Get Card tokens by card ID
Retrieves a list of token objects that belong to a specific card identified by its internal CMS card identifier ({cardId}). Tokens represent virtual card credentials (e.g., for online payments, mobile wallets). The endpoint supports optional paging (size, page) and sorting (sort) parameters.
URL test:
Method:
GET
Path items:
/cards (Card Service)
/{cardId} (CMS card internal unique id)
/tokens (Tokens collection)
Parameters:
| Parameter | Location | Type | Example | Description | Required |
|---|---|---|---|---|---|
| cardId | path | integer | 116 | CMS card internal unique id whose tokens are requested | Yes |
| size | query | integer | 20 | Number of records per page (default 20) | No |
| page | query | integer | 0 | Page index, starting at 0 | No |
| sort | query | string | createdAt,desc | Sorting criteria in the form property,(asc|desc). Multiple criteria can be comma‑separated. |
No |
Example:
curl -X 'GET' \
' https://test.lightcms.io/cms/v2/cards/116/tokens?size=20&page=0&sort=createdAt,desc' \
-H 'accept: */*'
Responses:
200 - OK
Status Code: 200 OK
[
{
"id": 4,
"cardId": 116,
"device": {
"deviceId": "XX",
"description": "44",
"type": "44"
},
"cmsStatus": "ACTIVE",
"cpStatus": "44",
"tokenRequestor": {
"code": "44",
"description": "44"
},
"tokenUniqueReferenceId": "44",
"panSource": "44",
"tokenId": "44",
"otp": {},
"score": {
"reasonCodes": []
},
"cvc2Match": false,
"createdAt": "2025-07-21T16:09:24+02:00",
"updatedAt": "2025-07-21T16:27:27+02:00"
}
]
| Parameter | Type | Example | Description |
|---|---|---|---|
| id | integer | 4 | Internal token identifier |
| cardId | integer | 116 | CMS card identifier to which the token belongs |
| device.deviceId | string | "XX" | Identifier of the device that enrolled the token |
| device.description | string | "44" | Human‑readable description of the device |
| device.type | string | "44" | Machine‑readable device type code |
| cmsStatus | string | "ACTIVE" | Token status in the CMS system (e.g., ACTIVE, REVOKED) |
| cpStatus | string | "44" | Token status in the card‑processor system |
| tokenRequestor.code | string | "44" | Code of the entity that requested the token |
| tokenRequestor.description | string | "44" | Human‑readable description of the requestor |
| tokenUniqueReferenceId | string | "44" | Unique reference for the token creation request |
| panSource | string | "44" | Source of the PAN used for the token (e.g., CARD, ACCOUNT) |
| tokenId | string | "44" | Token identifier used by the card processor |
| otp | object | {} | One‑time‑password related data (currently empty) |
| score.reasonCodes | array | [] | List of reason codes contributing to the token risk score |
| cvc2Match | boolean | false | Indicates whether the CVC2 matched during enrollment |
| createdAt | string | "2025-07-21T16:09:24+02:00" | Timestamp when the token was created (ISO‑8601) |
| updatedAt | string | "2025-07-21T16:27:27+02:00" | Timestamp of the last update to the token (ISO‑8601) |
404 - Not Found
Status Code: 404 Not Found
| Parameter | Type | Example | Description |
|---|---|---|---|
| errorMessage | string | "Entity with id 100-1863 not found in DB." | Human‑readable error description |
500 - Internal error
Status Code: 500 Internal error
{
"timestamp": "2025-07-22T13:09:02.348+02:00",
"status": 500,
"error": "Internal Server Error",
"path": "/cms/v1/cards "
}
| Parameter | Type | Example | Description |
|---|---|---|---|
| timestamp | string | "2025-07-22T13:09:02.348+02:00" | Time of the error |
| status | integer | 500 | HTTP status code |
| error | string | "Internal Server Error" | Short error title |
| path | string | "/cms/v1/cards " | Endpoint that produced the error |