| Time | Status | User Agent | |
|---|---|---|---|
Retrieving recent requests… | |||
Introduction
This API allows you to retrieve all saved cards associated with a customer.
Saved cards are linked using the customer reference (email).
Endpoint
GET https://api.edfapay.com/payment/saved-cards?merchant_id={id}&customer_reference={email}
Query Parameters
| Field | Type | Required | Description |
|---|---|---|---|
| merchant_id | UUID | Yes | Merchant identifier |
| customer_reference | String | Yes | Customer email |
Important
The customer_reference must match the exact value used during the sale payment (payer_email).
If it does not match, no saved cards will be returned.
Example Request
curl --location 'https://api.edfapay.com/payment/saved-cards?merchant_id=XXXXXXXX&customer_reference=customer%40email.com'This request retrieves all saved cards linked to the provided customer email under the specified merchant.
Response Example
[
{
"id": 12,
"merchantId": "xxxxxxxx-xxxx-xxxx-xxxxxxxx",
"customerReference": "[email protected]",
"cardToken": "TKN-xxxxxxxxxxxxx",
"maskedCardNumber": "512345xxxxxx0008",
"cardBrand": "Mastercard",
"expiryMonth": "01",
"expiryYear": "39",
"isActive": true,
"createdAt": 1776860675116,
"updatedAt": 1776860675116
}
]Each object in the response represents a saved card associated with the customer.
Field Explanation:
- cardToken → Unique token used for future payments
- maskedCardNumber → Card number with hidden digits
- cardBrand → Card type (e.g., Visa, Mastercard)
- expiryMonth / expiryYear → Card expiration details
- isActive → Indicates if the card is valid for transactions
Next Step
Use the returned cardToken in the Token Payment API to perform a transaction without requiring card details.
Best Practice
Always display masked card details (e.g., last 4 digits and brand) to the customer when allowing them to choose a saved card.
200