Skip to main content
POST
Yativo hosts the card data page and handles all cryptography internally. Your backend requests a URL, then passes it to your customer via your app, an email, or an iframe. The cardholder opens it in any browser or WebView.
The response includes pin_set — the last known state from the physical.card.pin.changed webhook (not from a direct card network API lookup). Use it to decide whether to prompt the cardholder to set their PIN. To show the PIN setup or change form, request enabled_views: ["pin"]. Your theme customization applies to the PIN page as well.
Authorization
string
required
Bearer token: Bearer YOUR_ACCESS_TOKEN
yativoCardId
string
required
The customer’s yativo_card_id.
cardId
string
required
The card ID to display.
enabled_views
array
Which panels to show. Options: "data" (PAN, CVV, expiry) and "pin". Defaults to ["data", "pin"].
require_access_code
boolean
If true, the cardholder must enter a code before card data is revealed.
access_code
string
The access code the cardholder must enter. Setting this automatically enables require_access_code.
theme
object
Customize the hosted page to match your brand.