Skip to main content
Use a Vault Forward with a checkout session and Secure Fields when you want to collect a CVV for a stored card, or forward card data without first creating a payment method.

Forward CVV for a stored card

To forward a security code (CVV) for a stored card, create a checkout session and use it with Secure Fields to collect the security code. See the Secure Fields guide for stored cards for the collection flow. Once the security code has been collected, forward the card details using the checkout session as shown below.

Forward a checkout session

To forward a checkout session, set the x-vault-forward-checkout-session header instead of x-vault-forward-payment-methods. The CARD_SECURITY_CODE_1 placeholder is then available in the request body. 
POST /vault-forward
host: api.acme.gr4vy.app
content-type: application/json
x-vault-forward-url: https://example.com/endpoint
x-vault-forward-http-method: PUT
x-vault-forward-header-authorization: Bearer 123
x-vault-forward-checkout-session: b77fef6d-c360-4b42-8f70-d884f4a6852a
x-vault-forward-timeout: 10

{
    "cards": [
        {
            "number": "{{ CARD_NUMBER_1 }}",
            "expiry": "{{ CARD_EXPIRATION_DATE_1 }}",
            "cvv": "{{ CARD_SECURITY_CODE_1 }}"
        }
    ]
}
Only one checkout session can be provided per Vault Forward request, so all placeholders use the _1 index.
For the full list of supported headers and card placeholders, see Forward to endpoint.

3DS forwarding

Forward 3DS authentication data alongside card details using checkout sessions