Generate token - Waffo Documentation

POST /api/v1/tokenization/generate

Request parameters

Parameter	Type	Required	Description
`tokenRequestId`	String	Yes	Idempotency key for the card binding request
`merchantUserId`	String	Yes	User ID on the merchant side
`tokenType`	String	Yes	Token type, fixed as `"CARD"`
`merchantInfo`	Object	Yes	Merchant information (includes `merchantId`)
`notifyUrl`	String	Yes	Webhook callback URL for the card binding result
`tokenData`	Object	No	Card data (PCI-DSS merchants only)

tokenData (PCI-DSS merchants only)

Parameter	Type	Description
`pan`	String	Card number
`name`	String	Cardholder name
`expiry`	String	Expiration date (MM/YYYY)
`cvv`	String	CVV

Response parameters

Parameter	Type	Description
`tokenSessionId`	String	Session ID, pass to the frontend SDK `tokenizationSubmit`
`tokenId`	String	Token ID (returned only when PCI-DSS merchants submit directly)

Request example

Standard flow (submitted via frontend SDK)

{
  "tokenRequestId": "treq_a1b2c3d4e5f6",
  "merchantUserId": "user_123",
  "tokenType": "CARD",
  "merchantInfo": { "merchantId": "M000001" },
  "notifyUrl": "https://your-site.com/webhook/tokenization"
}

Response example

{
  "code": "0",
  "msg": "Success",
  "data": {
    "tokenSessionId": "tsess_xxxxxxxxxxxx"
  }
}

After obtaining tokenSessionId, pass it to the frontend SDK method tokenizationSubmit to complete card submission.

Card binding result notification

After card binding is completed, Waffo sends a Webhook notification to notifyUrl containing tokenId. The merchant must store this tokenId for subsequent payments.

Card binding and token management Token inquiry

⌘I

​Request parameters

​tokenData (PCI-DSS merchants only)

​Response parameters

​Request example

​Standard flow (submitted via frontend SDK)

​Response example

​Card binding result notification