DRAFT for review/approval
REST API 2.0 Implementation for Network Token as a Service
Flow
The following is the high-level flow for network-token-as-a-service (NTaaS).
- Token Request – To request a network-issued token, submit a PAN via a secure API. For information about the related endpoint, see: /network tokens Endpoint
- Cryptogram Request – To request a cryptogram, submit the
paymentTokenIdreturned in response to the token request. For information about the related endpoint, see: /network-tokens cryptograms Endpoint - Transaction Usage – The network-issued token replaces the PAN in the transaction. For information about the related endpoint, see: /network-tokens/{payment-token-id}?processing_entity_id=yourProcessingEntity Endpoint
- Lifecycle Management – Provisioning, updates, and de-tokenization as needed.
Endpoints
Endpoints provided by Nuvei for NTaaS are described in this section in the order of the flow.
1. /network tokens Endpoint
- Method –
POST - Purpose – To initiate network token provisioning, the system securely collects card details and routes the request to the correct tokenization service (for example, Visa or Mastercard). If successful, a
paymentTokenIdis returned for use in future token operations.
Example request for network token provisioning
{
"processingEntityId": "<processingEntityId>",
"paymentOption": {
"card": {
"cardNumber": "4111111111111111",
"expirationMonth": "06",
"expirationYear": "2028",
"cvv": "591"
}
}
}
Example response with paymentTokenId
{
"paymentOption": {
"networkToken": {
"paymentTokenId": "string",
"tokenNumber": "string",
"expirationYear": "string",
"expirationMonth": "string",
"tokenStatus": "string",
"tokenUniqueReference": "string",
"paymentAccountReference": "string",
"tokenAssuranceLevel": "string",
"card": {
"last4Digits": "stri",
"expirationYear": "string",
"expirationMonth": "string",
"cardUpdated": "string",
"updateReason": "string",
"updateDate": "string"
},
"merchantReference": "string"
}
},
"tokenRequestorId": "string",
"result": {
"status": "success"
}
}
2. /network-tokens/cryptograms Endpoint
- Method –
POST - Purpose – To generate a dynamic cryptogram (one-time-use secure code) for a specific
paymentTokenId. The cryptogram is used during transaction processing to authenticate and authorize the use of a tokenized card.
Example request for cryptogram
{
"processingEntityId": "<processingEntityId>",
"paymentOption": {
"paymentToken": {
"paymentTokenId": "<the payment token id>"
}
},
"transactionType": "ECOM"
}
Example response to cryptogram request
{
"paymentOption": {
"networkToken": {
"paymentTokenId": "string",
"tokenNumber": "string",
"expirationYear": "string",
"expirationMonth": "string",
"tokenStatus": "string",
"tokenUniqueReference": "string",
"paymentAccountReference": "string",
"tokenAssuranceLevel": "string",
"cryptogram": "string",
"merchantReference": "MREF_6f06168d-ff6e-448b-8401-30051eb6b1af"
}
},
"result": {
"status": "success",
"errors": {
"code": "7000.1000",
"reason": "Unexpected error"
}
}
}
3. /network-tokens/{payment-token-id}?processing_entity_id=yourProcessingEntity Endpoint
-
- Method –
GET - Purpose – Using the
paymentTokenId, detailed information is fetched about a previously provisioned network token. The detailed information is useful, for example, for checking token status and metadata, and for resolving token discrepancies for auditing or support purposes.
- Method –
Example response for detailed information via paymentTokenId
{
"paymentOption": {
"networkToken": {
"paymentTokenId": "string",
"tokenNumber": "string",
"expirationYear": "string",
"expirationMonth": "string",
"tokenStatus": "string",
"tokenUniqueReference": "string",
"paymentAccountReference": "string",
"tokenAssuranceLevel": "string",
"card": {
"last4Digits": "stri",
"expirationYear": "string",
"expirationMonth": "string",
"cardUpdated": "string",
"updateReason": "string",
"updateDate": "string"
},
"merchantReference": "MREF_6f06168d-ff6e-448b-8401-30051eb6b1af"
}
},
"tokenRequestorId": "string",
"result": {
"status": "success"
}
}
Last modified July 2025