# Update noname card PAN/PIN [beta]


Update a noname `UNNUMBERED` card's Primary Account Number (PAN) and, optionally, Personal Identification Number (PIN). 

`UNNUMBERED` cards are created without a Pismo platform-generated PAN and PIN.

To set up encryption for this endpoint, contact your Pismo representative.

This endpoint generates a [Card updated](https://developers.pismo.io/events/docs/cards-update-1) event with `operation_type` = `PAN_UPDATE`.

For more information, refer to [Issuer-defnined PAN/PIN](doc:cards-overview-1#issuer-defined-panpin).


# OpenAPI definition

```json
{
  "openapi": "3.0.1",
  "info": {
    "title": "Card issuing - Cards",
    "version": "1.4.6",
    "description": "Card endpoints API",
    "contact": {
      "name": "API Support",
      "url": "https://developers.pismo.io/support/"
    },
    "license": {
      "name": "Copyright Pismo"
    }
  },
  "servers": [
    {
      "url": "https://sandbox.pismolabs.io",
      "description": "Sandbox API server for testing."
    },
    {
      "url": "https://gw-pci.pismolabs.io",
      "description": "Sandbox PCI API server for testing"
    }
  ],
  "security": [
    {
      "BearerAuth": []
    }
  ],
  "tags": [
    {
      "name": "Issuer PAN/PIN",
      "description": "For issuer-defined PIN and PIN endpoints."
    }
  ],
  "components": {
    "parameters": {
      "cardId": {
        "in": "path",
        "name": "cardId",
        "schema": {
          "type": "string"
        },
        "description": "Pismo card ID",
        "required": true
      }
    },
    "schemas": {
      "BIN": {
        "type": "string",
        "description": "Bank Identification Number (BIN). A 6 or 8 digit number identitying the card network, issuer, and product.",
        "example": "87634277"
      },
      "InitializationVector": {
        "type": "string",
        "description": "Array initialization vector, used as a initial state for the AES algorithm. This field is used on the requester side to encrypt the PAN. It must be an random array of 16 bytes of length encoded as base64\n",
        "example": "ZZ3cUcotvQeaGciyLZb1wA=="
      },
      "KeyID": {
        "type": "string",
        "description": "Key ID used for encryption. To obtain the `key_id`, the sender will generate a symmetric key (AES), encrypt this key with an asymmetric key (public_key) and send it via secure email to the security team. \n\nTo obtain the asymmetric key, you must open a Configuration item for the Cards squad. After the Pismo security team registers the symmetric key, the `key_id` is shared with the issuer.\n",
        "example": "5c09cda4-8153-11ed-a1eb-0242ac120002"
      },
      "PANencrypted": {
        "type": "string",
        "description": "Primary Account Number (PAN) encrypted with AES/GCM/NoPadding algorithm. The ciphertext (PAN encryption result) is **REQUIRED** to be base64 encoded.\n",
        "example": "/5yGTkBSoqGY+Ug5yJuHUSGk54VRMNoY0G5Ni2HSa64="
      },
      "PinBlock": {
        "type": "string",
        "description": "PINBlocks are 64-bit strings that encode a PIN ready for encryption and secure transmission in banking networks. It contains both the PIN and additional data needed to encrypt it for transmission. The PIN block is typically encrypted using a secure cryptographic algorithm to prevent unauthorized access or tampering during transmission. \n",
        "example": "4E49BF480C44A36C"
      },
      "PinLengthString": {
        "type": "string",
        "description": "PIN length. \n\nEither `pinblock` or `pin_length` is **REQUIRED**. If `pinblock` is not passed, Pismo will generate a random PIN. \n",
        "example": "4",
        "enum": [
          "4",
          "6"
        ]
      },
      "UpdatePanBody": {
        "type": "object",
        "description": "Update a card's PAN/PIN object. For cards with status `UNNUMBERED`. \n",
        "required": [
          "pan"
        ],
        "properties": {
          "pan": {
            "$ref": "#/components/schemas/PanObjectUpdatePan"
          },
          "pin": {
            "$ref": "#/components/schemas/PinObjectUpdatePan"
          }
        }
      },
      "PanObjectUpdatePan": {
        "type": "object",
        "description": "PAN update object",
        "required": [
          "bin",
          "data",
          "key_id",
          "iv"
        ],
        "properties": {
          "bin": {
            "$ref": "#/components/schemas/BIN"
          },
          "data": {
            "$ref": "#/components/schemas/PANencrypted"
          },
          "key_id": {
            "$ref": "#/components/schemas/KeyID"
          },
          "iv": {
            "$ref": "#/components/schemas/InitializationVector"
          }
        }
      },
      "PinObjectUpdatePan": {
        "type": "object",
        "description": "PIN update object. If passed, either `pinblock` or `pin_length` is **REQUIRED**.",
        "properties": {
          "pinblock": {
            "$ref": "#/components/schemas/PinBlock"
          },
          "pin_length": {
            "$ref": "#/components/schemas/PinLengthString"
          }
        }
      }
    },
    "securitySchemes": {
      "BearerAuth": {
        "type": "http",
        "scheme": "bearer",
        "description": "Account token - an access token encoded with a Pismo account ID. Tokens can expire quickly, which can result in an \"Unauthorized\" error.",
        "bearerFormat": "JWT"
      }
    },
    "responses": {
      "400BadRequest": {
        "description": "Bad Request"
      },
      "401Unauthorized": {
        "description": "Access token is missing or invalid"
      },
      "403Forbidden": {
        "description": "You don't have permission to access this resource"
      },
      "404NotFound": {
        "description": "The specified resource was not found"
      },
      "406NotAcceptable": {
        "description": "Not accepetable"
      },
      "500InternalServer": {
        "description": "Internal server error"
      }
    }
  },
  "paths": {
    "/pcicards/v1/pcicards/cards/noname/{cardId}/pan": {
      "put": {
        "summary": "Update noname card PAN/PIN [beta]",
        "description": "\nUpdate a noname `UNNUMBERED` card's Primary Account Number (PAN) and, optionally, Personal Identification Number (PIN). \n\n`UNNUMBERED` cards are created without a Pismo platform-generated PAN and PIN.\n\nTo set up encryption for this endpoint, contact your Pismo representative.\n\nThis endpoint generates a [Card updated](https://developers.pismo.io/events/docs/cards-update-1) event with `operation_type` = `PAN_UPDATE`.\n\nFor more information, refer to [Issuer-defnined PAN/PIN](https://developers.pismo.io/pismo-docs/docs/cards-overview-1#issuer-defined-panpin).\n",
        "operationId": "put-v1-update-pan-noname",
        "tags": [
          "Issuer PAN/PIN"
        ],
        "parameters": [
          {
            "$ref": "#/components/parameters/cardId"
          }
        ],
        "requestBody": {
          "description": "Request body",
          "required": true,
          "content": {
            "application/json": {
              "schema": {
                "$ref": "#/components/schemas/UpdatePanBody"
              }
            }
          }
        },
        "responses": {
          "202": {
            "description": "Accepted"
          },
          "400": {
            "$ref": "#/components/responses/400BadRequest"
          },
          "401": {
            "$ref": "#/components/responses/401Unauthorized"
          },
          "403": {
            "$ref": "#/components/responses/403Forbidden"
          },
          "404": {
            "$ref": "#/components/responses/404NotFound"
          },
          "406": {
            "$ref": "#/components/responses/406NotAcceptable"
          },
          "500": {
            "$ref": "#/components/responses/500InternalServer"
          }
        }
      }
    }
  }
}
```