A new card for the customer can be created and ordered using the POST endpoint: /customers/{customerId}/cards. This operation creates a new card through our issuance partner with Visa or MasterCard. If a physical card is requested, it also initiates a shipment order to the specified address. Please note that each card is linked to a specific account, and currently, we only support a limit of one virtual and one physical card per customer's account.
Create new card
post
/accounts/{accountId}/cards
Creates new card for the account
Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
accountIdstring Β· uuidRequired
Unique account ID
Header parameters
SignaturestringRequired
HTTP message signature
Signature-InputstringRequired
HTTP message signature input
Idempotency-Keystring Β· uuidRequired
Idempotency key (UUID)
Content-DigeststringRequired
Content digest
Body
typestring Β· enumRequired
Card type
Possible values:
Responses
201
Successful operation
application/json
400
Invalid request
401
Not authorised
404
Account not found
500
Internal error
post
/accounts/{accountId}/cards
Card Entity Updates
Any internal updates to the card entity will be reported through webhook update events. For details on how to set up and manage webhook subscriptions, please refer to Webhooks.
Retrieve Cards for a Specific Account
To retrieve a list of cards associated with a specific account, make a GET request to /accounts/{accountId}/cards.
Retrieve account cards
get
/accounts/{accountId}/cards
Retrieves account's cards
Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
accountIdstring Β· uuidRequired
Unique account ID
Header parameters
SignaturestringRequired
HTTP message signature
Signature-InputstringRequired
HTTP message signature input
Responses
200
Successful operation
application/json
400
Invalid request
401
Not authorised
404
Account not found
500
Internal error
get
/accounts/{accountId}/cards
Retrieve All Cards
To retrieve a list of all cards associated with the programme, make a GET request to /cards. To fetch details of a specific card by ID, use a GET request to /cards/{cardId}.
Retrieve cards
get
/cards
Retrieves cards' details
Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Header parameters
SignaturestringRequired
HTTP message signature
Signature-InputstringRequired
HTTP message signature input
Responses
200
Successful operation
application/json
400
Invalid request
401
Not authorised
500
Internal error
get
/cards
Retrieve an Individual Card
To retrieve information about an individual card, make a GET request to /cards/{cardId}.
Retrieve card
get
/cards/{cardId}
Retrieves card's details
Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
cardIdstring Β· uuidRequired
Unique card ID
Header parameters
SignaturestringRequired
HTTP message signature
Signature-InputstringRequired
HTTP message signature input
Responses
200
Successful operation
application/json
400
Invalid request
401
Not authorised
404
Card not found
500
Internal error
get
/cards/{cardId}
Deactivate a Card
To deactivate a card, use a PATCH request to /cards/{cardId}/deactivate.
Deactivate card
patch
/cards/{cardId}/deactivate
Deactivates card and all associated resources
Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
cardIdstring Β· uuidRequired
Unique card ID
Header parameters
SignaturestringRequired
HTTP message signature
Signature-InputstringRequired
HTTP message signature input
Idempotency-Keystring Β· uuidRequired
Idempotency key (UUID)
Responses
200
Successful operation
application/json
400
Invalid request
401
Not authorised
404
Account not found
409
Invalid state transition
500
Internal error
patch
/cards/{cardId}/deactivate
Reactivate a Card
To reactivate a previously deactivated card, use a PATCH request to /cards/{cardId}/activate.
Activate card
patch
/cards/{cardId}/activate
Activates card and all associated resources
Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
cardIdstring Β· uuidRequired
Unique card ID
Header parameters
SignaturestringRequired
HTTP message signature
Signature-InputstringRequired
HTTP message signature input
Idempotency-Keystring Β· uuidRequired
Idempotency key (UUID)
Responses
200
Successful operation
application/json
400
Invalid request
401
Not authorised
404
Account not found
409
Invalid state transition
500
Internal error
patch
/cards/{cardId}/activate
Terminate a Card
A card can be terminated using a DELETE request to /cards/{cardId}. This is an irreversible operation, and the card will not be available for new payments. However, it will remain active for pending holds for up to 30 days.
Terminate card
delete
/cards/{cardId}
Terminates card
Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
GET /v1/accounts/{accountId}/cards HTTP/1.1
Host: api.offblocks.xyz
Authorization: Bearer YOUR_SECRET_TOKEN
Signature: text
Signature-Input: text
Accept: */*
