Management of card payment credentials under the ruling of PCI/DSS.
Guardian API (EAP)
https://{cluster_id}.on-hellgate.cloud/
Request
Create a new token in the PCI/DSS scope. This type of token protects sensitive card payment credentials.
There are two ways to create the token, which depend on the level of your PCI/DSS compliance:
| Source | Compliance | Description | 
|---|---|---|
| session | Min. SAQ-A+ | This is the most common way to create a token. It will leverage the SDKs of Guardian to securely capture the cardholder data and send it encrypted to the API. | 
| pan | Min. SAQ-D+ | In case you have the required compliance to handle cardholder data yourself, you can also just import the full data in exchange for a token. | 
- Managed instance of Guardian CPAhttps://my-cluster-id.on-hellgate.cloud/api/pci/tokens 
- curl
- Java
- Node.js
- Ruby
- Go
- Python
curl -i -X POST \
  https://my-cluster-id.on-hellgate.cloud/api/pci/tokens \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: YOUR_API_KEY_HERE' \
  -H 'x-idempotency-key: order_12345_retry_001' \
  -d '{
    "source": {
      "type": "session"
    }
  }'{ "session_id": "8744c9ea-a02b-4ae6-875c-b64fc333e3ef" }
- Managed instance of Guardian CPAhttps://my-cluster-id.on-hellgate.cloud/api/pci/tokens 
- curl
- Java
- Node.js
- Ruby
- Go
- Python
curl -i -X GET \
  'https://my-cluster-id.on-hellgate.cloud/api/pci/tokens?limit=20' \
  -H 'x-api-key: YOUR_API_KEY_HERE'{ "data": [ { … } ], "links": { "next": "https://my-cluster-id.on-hellgate.cloud/pci/tokens?after=8744c9ea-a02b-4ae6-875c-b64fc333e3ef&limit=20" } }
- Managed instance of Guardian CPAhttps://my-cluster-id.on-hellgate.cloud/api/pci/tokens/{id} 
- curl
- Java
- Node.js
- Ruby
- Go
- Python
curl -i -X GET \
  'https://my-cluster-id.on-hellgate.cloud/api/pci/tokens/{id}' \
  -H 'x-api-key: YOUR_API_KEY_HERE'{ "id": "8744c9ea-a02b-4ae6-875c-b64fc333e3ef", "card": { "cardholder_name": "John Doe", "expiry_month": 12, "expiry_year": 2025, "masked_account_number": "411111******1111", "scheme": "visa" }, "created_at": "2023-10-01T12:00:00Z" }
API Keys
Management of API keys for service access.
The capabilities an API keys has access to can be scoped to these areas:
- API Keys- admin:api-keys:create
- admin:api-keys:read
- admin:api-keys:update
- admin:api-keys:delete
 
- Webhooks- admin:webhooks:create
- admin:webhooks:read
- admin:webhooks:delete
 
- PCI Tokens- pci:tokens:create
- pci:tokens:read
- pci:tokens:update
- pci:tokens:delete
- pci:tokens:forward
 
- Network Tokens- network:tokens:create
- network:tokens:read
- network:tokens:delete
- network:tokens:use
 
- Metadata Inquiries- metadata:inquiry:create
 
Webhooks
Management of webhooks for event notifications.
Guardian uses tiny events as notification payload. They give you the context of what happened and you can use this information to fetch more details via our API.
Please find the documentation about the callback on the endpoint that registers the webhook.