Card details (PAN, CVV, expiry) and the card PIN each use separate view tokens. You must request the correct
enabled_views for each use case. Never reuse a token between sessions.How it works
Sensitive card data is never returned in plain API responses. Instead, Yativo hosts a secure card view page and provides you with a short-lived URL to embed in your application:- Your backend calls
POST /yativo-card/{yativoCardId}/cards/{cardId}/view-token - If you request
["data"]or["pin-view"]andpin_setisfalse, the API returnsPIN_NOT_SETand apin_setup_url— direct the cardholder there to set their PIN first. If you request["pin-set"], you always receive asecure_view_urlregardless ofpin_setstatus. - Yativo returns a
secure_view_url— a hosted, tokenized page - Your frontend embeds that URL in an
<iframe> - The hosted page renders the sensitive data directly — your application never touches the raw values
Step 1 — Request a view token
Call this from your backend. The token is scoped to the views you request.The Yativo Card account ID (
yativo_card_id) returned during onboarding.The card ID from card creation.
Which views to enable on the hosted page. Accepted values:
The legacy value
| Value | Tab shown | Requires pin_set: true? |
|---|---|---|
"data" | Card number, CVV, expiry | Yes — returns 422 PIN_NOT_SET if PIN not set |
"pin-view" | Reveal current PIN | Yes — returns 422 PIN_NOT_SET if PIN not set |
"pin-set" | Set or change PIN | No — always returns 200 so the cardholder can set their PIN |
"pin" is accepted as an alias for "pin-set".Combine freely, e.g. ["data", "pin-view", "pin-set"]. The page renders one tab per value. If pin_set is false and "pin-set" is not in the request, the API returns 422 PIN_NOT_SET. Including "pin-set" in any request bypasses that gate — the token is issued so the cardholder can set their PIN.Optional extra PIN or unlock code the user must enter before the card details are revealed. Adds an additional layer of protection for high-security flows.
Optional per-request theme tokens for the hosted page wrapper. For full CSS control — including card data text colors and fonts — set persistent customization via
PUT /api/card-issuer/pse-customization (see Custom CSS below). All theme fields are optional.Primary brand color (hex). Default:
#813AE3Page background color (hex).
Card panel background color (hex). When this value (or
background_color) is a dark color, the page automatically applies color-scheme: dark to the card data frame, rendering card digits in white.Primary text color (hex).
Secondary/muted text color (hex).
Border radius in pixels.
CSS font-family string (e.g.
"Inter, sans-serif").URL of your logo to display on the hosted page.
Response Type Definitions
Response Type Definitions
Step 2 — Embed the iframe
Pass thesecure_view_url directly as the src of an iframe. No SDK or additional JavaScript is required.
Step 3 — Backend proxy (required)
Your frontend must never call the Yativo API directly with your credentials. Always proxy the token request through your backend:- Express.js
- TypeScript SDK
- Frontend (after fetch)
- React
View options reference
| Value | Tab label | What it renders |
|---|---|---|
"data" | Card Details | Card number (PAN), CVV, expiry |
"pin-view" | View PIN | Reveals the cardholder’s current PIN |
"pin-set" | Change PIN | Form to set or change the PIN |
["data"]— card details only["pin-set"]— PIN setup only (e.g. initial onboarding)["data", "pin-view"]— card details + reveal PIN["data", "pin-set"]— card details + change PIN["data", "pin-view", "pin-set"]— all three tabs
pin_set reflects the last known state from card activity webhooks. If pin_set is false and you request ["data"] or ["pin-view"], the API returns a PIN_NOT_SET error with a pin_setup_url — direct the cardholder there to set their PIN, then retry once the webhook confirms.Requesting ["pin-set"] always returns a secure_view_url (HTTP 200) regardless of pin_set — use this to present the PIN setup screen without checking pin_set first.Access code flow
When you passaccess_code in the token request, requires_access_code: true is returned. The hosted page will prompt the user to enter that code before revealing any card details. Use this for:
- Confirming user intent before showing the full card number
- Adding a secondary verification step in high-value contexts
Customization
The secure view page supports two levels of customization: per-request theme tokens and persistent CSS overrides.Theme tokens (per request)
Pass atheme object in the view-token request to apply brand colors, fonts, and a logo. These take effect immediately on every URL you generate.
| Field | What it affects | Default |
|---|---|---|
accent_color | Active tab, status indicators, spinner, eyebrow label | #0f766e |
background_color | Page background | #f5f1ea |
panel_color | Hero header, tab strip, and iframe frame background | #fffaf7 |
text_color | Primary text | #1e2a24 |
muted_color | Inactive tab labels, secondary text | #6b746e |
border_radius | All rounded corners in px (clamped 8–36) | 24 |
font_family | Font for the page shell | system sans-serif |
logo_url | Logo displayed in the header alongside the cardholder name | none |
Custom CSS (persistent, issuer-level)
For fine-grained control over colors, typography, and spacing, you can supply raw CSS that is stored against your issuer account and applied to every secure view URL you generate. The page has two layers — your CSS affects them differently: Layer 1 — Page shell (injected directly into the page<style> block)
The Yativo-rendered wrapper: background, header, tabs, status bar, frame container. All standard CSS applies normally.
Layer 2 — Card data area (forwarded to the secure card SDK)
The card number, expiry, and CVV are rendered inside a cross-origin secure iframe. Yativo extracts a specific set of selectors from your stylesheet and forwards them to the secure card SDK, which applies them to the card data elements. Background colors, borders, label fonts, and copy-button styles apply reliably. Card digit text color (color on .pse-card-value) is controlled by the card network’s own stylesheet — it does not update through this API alone. To enable custom digit text colors (e.g. white digits on a dark background), contact Yativo to activate program-level card data theming for your account.
Supported selectors
Page shell| Selector | What it styles |
|---|---|
body | Page background |
.panel | Outer layout wrapper (no visual style by default) |
.hero | Header card (background, border, shadow) |
.eyebrow | ”Secure Card View” label |
.tab, .tab.active | Tab strip buttons (Card Details / View PIN / Change PIN) |
.frame | Container around the secure card data area |
.status, .status.ready, .status.error | Status bar text |
.footer | Countdown timer |
| Selector | What it overrides |
|---|---|
.pse-container | Card data container (background, border, border-radius) |
.pse-card-field | Individual field rows |
.pse-card-label | Field labels (“CARD NUMBER”, “EXPIRES”, “CVV”) |
.pse-card-value | Field value layout (background, font-size, padding). Digit text color is set automatically when a dark theme is detected — see Dark theme. |
.pse-copy-button | Copy-to-clipboard button (background, border, color) |
Manage your customization
Example: brand colours + Inter font
Dark theme
Passing a dark color intheme.panel_color or theme.background_color is all that is needed to enable dark mode. The page wrapper measures the luminance of those colors and automatically sets color-scheme: dark on the card data frame — the card SDK responds by rendering digits in white. No extra flag or request parameter is required.
If card digits still appear dark after passing dark colors, the card program may not have dark-mode digit support configured at the card network level. Contact Yativo to verify your program’s configuration.
Known limitations
Testing
Use the test script in the backend repo to verify the full flow against your running server:secure_view_url and a ready-to-paste iframe snippet.
Virtual Cards
Create and manage virtual cards.
API Reference — View Token
Full parameter reference for the view-token endpoint.

