Retrieve Card Token by DPAN
Returns detailed information about a specific card token identified by the card identifier (id) and its DPAN (dpan).
The response includes token metadata, status, associated card, device information, and timestamps.
URL test:
Method:
GET
Path items:
/cards/{id}/tokens/{dpan}/dpan
Parameters:
| Parameter | Location | Type | Example | Description | Required |
|---|---|---|---|---|---|
| id | path | integer | 12345 | CMS internal card identifier | Yes |
| dpan | path | string | 402895**0500 | DPAN (masked PAN) of the token | Yes |
| x-idempotency-key | header | string | 1 | Idempotency key – guarantees safe retries | No |
| x-tenant | header | string | 1 | Tenant identifier (used in multi‑tenant deployments) | No |
Example:
curl -X GET "https://test.lightcms.io/cms/v1/cards/12345/tokens/402895******0500/dpan" \
-H 'accept: */*' \
-H 'x-idempotency-key: 1' \
-H 'x-tenant: 1'
Responses:
200 - OK
Status Code: 200 OK
{
"id": 4,
"cardId": 116,
"dpan": "402895******0500",
"device": {
"deviceId": "XX",
"description": "44",
"type": "44"
},
"cmsStatus": "ACTIVE",
"cpStatus": "44",
"tokenRequestor": {
"code": "44",
"description": "44"
},
"tokenUniqueReferenceId": "44",
"panSource": "44",
"tokenId": "44",
"otp": {},
"score": {
"reasonCodes": []
},
"cvc2Match": false,
"createdAt": "2025-07-21T16:09:24+02:00",
"updatedAt": "2025-07-21T16:27:27+02:00"
}
| Parameter | Location | Type | Description |
|---|---|---|---|
| id | integer | Internal identifier of the token record. | |
| cardId | integer | CMS internal identifier of the card associated with this token. | |
| dpan | string | DPAN (masked PAN) of the token. | |
| device | device | object | Device information container. |
| deviceId | device | string | Identifier of the device that enrolled the token. |
| description | device | string | Human‑readable description of the device. |
| type | device | string | Device type code. |
| cmsStatus | string | Current status of the token in the CMS (e.g., ACTIVE, INACTIVE). |
|
| cpStatus | string | Status of the token in the card‑processor system. | |
| tokenRequestor | tokenRequestor | object | Requestor information container. |
| code | tokenRequestor | string | Code of the entity that requested the token (e.g., CUSTOMER, BANK). |
| description | tokenRequestor | string | Human‑readable description of the requestor. |
| tokenUniqueReferenceId | string | Unique reference linking the token to its originating request. | |
| panSource | string | Source of the PAN for the token (e.g., ENCRYPTED, MASKED). |
|
| tokenId | string | Identifier of the token as returned by the processor. | |
| otp | object | One‑time‑password related data (currently empty). | |
| score | score | object | Score information container. |
| reasonCodes | score | array | List of reason codes influencing the token risk score. |
| cvc2Match | boolean | Indicates whether the CVC2 matches the stored value. | |
| createdAt | string | ISO‑8601 timestamp when this token version was created. | |
| updatedAt | string | ISO‑8601 timestamp of the most recent update to this token version. |
404 - Not Found
Status Code: 404 Not Found