Delete Card Token Endpoint

Invalidates a previously generated card identifier, preventing its future use for transactions.

Invalidate a Card Token

delete

Invalidates a previously generated card token, preventing its future use for transactions

Authorizations
Path parameters
card_identifierstringRequired

The unique card token to invalidate

Example: CID-2210908e-6d8e-468d-9eb3-d551e8b541a0
Header parameters
Content-TypestringRequired

Media type of the body sent to the API

Default: application/json
X-Datestring · date-timeRequired

ISO8601 Datetime with Timezone (yyyy-MM-dd'T'HH:mm:ssZ)

X-LoginstringRequired

Merchant X-Login API Key

X-Idempotency-KeystringOptional

Unique idempotency key for ensuring that the same request is not processed more than once

Responses
204
Card token successfully invalidated
delete
DELETE /v3/tokenization/{card_identifier} HTTP/1.1
Host: cc-api-stg.directa24.com
Authorization: YOUR_API_KEY
Content-Type: application/json
X-Date: 2025-06-26T08:38:33.938Z
X-Login: text
Accept: */*

No content


Request

Path Parameters

Parameter
Type
Required
Description

card_identifier

String

Yes

The unique card identifier to invalidate


Response

Success Response (204 OK)

The endpoint will return a 204 code, with no content, in case of successfully deleting the requested card_identifier


Error Responses

HTTP Status
Error Code
Description

404

510

Token not found

401

511

Token expired

401

512

Unauthorized access

Error Response Example

{
    "code": 510,
    "description": "Token not found"
}

Integration Example

cURL Example

curl -X DELETE https://cc-api-stg.directa24.com/v3/tokenization/CID-2210908e-6d8e-468d-9eb3-d551e8b541a0 \
  -H "Content-Type: application/json" \
  -H "X-Date: $(date -u +"%Y-%m-%dT%H:%M:%SZ")" \
  -H "X-Login: YOUR_X_LOGIN_API_KEY" \
  -H "Authorization: YOUR_AUTHORIZATION_HASH" \
  -i

Common Use Cases

  1. Subscription cancellation: Invalidate the identifier when a customer cancels their subscription

  2. Card replacement: Invalidate old identifiers when a customer updates their payment method

  3. Fraud prevention: Invalidate identifiers associated with suspected fraudulent activity

  4. Account closure: Remove all payment information when a customer closes their account

  5. Compliance: Adhere to data retention policies by removing unnecessary payment data


Notes

  • Once an identifier is invalidated, it cannot be reactivated

  • Any attempt to use an invalidated identifier for transactions will result in an error

  • Only identifiers that belong to your merchant account can be invalidated

  • We recommend keeping track of invalidated identifiers in your system to avoid future usage attempts

Last updated

Was this helpful?