{{ CARD_NUMBER_1 }}
.x-vault-forward-header-
prefix.x-vault-forward-url
- the HTTPS URL to forward the request to. Its host must have been enabled if the request is in a production environment.x-vault-forward-http-method
- the HTTP method to use when forwarding the request. The accepted values are POST
, PUT
and PATCH
.x-vault-forward-payment-methods
- a comma-separated list of IDs for payment method. At least 1 ID must be provided and they cannot be duplicates. Only card payment methods are accepted.x-vault-forward-checkout-session
- the ID for a checkout session. At most 1 ID can be provided and if set x-vault-forward-payment-methods
can be omitted. This can be used to forward the security code of a card.x-vault-forward-header-{HEADER_NAME}
- each header value to forward in the request. For example, to forward an authorization
header to the endpoints, it should be set as x-vault-forward-header-authorization
.x-vault-forward-timeout
(optional) - a timeout for the forwarded request. The default is 30 seconds.{{ PLACEHOLDER }}
syntax.
CARD_NUMBER_X
: The number for a card to forward.CARD_EXPIRATION_DATE_X
: The expiration date for a card to forward.CARD_EXPIRATION_DATE_M_X
: The expiration date’s month as a non-zero-padded decimal number. Example: 1, 2, …, 12.CARD_EXPIRATION_DATE_MM_X
: The expiration date’s month as zero-padded decimal number. Example: 01, 02, …, 12.CARD_EXPIRATION_DATE_YY_X
: The expiration date’s year without century as a zero-padded decimal number. Example: 00, 01, …, 99.CARD_EXPIRATION_DATE_YYYY_X
: The expiration date’s year with century as a decimal number. Example: 2013, 2014, …, 9998, 9999.CARD_SECURITY_CODE_X
: The security code for the card. This can only be forwarded when using Secure Fields and checkout sessions.X
references the index of the payment method in the list of x-vault-forward-payment-methods
(starting with 1)
x-vault-forward-header-authorization
header.
POST /vault-forward
API will be set to 4XX. In all other cases a 200
status will be returned
content-type
- the content type of the response. This is transparently forwarded as received without any changes.x-vault-forward-http-status-code
(optional) - the HTTP status code received from the third-party endpoint.x-vault-forward-header-{HEADER_NAME}
- each header value received from the third-party endpoint, except for content-type
which is returned as-is.
For example, if the API responded with x-frame-options: SAMEORIGIN
, then our API will return a x-vault-forward-header-x-frame-options: SAMEORIGIN
header.x-vault-forward-error
(optional) - the error string of the request error. This is returned if we could not receive a response from the third party system, i.e. in case of a timeout or network error.