Card Request

May 27, 2025 ยท View on GitHub

The payment card to use to fund a payment. Can be a credit or debit card. Note: Passing card number, cvv and expiry directly via the API requires PCI SAQ D compliance. PayPal offers a mechanism by which you do not have to take on the PCI SAQ D burden by using hosted fields - refer to this Integration Guide.

Structure

CardRequest

Fields

NameTypeTagsDescriptionGetterSetter
NameStringOptionalThe card holder's name as it appears on the card.

Constraints: Minimum Length: 1, Maximum Length: 300, Pattern: ^.{1,300}$
String getName()setName(String name)
NumberStringOptionalThe primary account number (PAN) for the payment card.

Constraints: Minimum Length: 13, Maximum Length: 19, Pattern: ^[0-9]{13,19}$
String getNumber()setNumber(String number)
ExpiryStringOptionalThe year and month, in ISO-8601 YYYY-MM date format. See Internet date and time format.

Constraints: Minimum Length: 7, Maximum Length: 7, Pattern: ^[0-9]{4}-(0[1-9]|1[0-2])$
String getExpiry()setExpiry(String expiry)
SecurityCodeStringOptionalThe three- or four-digit security code of the card. Also known as the CVV, CVC, CVN, CVE, or CID. This parameter cannot be present in the request when payment_initiator=MERCHANT.

Constraints: Minimum Length: 3, Maximum Length: 4, Pattern: ^[0-9]{3,4}$
String getSecurityCode()setSecurityCode(String securityCode)
BillingAddressAddressOptionalThe portable international postal address. Maps to AddressValidationMetadata and HTML 5.1 Autofilling form controls: the autocomplete attribute.Address getBillingAddress()setBillingAddress(Address billingAddress)
AttributesCardAttributesOptionalAdditional attributes associated with the use of this card.CardAttributes getAttributes()setAttributes(CardAttributes attributes)
VaultIdStringOptionalThe PayPal-generated ID for the vaulted payment source. This ID should be stored on the merchant's server so the saved payment source can be used for future transactions.

Constraints: Minimum Length: 1, Maximum Length: 255, Pattern: ^[0-9a-zA-Z_-]+$
String getVaultId()setVaultId(String vaultId)
SingleUseTokenStringOptionalThe PayPal-generated, short-lived, one-time-use token, used to communicate payment information to PayPal for transaction processing.

Constraints: Minimum Length: 1, Maximum Length: 255, Pattern: ^[0-9a-zA-Z_-]+$
String getSingleUseToken()setSingleUseToken(String singleUseToken)
StoredCredentialCardStoredCredentialOptionalProvides additional details to process a payment using a card that has been stored or is intended to be stored (also referred to as stored_credential or card-on-file). Parameter compatibility: payment_type=ONE_TIME is compatible only with payment_initiator=CUSTOMER. usage=FIRST is compatible only with payment_initiator=CUSTOMER. previous_transaction_reference or previous_network_transaction_reference is compatible only with payment_initiator=MERCHANT. Only one of the parameters - previous_transaction_reference and previous_network_transaction_reference - can be present in the request.CardStoredCredential getStoredCredential()setStoredCredential(CardStoredCredential storedCredential)
NetworkTokenNetworkTokenOptionalThe Third Party Network token used to fund a payment.NetworkToken getNetworkToken()setNetworkToken(NetworkToken networkToken)
ExperienceContextCardExperienceContextOptionalCustomizes the payer experience during the 3DS Approval for payment.CardExperienceContext getExperienceContext()setExperienceContext(CardExperienceContext experienceContext)

Example (as JSON)

{
  "name": "name8",
  "number": "number4",
  "expiry": "expiry6",
  "security_code": "security_code0",
  "billing_address": {
    "address_line_1": "address_line_12",
    "address_line_2": "address_line_28",
    "admin_area_2": "admin_area_28",
    "admin_area_1": "admin_area_14",
    "postal_code": "postal_code0",
    "country_code": "country_code8"
  }
}