production
development
https://api.banamex.com/mx-gcgapi
Paths
/v1/wallets/walletProvisioning/accounts/enrollment/encryption
post /v1/wallets/walletProvisioning/accounts/enrollment/encryption
Encryption API
Creates the Visa-MasterCard payloads and encrypts them before returning to Citi Mobile to forward to Apple
To use this operation you must use one of the following sets of security requirements.
ClientID (Query)
client_id
(apiKey located in query)
ClientID
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
OAuth Client Credentials Grant Type
Token URL
https://api.banamex.com/mx-gcgapi/api/oauth/token
Scopes
/api
Default scope
ClientID
X-IBM-Client-Id
(apiKey located in header)
ClientID
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
OAuth Client Credentials Grant Type
Token URL
https://api.banamex.com/mx-gcgapi/api/oauth/token
Scopes
/api
Default scope
Accept
Required in header
string
Content-Types that are acceptable for the response
{
"default": "application\/json"
}uuid
Required in header
string
Universally unique identifier (UUID) that you generate for every request and is used for tracking. It is recommended to use the output from Java UUID class or an equivalent
{
"default": "6b6e5567-8f28-4115-ba58-47cdb5e83669"
}Authorization
Required in header
string
The Authorization Token received during previous API call
{
"default": "6549badc-1e82-4e1f-9c2d-cc708d1b8faf"
}bizToken
Required in header
string
Business Token received during previous API call. Required in all calls after authorization is established
{
"default": "5cf5ab07-3899-4c9f-95f7-93a2c33c5d1f"
}client_id
Required in header
string
The client ID you received during application registration in the developer portal
{
"default": "7b30d3bf-4c70-49bc-9808-a2f21a9bca82"
}Content-Type
Required in header
string
Content-Types that is acceptable for the request. Currently we support applicationjson. Use only for PUT & POST methods
{
"default": "applicationjson"
}EncryptedPayloadRequest
Required in body
object
EncryptedPayloadRequest
200
Success response
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details | More Info |
| error | accessNotConfigured | The request operation is not configured to access this resource | Channel/Country/Business provided in the request is not supported currently |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
500
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://api.banamex.com/mx-gcgapi/api/v1/wallets/walletProvisioning/accounts/enrollment/encryption
/v1/wallets/walletProvisioning/accounts/enrollment/generateTAV
post /v1/wallets/walletProvisioning/accounts/enrollment/generateTAV
Generate TAV API
Generates the Token Authentication Value.
To use this operation you must use one of the following sets of security requirements.
ClientID (Query)
client_id
(apiKey located in query)
ClientID
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
OAuth Client Credentials Grant Type
Token URL
https://api.banamex.com/mx-gcgapi/api/oauth/token
Scopes
/api
Default scope
ClientID
X-IBM-Client-Id
(apiKey located in header)
ClientID
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
OAuth Client Credentials Grant Type
Token URL
https://api.banamex.com/mx-gcgapi/api/oauth/token
Scopes
/api
Default scope
Accept
Required in header
string
Content-Types that are acceptable for the response
{
"default": "application\/json"
}uuid
Required in header
string
Universally unique identifier (UUID) that you generate for every request and is used for tracking. It is recommended to use the output from Java UUID class or an equivalent
{
"default": "6b6e5567-8f28-4115-ba58-47cdb5e83669"
}Authorization
Required in header
string
The Authorization Token received during previous API call
{
"default": "6549badc-1e82-4e1f-9c2d-cc708d1b8faf"
}bizToken
Required in header
string
Business Token received during previous API call. Required in all calls after authorization is established
{
"default": "5cf5ab07-3899-4c9f-95f7-93a2c33c5d1f"
}client_id
Required in header
string
The client ID you received during application registration in the developer portal
{
"default": "7b30d3bf-4c70-49bc-9808-a2f21a9bca82"
}Content-Type
Required in header
string
Content-Types that is acceptable for the request. Currently we support applicationjson. Use only for PUT & POST methods
{
"default": "applicationjson"
}GenerateTAVRequest
Required in body
object
GenerateTAVRequest
200
Success response
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details | More Info |
| error | accessNotConfigured | The request operation is not configured to access this resource | Channel/Country/Business provided in the request is not supported currently |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
500
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://api.banamex.com/mx-gcgapi/api/v1/wallets/walletProvisioning/accounts/enrollment/generateTAV
Definitions
{
"type": "object",
"required": [
"code",
"type"
],
"properties": {
"code": {
"type": "string",
"description": "Error code which qualifies the error"
},
"details": {
"type": "string",
"description": "Human readable explanation specific to the occurrence of the problem"
},
"location": {
"type": "string",
"description": "The name of the field that resulted in the error"
},
"moreInfo": {
"type": "string",
"description": "URI to human readable documentation of the error"
},
"type": {
"type": "string",
"description": "invalid - Request did not confirm to the specification and was unprocessed & rejected. Please fix the value and try again
warn - Request was partially processed. E.g. some of the fields are missing in response to the system issues, request was accepted successfully but will be processed asynchronously
error - The request was accepted but could not be processed successfully
fatal - There was an internal system error while processing the request. These are technical errors and will be resolved by Citi, and the consumer should retry after some time. Business errors will not be categorized as fatal"
}
}
}
{
"type": "object",
"properties": {
"encryption_scheme": {
"type": "string",
"description": "Encryption scheme to be used to encryt card data (RSA, ECC)"
},
"last4fpan": {
"type": "string",
"description": "Last 4 digits of the card number"
},
"name": {
"type": "string",
"description": "Card holder name"
},
"network": {
"type": "string",
"description": "Card network (Visa, MasterCard)"
},
"nonce": {
"type": "string",
"description": "One time identifier"
},
"nonce_signature": {
"type": "string",
"description": "One time identifier's signature"
},
"expdate": {
"type": "string",
"description": "Card's expiration date"
},
"certificates": {
"type": "string",
"description": "Apple's DER certificate"
},
"product_type": {
"type": "string",
"description": "Card type (Credit/Debit card)"
}
}
}
{
"type": "object",
"properties": {
"activationData": {
"type": "string",
"description": "Data to be used by networks for provisioning"
},
"encryptedPassData": {
"type": "string",
"description": "Data to be used by Apple for provisioning"
},
"ephemeralPublicKey": {
"type": "string",
"description": "Key generated by issuer"
},
"wrappedKey": {
"type": "string",
"description": "Key generated by issuer"
}
}
}
{
"type": "object",
"properties": {
"last4fpan": {
"type": "string",
"description": "Last 4 digits of the card number"
},
"nonce": {
"type": "string",
"description": "One time identifier required for Visa only"
},
"expdate": {
"type": "string",
"description": "Card's expiration date"
},
"productType": {
"type": "string",
"description": "CREDIT, CHECKING"
}
}
}
{
"type": "object",
"properties": {
"activationData": {
"type": "string",
"description": "Data to be used by networks for provisioning"
}
}
}