Skip to main content
POST
/
v1
/
issuing
/
cards
/
{id}
Update Card
curl --request POST \
  --url https://api-sandbox.uqpaytech.com/api/v1/issuing/cards/{id} \
  --header 'Content-Type: application/json' \
  --header 'x-auth-token: <api-key>' \
  --header 'x-idempotency-key: <x-idempotency-key>' \
  --data '
{
  "card_limit": 2100.02,
  "no_pin_payment_amount": 100,
  "spending_controls": [
    {
      "amount": 100.03,
      "interval": "PER_TRANSACTION"
    }
  ],
  "risk_controls": {
    "allow_3ds_transactions": "Y",
    "allowed_mcc": null,
    "blocked_mcc": [
      "5999",
      "6011"
    ]
  },
  "metadata": {
    "key1": "value1",
    "key2": "value2"
  }
}
'
{
  "card_id": "c0cef051-29c5-4796-b86a-cd5b684bfad7",
  "card_order_id": "c0cef051-29c5-4796-b86a-cd5ee34bfad7",
  "card_status": "ACTIVE",
  "order_status": "SUCCESS"
}

Authorizations

x-auth-token
string
header
required

The API token for login provided by UQPay.

Headers

x-on-behalf-of
string

Specifies the sub-account on whose behalf the request is made. This should be set to the account_id, which can be retrieved via the List Connected Accounts. If omitted or empty, the request is executed using the master account. More information at Connected Accounts.

x-idempotency-key
string<uuid>
required

A unique identifier (UUID) used to maintain operation idempotency, ensuring that repeated executions of the same operation do not result in unintended effects or duplication. It helps preserve data consistency in the face of network errors, retries, or failures.

Path Parameters

id
string<uuid>
required

Universally unique identifier (UUID v4) of a resource.

Example:

"71fdb0fe-9682-457a-9361-e8868694f12f"

Body

application/json
card_limit
number

The total credit limit assigned to the card, currency refer to card_currency. This is not a cumulative balance, but a fixed credit limit similar to that of a credit card.

  • Leave empty when card mode_type is SINGLE.
Required range: x >= 0
Example:

2100.02

no_pin_payment_amount
number

The allowable amount for card transactions without PIN verification. Default NO-PIN transaction amount applied when not explicitly set by the customer. Defaults to 200 SGD.

If you would like to opt-out from having any transactions without credentials or password, you may adjust the amount to zero (0).

Note: This setting is only applicable to specific card products. You may refer to the [No-PIN payment](/card-issuance/v1.6/guide/No-PIN Payment) for more information.

Required range: x >= 0
Example:

100

spending_controls
object[]

Rules that control spending for this card.

risk_controls
object

User-customized risk control settings.

Supported configurations depend on the card BIN. See [Supported BINs for Risk Control Configurations](/card-issuance/v1.6/guide/Supported BINs for Risk Control Configurations) for details.

metadata
object

Any key-value object. Max length = 3200 bytes. This must be valid JSON data.

Example:
{ "key1": "value1", "key2": "value2" }

Response

Card update successfully.

card_id
string
required

Unique identifier for the card.

Example:

"c0cef051-29c5-4796-b86a-cd5b684bfad7"

card_order_id
string
required

ID of the card order.

Example:

"c0cef051-29c5-4796-b86a-cd5ee34bfad7"

card_status
enum<string>
required

Card status enum. See the Card lifecycle and statuses guide for more information.

Available options:
PENDING,
ACTIVE,
FROZEN,
BLOCKED,
CANCELLED,
LOST,
STOLEN,
FAILED
Example:

"ACTIVE"

order_status
enum<string>
required

This field will contain the status of the request after processing.

  • PENDING -The initial status of the order request.
  • PROCESSING - If this status shall be subject to webhooks notification.
  • SUCCESS - The final status of the order request is successful.
  • FAILED - The final status of the order request is failed.
Available options:
PENDING,
PROCESSING,
SUCCESS,
FAILED
Example:

"SUCCESS"