Issuers can receive a push notification every time that one of their cardholders attempts to enroll to Click to Pay via a merchant site or Click to Pay consumer portal.
Visa invokes this API call to the issuer every time a consumer attempts to enroll themselves to Click to Pay, for example during a merchant checkout process. Please note that the Request Body below only contains data fields that are relevant for notifications related to the event type CTP_ENROLLMENT_ATTEMPT. For a full specification covering other event types that exist for this notification API, please refer to the Visa Token Service – Issuer API Specifications (JSON) on Visa Assist.
Endpoint |
Overview |
---|---|
CTP Enrollment Attempt Notification POST {Issuer Endpoint}/vtis/v1/tokenRequestors/{tokenRequestorID}/cardEnrollment/notification?eventType=CTP_ENROLLMENT_ATTEMPT |
Notification about a consumer attempting to enroll to Click to Pay via a merchant or via Visa’s CTP portal |
Visa invokes this API call to the issuer every time a consumer attempts to enroll themselves to CTP, for example during a merchant checkout process.
{
"encryptedData": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpPU0UiLCJraWQiOiI3MTVFQTI1NyIsImN0eSI6IkpXRSJ9..."
}
A successful API response will return HTTP 200 status code with no response payload.
Field |
Description |
---|---|
encryptedData |
(Conditional) Blob field that contains the encrypted payload; see the “Unencrypted Payload” section below for more information. Format: String; max length 7000 characters. |
Field | Description |
---|---|
clientInformation |
(Required) Client information. Format: A client information structure. |
enrollment |
(Required) Enrollment payloads which identifies the token service provider (TSP). Format: An enrollment structure. |
Field |
Description |
---|---|
firstName |
(Conditional) First name of client. Format: String, min length 2 characters, max length 80 characters. |
lastName |
(Conditional) Last name of the client. Format: String; min length 2 characters, max length 80 characters. |
phoneNumber |
(Conditional) Mobile phone number of the client. Format: String, max 32 characters. Allowed characters: 0-9 ( ) . - + |
contactEmail |
(Conditional) Email address of client. Format: String; UTF-8; max length 48 characters. |
Field |
Description |
---|---|
tsp |
(Required) Token service provider. Format: It is one of the following values:
|
paymentInstrument |
(Conditional) Payment instrument. Only populated, if tsp is V. Format: A paymentInstrument structure. |
Field |
Description |
---|---|
accountNumber |
(Required) Primary account number of the card to be enrolled and provisioned. Format: String; max length 19 characters. |
The notification API is an asynchronous API and does not need the issuer to return anything to Visa. The issuer returns the following error statuses as appropriate with no response payload.
HTTP Code |
HTTP Reason Code |
Description |
---|---|---|
400 |
Bad Request |
The request could not be understood by the server because of malformed syntax. The client should not repeat the request until modifications have been made. |
401 |
Unauthorized |
Authentication credentials were missing or incorrect. |
404 |
Not Found |
The server has not found anything matching the Request URI. |
500 |
Internal Server Error |
An unspecified server error has occurred. Visa should attempt to retry or contact issuer support. |