Skip to main content
POST
/
v1
/
issuing
/
cards
/
{id}
/
token
Create PAN Token
curl --request POST \
  --url https://api-sandbox.uqpaytech.com/api/v1/issuing/cards/{id}/token \
  --header 'x-auth-token: <api-key>' \
  --header 'x-idempotency-key: <x-idempotency-key>'
{
  "token": "pan_eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
  "expires_in": 60,
  "expires_at": "2025-11-13T10:31:00Z"
}

Authorizations

x-auth-token
string
header
required

The API token for login provided by UQPay.

Headers

x-on-behalf-of
string

Specifies the sub-account on whose behalf the request is made. This should be set to the account_id, which can be retrieved via the List Connected Accounts. If omitted or empty, the request is executed using the master account. More information at Connected Accounts.

x-idempotency-key
string<uuid>
required

A unique identifier (UUID) used to maintain operation idempotency, ensuring that repeated executions of the same operation do not result in unintended effects or duplication. It helps preserve data consistency in the face of network errors, retries, or failures.

Path Parameters

id
string<uuid>
required

Universally unique identifier (UUID v4) of a resource.

Example:

"71fdb0fe-9682-457a-9361-e8868694f12f"

Response

PAN token created successfully.

token
string
required

One-time JWT token with pan_ prefix for accessing sensitive card details through the secure iframe.

Example:

"pan_eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"

expires_in
integer
required

Token validity period in seconds.

Example:

60

expires_at
string
required

Token expiration timestamp in ISO 8601 format.

Example:

"2025-11-13T10:31:00Z"