This method is used to request that a network token be provisioned for a given primary account number (PAN). You will need to provide your TokenEx ID and authorized API key, the PAN or an existing TokenEx token, and the desired TokenEx token scheme if the PAN is used.

Required API Key Permissions: NetworkTokenizationGeneralAccess

Request Headers: Authentication and Authorization
* denotes a required field

HTTP Request HeaderDescription
tx-tokenex-id*Like a username, this ID logically segments your tokenized data.
tx-apikey*Controls your access to individual function in the API
tx-tokenize[Boolean]. True indicates that a TokenEx token should be generated for the PAN. True by default. Can be set to false if existing TokenEx token is provided.
tx-token-scheme*Either the name or the numerical value of the TokenScheme to be used
This header is used to indicate whether the Data and CVV fields have been encrypted using browser-based encryption

Request Body Parameters:
* Denotes a Required Field. Some optional fields may be required for certain card brands. Please read descriptions for full details.

data*stringEither the PAN or an existing TokenEx token that represents a PAN.
panSource*string enumThe source of the Primary Account Number (PAN). Valid values: ONFILE, MOBILEBANKINGAPP, KEYENTERED, CAMERACAPTURED, MANUALUNKNOWN
consumerId*stringUnique token requestor specific consumer identifier (e.g., wallet account ID). This value is generated and assigned by the token requestor. Required for Visa and optional for AMEX and Mastercard.
presentationMode*string enum []The token presentation mode supported by the token. Valid values: NFCHCE, NFCSE, ECOM, INAPP, MST, QR, PAT
pathRecommendationstringAllows the requestor to provide tokenization advice based on available risk data. Acceptable values are APPROVED, DECLINED, AUTH_REQ and PCI_APPROVED.
accountTypestringIt is used to describes the type of an account, e.g. GUEST, WALLET. Valid value 'credit_card' for AMEX, and valid values 'GUEST' or 'WALLET' for Visa.
expirationDatestringExpiration date for the PAN.
cvvstringThe security code embedded on the back of the physical card.
panReferenceIdstring (36)The unique reference ID of the PAN.
panSequenceNumberstring (3)The PAN sequence number (PSN), if applicable.
cardholderNamestring (2-26)The name of the cardholder.
issuerEncDatastring (4096)Data generated and encrypted by the issuer.
deviceData.deviceNamestringThe name of the device.
deviceData.deviceLocationstringThe latitude and longitude coordinates of the device location (with up to two decimals), separated by a "/".
deviceData.deviceTypestringThe type of the device.
deviceData.deviceIdstringUnique ID for the device, such as a hardware ID.
deviceData.devicePlatformstringOS of the device.
deviceData.devicePhoneNumberstringThe telephone number or the last few digits of the telephone number. Required for American Express cards.
deviceData.deviceIPv4stringThe IPv4 address of the device. Required for American Express if PanSource is not "ONFILE".
deviceData.deviceTimeZonestringThe timezone of the device.
deviceData.osVersionstringThe version of the OS of the device.
deviceData.languagestringThe language that the application is using to communicate with the cardholder.
deviceData.localestringThe language that the application communicates with the cardholder. It is based on BCP 47 standard. The language must be lowercase, and the country must be uppercase. The language and country should be separated using a hyphen (-). *Required for Visa.
deviceData.walletIdstringThe unique ID assigned to a wallet installation for a given user and device.
deviceData.brandstringThe device's brand.
deviceData.manufacturerstringThe device's manufacturer.
deviceData.modelstringThe device's model.
deviceData.networkTypestringThe type of the network.
deviceData.imeiNumberstringThe device's IMEI number.
deviceData.serialNumberstringThe device's serial number.
deviceData.walletAccountEmailAddressstringThe email address of the client that is linked to his wallet account login. This field is optional for Mastercard and Visa. For Amex, this field is required if devicePhoneNumber it not present.
cardholderBillingAddress.line1String (140)Address line 1.
cardholderBillingAddress.line2String (140)Address line 2.
cardholderBillingAddress.line3String (140)Address line 3.
cardholderBillingAddress.line4String (140)Address line 4.
cardholderBillingAddress.line5String (140)Address line 5.
cardholderBillingAddress.countryString (2)Country code in ISO 3166-1 alpha-2 format.
cardholderBillingAddress.stateString (3)State code in ISO 3166-2 format.
cardholderBillingAddress.cityString (100)Name of the cardholder's city.
cardholderBillingAddress.zipString (16)Cardholder's postal code.
walletRiskData.walletScoreIntThe score of the wallet.
walletRiskData.walletAccountLengthIntThe time in days that wallet account has been in use.
walletRiskData.walletTransactionsIntThe number of transactions performed with the wallet in the last 12 months.
walletRiskData.walletNameMatchesCardholderNameboolName of the wallet account holder and the name of the cardholder match or not.
walletRiskData.maskedEmailstring (260)???*??? is used for masking the email address.
walletRiskData.hashedEmailstring (60)60-character string generated by BCrypt using OpenBSD implementation from BouncyCastle.
cardRiskData.cardScoreIntThe score of the card.
cardRiskData.cardUsageLengthIntThe time in days that the card has been in use.
deviceRiskData.countryOfDevicestring (2)The country in which the device is used in ISO 3166-1 alpha-2 format.
deviceRiskData.tokensOnDeviceIntThe number of tokens on the physical device.
deviceRiskData.deviceUseLengthIntThe time in days that the device has been in use.
deviceRiskData.deviceScoreIntThe score of the trustworthiness of the device.
userRiskData.cardOnFileLengthIntThe time in days that the card has been on file.
userRiskData.newlyAddedboolTrue means that the user added the card on file during the current provisioning attempt. False means the card was already on file.
userRiskData.userCountrystring (2)Country of the user account in ISO 3166-1 alpha-2 format.
userRiskData.userWalletsIntThe number of wallets owned by the user.
userRiskData.userTokensIntThe number of tokens owned by the user.
userRiskData.userAccountUsageLengthIntThe time in days that the user account has been in use.
userRiskData.userAccountScoreIntThe score of the trustworthiness of the device user's account. A value of 0 means that the account is not checked by the wallet or the wallet owner.

Response Body Parameters:

tokenstringThe token generated by TokenEx that references the sensitive data.
successboolIndicator if the request was successfully processed by TokenEx.
referenceNumberstringTokenEx reference number for the transaction.
errorstringTokenEx Error Code and human readable description.
messagestringHuman readable message about response from TokenEx.
networkResponse.tokenRequestorIdstringToken requestor identifier associated to the domain to which the token belongs. The format matches with the EMVCo Tokenization specifications.
networkResponse.tokenReferenceIdstringUnique reference identifier for the token generated.
networkResponse.tokenizationDecisionstring enumThis indicates the tokenization decision. The valid values depend on the product use cases. Possible values are APPROVED, AUTH_REQ and PCI_APPROVED
networkResponse.messageIdstringUnique message identifier (GUID format) of this command.
networkResponse.conversationIdstringMessage identifier assigned for the entire conversation (GUID format). Typically, it is generated by the initiator of the flow.
networkResponse.statusCodestringThe four-digit status code.
networkResponse.statusMessagestringHuman readable comments about the status.
tokenStatestring enumThe current state of the token. It has predefined values which are INACTIVE, ACTIVE, SUSPENDED, DELETED and CONSUMED. Note that the CONSUMED state is not used by default.
userValidationMethodsstring []Array of one or more methods to perform user validation for this token. It is required if tokenizationDecision is 'AUTH_REQ'. [uvmMethodIdentifier (string), validationMethod (string), informationDestination (string)]
networkResponse.encData.paymentBundle.bundleMetadatastringIt indicates the type of the bundle returned. The valid values depend on the product use cases. Possible values are ECOM_TOKEN, ECOM_CRYPTOGRAM and ECOM_PAN.
networkResponse.encData.paymentBundle.bundleElements[].typestringIt indicates the type of the bundle returned. The valid values depend on the product use cases. Possible values are ECOM_TOKEN, ECOM_CRYPTOGRAM and ECOM_PAN.
networkResponse.encData.paymentBundle.bundleElements[].valuestringPossible values: TOKEN,TOKEN_EXP (the format is 'YYMM'), ECOM_CRYPTOGRAM, ECI, PSN, TRACK2, PAN, PAN_EXP.
networkResponse.encData.cardData.panReferenceIdstringThe unique reference ID (GUID format) of the real PAN. It is required except when PAN is provided.
networkResponse.encData.cardData.paymentAccountReferencestringGlobally unique reference of a cardholder’s PAN. It is commonly abbreviated as PAR.
networkResponse.encData.cardData.cardSuffixstringThe last four digits of the real PAN.
networkResponse.encData.cardData.panExpDatestringThe expiry date of the real PAN. The format is 'YYMM'.
networkResponse.encData.cardData.cardHolderEmbossedNamestringThe embossed name on the physical card.
networkResponse.encData.cardData.cardCountryCodestringA 2-character country code. The format is based on ISO 3166-1 alpha-2.
networkResponse.encData.cardData.cardNamestringThe name of the card.
networkResponse.encData.cardData.cardTypestringThe type of the card product (e.g., Credit, Debit).
networkResponse.encData.cardData.cardLongDescriptionstring (64 max)Description of card.
networkResponse.encData.cardData.cardShortDescriptionstring (32 max)Description of card.
networkResponse.encData.cardData.coBrandedboolIt indicates if the card is a co-branded card.
networkResponse.encData.cardData.coBrandNamestringThe card co-brand name. It is required if isCoBranded is set to true.
networkResponse.encData.cardData.cardTypeIndicatorstring []These are indicators (Boolean values) associated with the card. The expected values are PRIVATE_LABEL.
networkResponse.encData.cardData.expDataPrintedboolIt indicates if the expiration date is printed on the card or not.
networkResponse.encData.cardData.cvv2PrintedboolIt indicates if the cvv2 is printed on the card or not.
networkResponse.cardMetaData.termsAndConditionsIdstringUnique identifier (GUID format) of the terms and conditions.
networkResponse.cardMetaData.termsAndConditionsUrlstringThe website URL which is used to describe the terms and conditions.
networkResponse.cardMetaData.cardArtUrlstringThe website URL which is used to present card’s art image.
networkResponse.cardMetaData.cardBackgroundColorstringThe background color of the card specified as a CSS style RGB triple (hex format).
networkResponse.cardMetaData.cardForegroundColorstringThe foreground color of the card specified as a CSS style RGB triple (hex format).
networkResponse.cardMetaData.labelColorstringThe color of the label of the card specified as a CSS style RGB triple (hex format).
networkResponse.cardMetaData.longDescriptionstringThe detailed description of the card product to be displayed inside the mobile wallet.
networkResponse.cardMetaData.shortDescriptionstringThe short description of the card product to be used for notification on the mobile device.
networkResponse.cardMetaData.issuerData.issuerNamestringThe name of the card issuer.
networkResponse.cardMetaData.issuerData.issuerAddressstringThe physical address of the issuer main office.
networkResponse.cardMetaData.issuerData.issuerEmailstringThe customer service email address of the issuing bank.
networkResponse.cardMetaData.issuerData.issuerWebsitestringThe customer service website of the issuing bank.
networkResponse.cardMetaData.issuerData.customerServiceTelephonestringThe customer service phone number of the issuing bank.
networkResponse.cardMetaData.issuerData.onlineBankingUrlstringThe online banking website of the issuing bank.
networkResponse.cardMetaData.issuerData.issuerPrivacyUrlstringThe privacy policy website of the issuing bank.
networkResponse.cardMetaData.issuerData.issuerNotificationIconstringThe icon of the issuing bank’s notification.
networkResponse.cardMetaData.issuerData.issuerLogoUrlstringThe website URL of the issuing bank’s logo.
networkResponse.cardMetaData.issuerAppData.issuerAppOSTypestringThe operating system type of the issuing bank’s mobile application.
networkResponse.cardMetaData.issuerAppData.issuerAppNamestringThe name of the issuing bank’s mobile application for display purpose.
networkResponse.cardMetaData.issuerAppData.issuerAppAddressstringThe package name of the issuing bank’s mobile application.
networkResponse.cardMetaData.cardAssets[].guidstringUnique identifier (GUID format) of the asset.
networkResponse.cardMetaData.cardAssets[].mimeTypestring enumThe mime type of the content. Possible values: IMAGE/PNG, IMAGE/PDF, TEXT/HTML, TEXT/PLAIN, APPLICATION/PDF, TEXT/XML
networkResponse.cardMetaData.cardAssets[].pixelHeightintThe height of the image in pixels. Set to zero for non-image MIME-types.
networkResponse.cardMetaData.cardAssets[].pixelWidthintThe width of the image in pixels. Set to zero for non-image MIME-types.
POST /v2/NetworkToken/Tokenize HTTP/1.1
tx-apikey: YourAPIKey
tx-tokenex-id: YourTokenExID
tx-tokenize: true
tx-token-scheme: PCI
Content-Type: application/json

    "PanSource": "KEYENTERED",
    "ConsumerId": "235468794",
    "PresentationMode": ["ECOM"],
    "AccountType": "WALLET",
    "ExpirationDate": "2212",
    "Data": "4761209980007718",
    "DeviceData": {
        "locale": "en-US",
        "walletAccountEmailAddress": "[email protected]"
    "networkResponse": {
        "encData": {
            "paymentBundle": {
                "bundleMetadata": "ECOM_TOKEN",
                "bundleElements": [
                        "type": "TOKEN",
                        "value": "4761209400161814"
                        "type": "TOKEN_EXP",
                        "value": "2212"
            "cardData": {
                "panReferenceId": "f7f4a607-f696-4936-9c99-0ec0b72fd140",
                "paymentAccountReference": "V0010013021211750239575607559",
                "cardSuffix": "7718",
                "panExpDate": "2212",
                "cardHolderEmbossedName": null,
                "cardCountryCode": null,
                "cardName": null,
                "cardType": null,
                "cardLongDescription": "long",
                "cardShortDescription": "short",
                "coBranded": false,
                "coBrandName": null,
                "cardTypeIndicator": null,
                "expDataPrinted": true,
                "cvv2Printed": true
        "tokenRequestorId": "12345678901",
        "tokenReferenceId": "749f4d0d-4005-443e-9a66-0ea2d317b8f6",
        "tokenizationDecision": "APPROVED",
        "panReferenceId": "f7f4a607-f696-4936-9c99-0ec0b72fd140",
        "tokenState": "ACTIVE",
        "userValidationMethods": null,
        "cardMetaData": {
            "termsAndConditionsId": "893426c8-9bfa-4b51-b7da-b625106a89c5",
            "termsAndConditionsUrl": null,
            "cardArtUrl": null,
            "cardBackgroundColor": "RGB(122,55,84)",
            "cardForegroundColor": "RGB(22,55,94)",
            "labelColor": "RGB(122,255,84)",
            "longDescription": "long",
            "shortDescription": "short",
            "issuerData": {
                "issuerName": "INTL HDQTRS-CENTER OWNED        ",
                "issuerAddress": null,
                "issuerEmail": null,
                "issuerWebsite": "",
                "customerServiceTelephone": "123-456-7899",
                "onlineBankingUrl": null,
                "issuerPrivacyUrl": null,
                "issuerNotificationIcon": null,
                "issuerLogoUrl": null
            "issuerAppData": {
                "issuerAppOSType": null,
                "issuerAppName": null,
                "issuerAppAddress": null
            "cardAssets": [
                    "guid": "ff46730d-0288-4d96-aaf7-e6352a726118",
                    "assetType": "ICON_ISSUER",
                    "mimeType": "IMAGE/PNG",
                    "pixelHeight": 100,
                    "pixelWidth": 100
                    "guid": "bdf425c0-704c-4de0-aa05-94f897c18087",
                    "assetType": "COMBINED_BACKGROUND",
                    "mimeType": "IMAGE/PNG",
                    "pixelHeight": 969,
                    "pixelWidth": 1536
        "messageId": "a3159291-c092-4faf-b0c1-913977a40446",
        "conversationId": "8e6dc13c-66d2-4c87-b3c5-cc51edaa409a",
        "statusCode": "0000",
        "statusMessage": null
    "token": "476120FDallZ7718",
    "referenceNumber": "21082311414552807381",
    "success": true,
    "error": "",
    "message": "Network Tokenization Get Token Successful!"