> ## Documentation Index
> Fetch the complete documentation index at: https://waffo.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate token

> Initiate a card binding request and obtain `tokenSessionId` for use by the frontend SDK.

```
POST /api/v1/tokenization/generate
```

## Request parameters

| Parameter        | Type   | Required | Description                                      |
| ---------------- | ------ | -------- | ------------------------------------------------ |
| `tokenRequestId` | String | Yes      | Idempotency key for the card binding request     |
| `merchantUserId` | String | Yes      | User ID on the merchant side                     |
| `tokenType`      | String | Yes      | Token type, fixed as `"CARD"`                    |
| `merchantInfo`   | Object | Yes      | Merchant information (includes `merchantId`)     |
| `notifyUrl`      | String | Yes      | Webhook callback URL for the card binding result |
| `tokenData`      | Object | No       | Card data (PCI-DSS merchants only)               |

### tokenData (PCI-DSS merchants only)

| Parameter | Type   | Description               |
| --------- | ------ | ------------------------- |
| `pan`     | String | Card number               |
| `name`    | String | Cardholder name           |
| `expiry`  | String | Expiration date (MM/YYYY) |
| `cvv`     | String | CVV                       |

## Response parameters

| Parameter        | Type   | Description                                                     |
| ---------------- | ------ | --------------------------------------------------------------- |
| `tokenSessionId` | String | Session ID, pass to the frontend SDK `tokenizationSubmit`       |
| `tokenId`        | String | Token ID (returned only when PCI-DSS merchants submit directly) |

## Request example

### Standard flow (submitted via frontend SDK)

```json theme={null}
{
  "tokenRequestId": "treq_a1b2c3d4e5f6",
  "merchantUserId": "user_123",
  "tokenType": "CARD",
  "merchantInfo": { "merchantId": "M000001" },
  "notifyUrl": "https://your-site.com/webhook/tokenization"
}
```

### Response example

```json theme={null}
{
  "code": "0",
  "msg": "Success",
  "data": {
    "tokenSessionId": "tsess_xxxxxxxxxxxx"
  }
}
```

After obtaining `tokenSessionId`, pass it to the frontend SDK method `tokenizationSubmit` to complete card submission.

## Card binding result notification

After card binding is completed, Waffo sends a Webhook notification to `notifyUrl` containing `tokenId`. The merchant must store this `tokenId` for subsequent payments.