Card Request
May 27, 2025 ยท View on GitHub
The payment card to use to fund a payment. Can be a credit or debit card. Note: Passing card number, cvv and expiry directly via the API requires PCI SAQ D compliance. PayPal offers a mechanism by which you do not have to take on the PCI SAQ D burden by using hosted fields - refer to this Integration Guide.
Structure
CardRequest
Fields
| Name | Type | Tags | Description | Getter | Setter |
|---|---|---|---|---|---|
Name | String | Optional | The card holder's name as it appears on the card. Constraints: Minimum Length: 1, Maximum Length: 300, Pattern: ^.{1,300}$ | String getName() | setName(String name) |
Number | String | Optional | The primary account number (PAN) for the payment card. Constraints: Minimum Length: 13, Maximum Length: 19, Pattern: ^[0-9]{13,19}$ | String getNumber() | setNumber(String number) |
Expiry | String | Optional | The year and month, in ISO-8601 YYYY-MM date format. See Internet date and time format.Constraints: Minimum Length: 7, Maximum Length: 7, Pattern: ^[0-9]{4}-(0[1-9]|1[0-2])$ | String getExpiry() | setExpiry(String expiry) |
SecurityCode | String | Optional | The three- or four-digit security code of the card. Also known as the CVV, CVC, CVN, CVE, or CID. This parameter cannot be present in the request when payment_initiator=MERCHANT.Constraints: Minimum Length: 3, Maximum Length: 4, Pattern: ^[0-9]{3,4}$ | String getSecurityCode() | setSecurityCode(String securityCode) |
BillingAddress | Address | Optional | The portable international postal address. Maps to AddressValidationMetadata and HTML 5.1 Autofilling form controls: the autocomplete attribute. | Address getBillingAddress() | setBillingAddress(Address billingAddress) |
Attributes | CardAttributes | Optional | Additional attributes associated with the use of this card. | CardAttributes getAttributes() | setAttributes(CardAttributes attributes) |
VaultId | String | Optional | The PayPal-generated ID for the vaulted payment source. This ID should be stored on the merchant's server so the saved payment source can be used for future transactions. Constraints: Minimum Length: 1, Maximum Length: 255, Pattern: ^[0-9a-zA-Z_-]+$ | String getVaultId() | setVaultId(String vaultId) |
SingleUseToken | String | Optional | The PayPal-generated, short-lived, one-time-use token, used to communicate payment information to PayPal for transaction processing. Constraints: Minimum Length: 1, Maximum Length: 255, Pattern: ^[0-9a-zA-Z_-]+$ | String getSingleUseToken() | setSingleUseToken(String singleUseToken) |
StoredCredential | CardStoredCredential | Optional | Provides additional details to process a payment using a card that has been stored or is intended to be stored (also referred to as stored_credential or card-on-file). Parameter compatibility: payment_type=ONE_TIME is compatible only with payment_initiator=CUSTOMER. usage=FIRST is compatible only with payment_initiator=CUSTOMER. previous_transaction_reference or previous_network_transaction_reference is compatible only with payment_initiator=MERCHANT. Only one of the parameters - previous_transaction_reference and previous_network_transaction_reference - can be present in the request. | CardStoredCredential getStoredCredential() | setStoredCredential(CardStoredCredential storedCredential) |
NetworkToken | NetworkToken | Optional | The Third Party Network token used to fund a payment. | NetworkToken getNetworkToken() | setNetworkToken(NetworkToken networkToken) |
ExperienceContext | CardExperienceContext | Optional | Customizes the payer experience during the 3DS Approval for payment. | CardExperienceContext getExperienceContext() | setExperienceContext(CardExperienceContext experienceContext) |
Example (as JSON)
{
"name": "name8",
"number": "number4",
"expiry": "expiry6",
"security_code": "security_code0",
"billing_address": {
"address_line_1": "address_line_12",
"address_line_2": "address_line_28",
"admin_area_2": "admin_area_28",
"admin_area_1": "admin_area_14",
"postal_code": "postal_code0",
"country_code": "country_code8"
}
}