": "Imdad", "expired": false, "card_fingerprint": "4ip95rsikuprlcojscp3p0b7pq", "juspay_bank_code": "JP_HDFC", "card_sub_type": "NA", "card_issuer_country": "INDIA", "tokenize_support": false, "provider_category": "VAULT", "provider": "JUSPAY" } ] } ``` | Name | Format | Description | |---|---|---| | provider_category | String | Card storage provider category. Example: VAULT | NETWORK_TOKEN | ISSUER_TOKEN | | provider | String | Provider's name. Example: JUSPAY | VISA | SODEXO | > **Warning** > After Token Repeat Transactions are enabled for merchant_id then for all cards (tokenized/ non tokenized) the List Card API will return back card_number in new masked format.This is to ensure consistency on UI for the end user #### **/txns API** There are no changes in the /txns API for a current saved card vs a saved token flow. #### Request Code Snippet: ```request curl -X POST https://api.juspay.in/txns \ -d "order_id=:order_id" \ -d "merchant_id=:merchant_id" \ -d "payment_method_type=CARD" \ -d "card_token=:card_token" \ -d "card_security_code=111" \ -d "redirect_after_payment=true" \ -d "format=json" ``` #### Response Code Snippet: ```response { "order_id": ":order_id", "txn_id": ":txn_id", "status": "PENDING_VBV", "payment": { "authentication": { "method": "GET", "url": "https://api.juspay.in/pay/start/guest/8646a7a029974fa99995fec00340a507" } } } ``` #### **Order Status API** In the existing card block merchant will receive two new parameters using_token = true and a new token block. Merchant will continue to receive all other existing parameter. If there is a use case to show the Payment Instrument used then card. last_four_digits should be used. #### Request Code Snippet: ```request curl https://api.juspay.in/orders/order1631087270 \ -u your_api_key: \ -H 'version: 2018-10-25' \ -H 'Content-Type: application/x-www-form-urlencoded'\ -H 'x-merchantid: merchant_id' ``` #### Response Code Snippet: ```response { "card": { "expiry_year": "2023", "saved_to_locker": false, "expiry_month": "06", "name_on_card": "test", "card_issuer": "Axis Bank", "last_four_digits": "5449", "using_saved_card": true, "card_fingerprint": "41d30s3jus955dj9yyhe5is91", "card_isin": "526731", "card_type": "DEBIT", "card_brand": "MASTERCARD", "card_sub_type": null, "tokenization_user_consent": true, "token": { "card_reference": "77efb38f3721930e60dby754865619", "last_four_digits": "7656", "card_fingerprint": "41d30s3jus955dj9yyhe5is91", "card_isin": "525876", "expiry_year": "2023", "expiry_month": "06", "par": "6fgd63jus955dj9yyheg4gh6", "tokenization_status": "ACTIVE" }, "using_token": false } } ``` Order Status extra fields description | Name | Format | Description | |---|---|---| | using_token | boolean | true if the transaction was done via token, else false | | token | JSON | token block is sent back to merchant if it was a saved token transaction | | token.card_reference | String | Juspay's permanent reference to the token generated. | | token.last_four_digits | String | Token's last four. Should not be shown to the user. If there is a requirement then card's last_four_digits should be shown | | token.card_fingerprint | String | A string that uniquely identifies the card/tpken across the board. When the same card/token is stored across multiple accounts, same fingerprint will be returned. This can be used to identify duplicates. | | token.card_isin | String | Token's BIN. Should not be shown to user. Can be used for routing etc | | token.expiry_year | String | Token's expiry year. This can be different from card's expiry year. Merchant should still use card's expiry year | | token.expiry_month | String | Token's expiry month. This can be different from card's expiry month. Merchant should still use card's expiry month | | token.par | String | The PAR value as is received from the network. Can be used to check uniqueness of cards for use case of Offers, EMI etc. | | token.tokenization_status | String | The current status of token. | #### **Webhook** The extra parameters/blocks added in Order Status API will be added in webhooks also.