What data is saved with tokens?

For the Nexio API, you create one-time-use tokens, and you can create and manage card or echeck tokens.

You first create the one-time-use token, and then you use that when you want to create a card or echeck token.

Many of the values that you specify in the Create one-time-use token request are cached with that one-time-use token and are passed on when saving the card token. However, you can overwrite the values set in the one-time-use token by sending different values in the request to save the card or echeck token (through your own form with the Save card token or Save echeck token) requests), or overwrite them through values submitted in the iframe (with the Save card token with iframe or Save echeck token with iframe requests).

For a general overview of tokens, see Vault (Vault) in the Getting Started section.

What is cached in the one-time-use token?

You cannot easily see what data has been cached in the one-time-use token out of the possible values you pass in the Create one-time-use token request.

📘

Note

Nexio caches each one-time-use token for an hour. Additionally, each one-time-use token, as the name suggests, can only be used one time.

In general, you will probably send the customer details, processing options, and UI options. When you are using the iframe to process a transaction or save a card token, you may also want to include parameters here for prefilling the form and for passing values that are not part of the form.

The following list shows the parameters you can send in the request and that are cached in the one-time-use token:

Parameters from request cached in one-time-use token
bank.accountHolderName - for echecks
bank.routingNumber - for echecks
card.businessNumber - for cards
card.cardHolderName - for cards
card.classification - for cards
card.expirationMonth - for cards
card.expirationYear - for cards
card.password - for cards
data.allowedCardTypes
data.cart.items.item
data.cart.items.description
data.cart.items.quantity
data.cart.items.price
data.cart.items.type
data.currency - only for using the one-time-use token with an iframe
data.customer.customerRef
data.customer.orderNumber
data.customer.orderDate
data.customer.invoice
data.customer.firstName
data.customer.lastName
data.customer.birthDate
data.customer.nationalIdentificationNumber
data.customer.billToAddressOne
data.customer.billToAddressTwo
data.customer.billToCity
data.customer.billToCountry
data.customer.billToPhone
data.customer.billToPostal
data.customer.billToState
data.customer.birthDate
data.customer.email
data.customer.phone
data.customer.shipToAddressOne
data.customer.shipToAddressTwo
data.customer.shipToCity
data.customer.shipToCountry
data.customer.shipToPhone
data.customer.shipToPostal
data.customer.shipToState
data.description
data.descriptor
data.descriptor.name
data.descriptor.address
data.descriptor.city
data.descriptor.state
data.descriptor.postal
data.descriptor.country
data.descriptor.phone
data.descriptor.url
data.descriptor.merchantId
data.descriptor.mcc
data.lodging
data.lodging.advanceDeposit
data.lodging.checkInDate
data.lodging.checkOutDate
data.lodging.noShow
data.lodging.roomNumber
data.lodging.roomRate
data.surcharge
installment.period
isAuthOnly - defaults to false if not specified in the request
processingOptions.check3ds - defaults to false if not specified in the request
processingOptions.checkFraud - defaults to true if not specified in the request
processingOptions.customerRedirectUrl
processingOptions.paymentType
processingOptions.retryOnSoftDecline - defaults to false if not specified in the request
processingOptions.saveCardToken - defaults to true if not specified in the request
processingOptions.shouldUseFingerprint - defaults to true if not specified in the request
processingOptions.verboseResponse - defaults to true if not specified in the request
processingOptions.verifyAvs - defaults to false if not specified in the request
processingOptions.verifyCvc - defaults to false if not specified in the request
processingOptions.merchantId
processingOptions.paymentOptionTag
shouldUpdateCard - defaults to true if not specified in the request
uiOptions.css
uiOptions.customTextUrl
uiOptions.displaySubmitButton - defaults to false if not specified in the request
uiOptions.forceExpirationSelection - defaults to true if not specified in the request
uiOptions.hideBilling - defaults to false if not specified in the request
uiOptions.hideBilling.hideAddressOne
uiOptions.hideBilling.hideAddressTwo
uiOptions.hideBilling.hideCity
uiOptions.hideBilling.hideCountry
uiOptions.hideBilling.hidePostal
uiOptions.hideBilling.hidePhone
uiOptions.hideBilling.hideState
uiOptions.hideCvc - defaults to false if not specified in the request
uiOptions.limitCountriesTo
uiOptions.requireCvc - defaults to true if not specified in the request

What is saved in the card/echeck token?

You can see many of the parameters and values saved in the card token through the View card token details endpoint.

You can overwrite the values set in the one-time-use token by sending different values in the request to save the card or echeck token (through your own form with the Save card token or Save echeck token) requests), or overwrite them through values submitted in the iframe (with the Save card token with iframe or Save echeck token with iframe requests).

The following list shows the parameters you can send in the request and that are saved in the card or echeck token:

Parameters from request saved in card/echeck token
token - saved as key in card or echeck token
bank.accountHolderName - for echecks
bank.routingNumber - for echecks
card.cardHolderName - for cards
card.cardType - for cards; also copied to cardType and tokenex.cardType
card.expirationMonth - for cards
card.expirationYear - for cards
cardType - copied from card object specified in the request
data.customer.firstName
data.customer.lastName
data.customer.birthDate
data.customer.billToAddressOne
data.customer.billToAddressTwo
data.customer.billToCity
data.customer.billToCountry
data.customer.billToPhone
data.customer.billToPostal
data.customer.billToState
data.customer.email
data.customer.phone
data.customer.shipToAddressOne
data.customer.shipToAddressTwo
data.customer.shipToCity
data.customer.shipToCountry
data.customer.shipToPhone
data.customer.shipToPostal
data.customer.shipToState
merchantId
shouldUpdateCard - defaults to true if not specified in the request
tokenex.cardType - copied from card object specified in the request
tokenex.firstSix - copied from card object specified in the request
tokenex.lastFour - copied from card object specified in the request
tokenex.token