Create One Time Use Token (SDK Checkout)

POST

checkout

sessions

{checkout_session}

token

{
  "account_id": "fe14c7c6-c75e-43b7-bdbe-4c87ad52c482",
  "card_data": {
    "number": "4111111111111111",
    "expiration_month": 12,
    "expiration_year": 25,
    "security_code": "123",
    "holder_name": "Dee Hock"
  }
}

{
  "token": "dab106a6-9067-4418-ae43-6045663531dc",
  "type": "CARD",
  "card_data": {
    "holder_name": "Dee Hock",
    "iin": "41111111",
    "lfd": "1111",
    "brand": "VISA",
    "type": "DEBIT"
  },
  "country": "US"
}

Creates a one-time-use token within an existing checkout session. This is used in the SDK_CHECKOUT workflow where card data is collected securely on the client side via the Yuno SDK, then tokenized before being sent to your server for payment creation.

Unlike the Direct token endpoint, this endpoint does not require PCI certification because the Yuno SDK handles card data collection in a secure iframe.

Path Parameters

checkout_session

string

required

The checkout session identifier (UUID) returned from Create Checkout Session.Example: a1b2c3d4-e5f6-7890-abcd-ef1234567890

Request Body

account_id

string

required

The unique identifier of the account. Found in Yuno’s Dashboard.Constraints: MAX 64; MIN 36

card_data

object

required

Card details to tokenize.

Show card_data

number

string

required

Card number without separators.Constraints: MAX 19; MIN 8Example: 4111111111111111

expiration_month

integer

required

Card expiration month in MM format.Example: 12

expiration_year

integer

required

Card expiration year in YY or YYYY format.Example: 25

holder_name

string

required

Cardholder full name as printed on the card.Constraints: MAX 26; MIN 3Example: Dee Hock

security_code

string

Card security code (CVV/CVC).Constraints: MAX 4; MIN 2Example: 123

{
  "account_id": "fe14c7c6-c75e-43b7-bdbe-4c87ad52c482",
  "card_data": {
    "number": "4111111111111111",
    "expiration_month": 12,
    "expiration_year": 25,
    "security_code": "123",
    "holder_name": "Dee Hock"
  }
}

{
  "token": "dab106a6-9067-4418-ae43-6045663531dc",
  "type": "CARD",
  "card_data": {
    "holder_name": "Dee Hock",
    "iin": "41111111",
    "lfd": "1111",
    "brand": "VISA",
    "type": "DEBIT"
  },
  "country": "US"
}

Response Fields

token

string

The one-time-use token. Use this in the Create Payment request as payment_method.token.

vaulted_token

string

Stored payment method token, returned when the card was previously enrolled.

vault_on_success

boolean

Whether the card will be vaulted upon successful payment. Default: true.

type

string

Payment method type.Example: CARD

card_data

object

Tokenized card metadata (no sensitive data).

Show card_data

holder_name

string

Cardholder name.

iin

string

Issuer Identification Number (first 6-8 digits).

lfd

string

Last four digits of the card.

number_length

integer

Total length of the card number.

security_code_length

integer

Length of the security code.

brand

string

Card brand (e.g., VISA, MASTERCARD).

type

string

Card type: CREDIT, DEBIT, or PREPAID.

Error Responses

Status	Description
`400`	Invalid request parameters. Check card_data fields
`401`	Invalid credentials. Verify API keys
`403`	Merchant not authorized for this API

Create One Time Use Token (Direct). Token generation for PCI-compliant merchants
Create Checkout Session. Create the session first
Create Payment. Use the token to create a payment
SDK Full Checkout. End-to-end SDK checkout guide

Update Checkout SessionUpdates an existing checkout session. You can modify the amount, metadata, or other mutable fields before the session expires or a payment is completed.

{
  "account_id": "fe14c7c6-c75e-43b7-bdbe-4c87ad52c482",
  "card_data": {
    "number": "4111111111111111",
    "expiration_month": 12,
    "expiration_year": 25,
    "security_code": "123",
    "holder_name": "Dee Hock"
  }
}

{
  "token": "dab106a6-9067-4418-ae43-6045663531dc",
  "type": "CARD",
  "card_data": {
    "holder_name": "Dee Hock",
    "iin": "41111111",
    "lfd": "1111",
    "brand": "VISA",
    "type": "DEBIT"
  },
  "country": "US"
}

​Path Parameters

​Request Body

​Response Fields

​Error Responses

​Related Pages

Path Parameters

Request Body

Response Fields

Error Responses

Related Pages