# Get eligible token requestors
Retrieve information about token requestors that have been enabled for one or more of the issuer's account ranges.
Pismo acts as a proxy for the Mastercard Token Connect API
For more information, refer to the [MDES Token Connect](doc:mdes-token-connect) guide.
# OpenAPI definition
```json
{
"openapi": "3.1.0",
"info": {
"title": "Card issuing - Tokenization",
"description": "API endpoints for card tokenization.",
"version": "1.0.0",
"contact": {
"name": "API Support",
"url": "https://developers.pismo.io/support"
},
"license": {
"name": "Copyright Pismo"
}
},
"servers": [
{
"url": "https://gw-pci.pismolabs.io/cards-tokenization",
"description": "PCI API server for testing"
},
{
"url": "https://pci.pismolabs.io/cards-tokenization",
"description": "Sandbox API server for testing"
}
],
"tags": [
{
"name": "MDES Token Connect [Beta]",
"description": "Mastercard's Token Connect service endpoints"
}
],
"components": {
"parameters": {
"accessTokenHeader": {
"name": "access_token",
"in": "header",
"required": true,
"schema": {
"type": "string"
},
"description": "Access token. Tokens can expire quickly, which can result in a **401 Unauthorized** error."
},
"TenantHeader": {
"name": "x-tenant",
"in": "header",
"schema": {
"type": "string"
},
"description": "Pismo organization/tenant ID",
"required": true
}
},
"schemas": {
"PushMethod": {
"type": "object",
"required": [
"type",
"uri"
],
"properties": {
"type": {
"type": "string",
"description": "Push method type\n\n* `ANDROID` - Android app intent URI\n* `IOS` - iOS app intent URI\n* `WEB` - Browser URL\n",
"enum": [
"ANDROID",
"IOS",
"WEB"
],
"example": "WEB"
},
"uri": {
"type": "string",
"description": "URI to open the token requestor's application or website.",
"maxLength": 128,
"format": "uri",
"example": "https://tokenize.example.com"
}
}
},
"TokenRequestor": {
"type": "object",
"description": "Token requestor information. Wallets, Merchants, Payment Service Providers are collectively referred to as token requestors",
"required": [
"token_requestor_id",
"name",
"consumer_facing_entity_name",
"token_requestor_type",
"enabled_account_ranges"
],
"properties": {
"token_requestor_id": {
"$ref": "#/components/schemas/TokenRequestorId"
},
"name": {
"type": "string",
"description": "Token requestor legal name",
"maxLength": 64,
"example": "Acme Widgets, Inc."
},
"consumer_facing_entity_name": {
"type": "string",
"description": "Consumer facing entity name. Token requestor display name.",
"maxLength": 100,
"example": "Acme Widgets Online"
},
"token_requestor_type": {
"$ref": "#/components/schemas/TokenRequestorType"
},
"enabled_account_ranges": {
"type": "array",
"description": "Array of account range start numbers enabled for token requestor. The start numbers are 19 digits in length.\n",
"items": {
"type": "integer",
"format": "int64"
}
},
"image_asset_id": {
"type": "string",
"description": "Token requestor image (for instance a logo) asset ID. \nCall the [Get asset](https://developers.pismo.io/pismo-docs/reference/token_connect_get_asset) endpoint to retrieve the image.\n"
},
"wallet_id": {
"$ref": "#/components/schemas/WalletID2"
},
"supported_push_methods": {
"type": "array",
"description": "Web-to-web or app-to-web push methods token requestor supports. Not returned if the token requestor does not participate in the MDES Token Connect program.\n",
"items": {
"type": "string",
"enum": [
"ANDROID",
"IOS",
"WEB"
]
}
},
"supports_multiple_pushed_cards": {
"type": "boolean",
"description": "Does token requestor support up to 5 push account receipts in a single request? Present if the token requestor participates in MDES Token Connect program.\n"
},
"supported_account_holder_data": {
"type": "array",
"description": "\nAccount holder data elements the token requestor expects to receive from the issuer with a pushed card or account. \n\nOnly returned if the token requestor participates in MDES Token Connect. \n\nIf the token requestor participates but doesn't accept account holder data, then an empty array is returned. To ensure forward-compatibility, all API client implementations must be resilient to new data element values being added to responses from MDES. \n\n* `NAME` - Account holder first and last name\n* `ADDRESS` - Account holder billing address\n* `EMAIL_ADDRESS` - Account holder email address\n* `MOBILE_PHONE_NUMBER` - Account holder mobile phone number\n",
"items": {
"type": "string",
"enum": [
"NAME",
"ADDRESS",
"EMAIL_ADDRESS",
"MOBILE_PHONE_NUMBER"
]
}
},
"supports_card_holder_authentication": {
"type": "boolean",
"description": "Does token requestor support cardholder authentication after the token is activated?\n"
},
"supports_token_connect": {
"type": "boolean",
"description": "Does token requestor support Token Connect? \n"
},
"available_push_methods": {
"type": "array",
"description": "Available push methods",
"items": {
"$ref": "#/components/schemas/PushMethod"
}
},
"support_issuer_initiated_digitization_data": {
"type": "boolean",
"description": "Does token requestor support Issuer Initiated Digitization Data?\n"
}
}
},
"TokenRequestorId": {
"type": "string",
"description": "Token requestor ID (TRID), a numeric 11-digit value. \n\nA token requestor is an entity that initiates the tokenization process. Wallets, merchants, payments service providers (PSPs) are collectively referred to as **token requestors**. \n\nCard networks use TRIDs to enforce usage boundaries at the network level, know who is reponsible if fraud occurs, and to prevent tokens from being used elsewhere.\n",
"maxLength": 11,
"example": "01234567890"
},
"TokenRequestorRequest": {
"type": "object",
"required": [
"accounts"
],
"properties": {
"accounts": {
"type": "array",
"description": "Account ranges to check for eligibility. \n\nThe starting numbers are numeric strings between 9 and 19 in length. If the starting numbers are less than 19, MDES zero pads the starting numbers to 19 in length. The padded value must exactly match the account range start number enabled for the token requestor.\n",
"items": {
"type": "string"
},
"example": [
"5412346789",
"5412346780"
]
}
}
},
"TokenRequestorResponse": {
"type": "object",
"properties": {
"token_requestors": {
"type": "array",
"items": {
"$ref": "#/components/schemas/TokenRequestor"
}
}
}
},
"TokenRequestorType": {
"type": "string",
"description": "Token requestor type\n\n* `MERCHANT` - Merchant token requestor. For example - Netflix, Uber, Amazon, and so on. \n\n* `WALLET`- Wallet or commerce platform token requestor. For example - Apple Pay, Google Wallet, Samsung Pay, and so on. \n",
"enum": [
"MERCHANT",
"WALLET"
],
"example": "MERCHANT"
},
"WalletID2": {
"type": "string",
"description": "Wallet provider ID. Returned if token requestor is a wallet like Google Pay or Samsung Pay.\n",
"maxLength": 3,
"example": "123"
}
},
"securitySchemes": {
"BearerAuth": {
"type": "http",
"scheme": "bearer",
"description": "Account token - token encoded with a Pismo account ID. Tokens can expire quickly, which can result in a \"**401 Unauthorized**\" error.",
"bearerFormat": "JWT"
}
}
},
"security": [
{
"BearerAuth": []
}
],
"paths": {
"/v1/token-connect": {
"post": {
"summary": "Get eligible token requestors",
"description": "Retrieve information about token requestors that have been enabled for one or more of the issuer's account ranges.\n\nPismo acts as a proxy for the Mastercard Token Connect API\n\nFor more information, refer to the [MDES Token Connect](https://developers.pismo.io/pismo-docs/docs/mdes-token-connect) guide.\n",
"operationId": "token_connect_get_eligible_token_requestors",
"tags": [
"MDES Token Connect [Beta]"
],
"parameters": [
{
"$ref": "#/components/parameters/accessTokenHeader"
},
{
"$ref": "#/components/parameters/TenantHeader"
}
],
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/TokenRequestorRequest"
}
}
}
},
"responses": {
"200": {
"description": "Successful response",
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/TokenRequestorResponse"
}
}
}
},
"400": {
"description": "Bad request"
},
"500": {
"description": "Internal server error"
}
}
}
}
}
}
```