LogoLogo
Explore with DeepWikiJoin Slack CommunityContact Us
  • About Hyperswitch
    • Introduction
    • Payments Suite
    • Payments Modules
      • Cost Observability
      • Revenue Recovery
      • Vault
        • Server to Server Vault tokenization
        • Vault SDK Integration
      • Intelligent Routing
      • Reconciliation
        • Getting Started with Recon
      • Alternate Payment Method Widgets
        • Hyperwidget Integration Guide
    • Roadmap - Q2 2025
      • Previous Roadmap - Q1 2025
      • Previous Roadmap - Q4 2024
      • Previous Roadmap - Q3 2024
      • Previous Roadmap - Q2 2024
      • Previous roadmap - Q1 2024
      • Previous roadmap - Q4 2023
  • Use-Cases
    • For SaaS Businesses
    • For B2B SaaS Businesses
    • For E-Commerce Businesses
    • For Marketplace/Platforms
  • Explore Hyperswitch
    • Payment Orchestration
      • Accept Payments
        • Connectors
          • Activate Connector on Hyperswitch
          • Try a Payment
          • Available Connectors
            • ACI
            • Adyen
            • Airwallex
            • Authorizedotnet
            • Bambora
            • Bank of America
            • Billwerk
            • Bluesnap
            • Braintree
            • Checkout
            • Coinbase
            • Cybersource
              • Apple Pay
              • Google Pay
            • dLocal
            • Fiserv
            • GlobalPayments
            • GoCardless
            • Klarna
            • Mollie
            • MultiSafepay
            • Nuvei
            • OpenNode
            • Paypal
            • PayU
            • Prophetpay
            • Rapyd
            • Shift4
            • Stripe
            • TrustPay
            • Volt
            • Worldline
            • Worldpay
            • Zen
            • Netcetera
              • Authenticating Payments via Netcetera Through HyperSwitch SDK
        • Setup Payment Methods
          • Cards
          • Wallets
            • Apple Pay
              • Web Domain
              • iOS Application
            • Google Pay
            • PayPal
          • Pay Later
          • Banks
            • Bank Debits
            • Bank Redirects
            • Bank Transfers
            • Open Banking
          • Crypto
          • Test Credentials
        • Payment Links
          • Configurations
          • Create Payment Links
          • Secure Payment Links
          • Setup Custom Domain
        • Save a Payment Method
        • Manual Capture
        • Incremental Authorization
        • Tokenization & Card Vault
          • Network Tokenisation
        • Supported Payment Workflows
        • Co-badged Cards
        • Webhooks
      • Process Payouts
        • Getting Started with Payouts
        • Using Saved Payment Methods
        • Smart Router for Payouts
        • Smart Retries in Payout
        • Payout Links
      • Smart Routing
        • Rule Based Routing
        • Volume Based Routing
        • Default Fallback Routing
      • Smart Retries
        • 3DS Step-up Retries
      • 3DS / Strong Customer Authentication
        • Setting up 3DS Decision Manager
        • Native 3DS Authentication
        • External Authentication for 3DS
      • Fraud & Risk Management
        • Activating FRM in Hyperswitch
        • Fraud Blocklist
      • Subscriptions
        • PG Agnostic Card Forwarding
        • Zero Amount Authorization
      • Split Payments
        • Stripe Split Payments
        • Adyen Split Payments
        • Xendit Split Payments
    • Checkout Experience
      • Customizable and Native Integrations
        • Web
          • Node And React
          • Customization
          • Error Codes
          • Node and HTML
          • Vanilla JS and REST API Integration
        • Android
          • Kotlin with Node Backend
          • Customization
          • Features
        • iOS
          • Swift with Node Backend
          • Customization
          • Features
        • React Native
          • React Native with Node Backend
          • Card Widget
          • Customization
        • Flutter
          • Flutter with Node Backend
          • Customization
        • Headless SDK
        • Server Setup
      • Click To Pay
        • Visa Click to Pay: V1 to V2 Migration
      • Payment Methods Management
    • Payment Operations
      • Managing Accounts and Profiles
        • ⚙️Control Centre Account setup
        • Hyperswitch Account Structure
      • Manage Your Team
      • Analytics & operations
        • Exporting payments data
      • Disputes / Chargebacks
      • Surcharge
        • Surcharge Setup guide
      • Multi-Tenancy
      • Data migration
        • Import data to Hyperswitch
        • Export data from Hyperswitch
    • Security and Compliance
      • PCI Compliance
      • Data Security
      • GDPR compliance
      • Identity and Access Management
    • E-commerce Platform Plugins by Hyperswitch
      • 🔌WooCommerce Plugin
        • Setup
        • Roadmap
        • Compatibility
        • FAQs
      • Saleor App
        • Setup
      • Automatic Tax calculation for Express Checkout wallets
  • Hyperswitch open source
    • Overview
      • Run Hyperswitch Locally Using Docker
        • Run Additional Services
      • Development Environment Setup
        • Backend
          • Configure and Run the Application
          • Try out APIs
        • SDK (Frontend)
        • Control Center
    • Deploy on AWS
      • Deploy on AWS using CloudFormation
      • Component-wise Deployment
        • Deploy app server
        • Deploy Control Center
        • Deploy web client
          • Production ready deployment
          • Integrate web client on your web app
          • Playground deployment for prototyping (optional)
        • Deploy Card Vault
          • Production ready deployment on AWS
          • Cloud setup guide
    • Deploy on Kubernetes
      • Deploy on GCP Using Helm Charts
      • Deploy on Azure Using Helm Charts
    • Exploration Guide
    • Account setup
      • Using Hyperswitch Control Center
      • Test a payment
      • Using postman
    • Troubleshooting
  • Testing Payments
  • Check list for Production
    • Going live
      • For SaaS Setup
      • For On-Prem Setup
        • Monitoring
        • PCI compliance
          • Get started
          • Completing the SAQ
        • Data Security
        • Updates
  • Learn more
    • API Reference
    • Connectors Supported
    • SDK Reference
      • React
      • JS
      • Custom Events
    • Hyperswitch architecture
      • Router
      • Storage
      • A Payments Switch with virtually zero overhead
    • Payment flows
    • Blog
  • Community Guidelines
Powered by GitBook

Compliance

  • Vulnerability Disclosure
  • PCI DSS 4.0
  • ISO 27001:2022

Community

  • Slack
  • Discord
  • GitHub Discussion
On this page
  • Secure, Direct Card Tokenization from Your Server
  • Key Features
  • Prerequisites
  • How It Works
  • API Requests for Server to Server Tokenization

Was this helpful?

  1. About Hyperswitch
  2. Payments Modules
  3. Vault

Server to Server Vault tokenization

Server to Server tokenization with Hyperswitch Vault Service for PCI compliant merchants

Secure, Direct Card Tokenization from Your Server

Tokenize payment cards directly from your servers to Hyperswitch's Vault Service, bypassing client-side tokenization. This server-to-server approach provides enhanced security and flexibility, ideal for PCI-compliant businesses managing payment methods programmatically.

Key Features

  • Full Token Management – Create, retrieve, update, and delete payment tokens directly from your server.

  • PSP and Network Tokenization – Generate both PSP tokens and network tokens through a single API.

  • Secure Storage – Store tokens safely in Hyperswitch’s Vault.

  • Reduced Frontend Complexity – Shift tokenization processes to the backend, minimizing frontend dependencies.

Prerequisites

To implement server-to-server tokenization, you need:

  • PCI DSS compliance to handle card data securely: Make sure you have necessary PCI compliance to handle raw card data directly

  • Secure API authentication to protect transactions: Generate your Hyperswitch API key from Developers --> API Keys section on your Hyperswitch dashboard

  • Robust error handling for tokenization failures: Implement necessary handling for failure cases

How It Works

  1. Collect Card Details – Your server collects card details (requires PCI compliance).

  2. Send a Tokenization Request – Make a POST request to /payment_methods with the card details.

  3. Token Creation & Validation – Hyperswitch validates the request and generates a secure token in the vault.

  4. PSP & Network Tokenization (Optional) – If configured through your Hyperswitch dashboard, we also generate PSP and/or network tokens when you pass relevant parameters as mentioned below

  5. Receive Payment Method ID – You get a pm_id, which can be used for future payments.

API Requests for Server to Server Tokenization

1. Create a Customer

  • Endpoint: POST /customers

  • Purpose: Create a customer to enable storing their payment methods

curl --location 'http://sandbox.hyperswitch.io/v2/customers' \
--header 'Content-Type: application/json' \
--header 'x-profile-id: <profile-id>' \
--header 'api-key: <api_key>' \
--data-raw '{   
    "merchant_reference_id": "customer_1742551597",
    "name": "John Doe",
    "email": "guest@example.com",
    "phone": "999999999",
    "phone_country_code": "+65",
    "description": "First customer",
    "default_billing_address": {
        "line1": "1467",
        "line2": "Harrison Street",
        "line3": "Harrison Street",
        "city": "San Fransico",
        "state": "California",
        "zip": "94122",
        "country": "US",
        "first_name": "joseph",
        "last_name": "Doe"
    },
    "default_shipping_address": {
        "line1": "1467",
        "line2": "Harrison Street",
        "line3": "Harrison Street",
        "city": "San Fransico",
        "state": "California",
        "zip": "94122",
        "country": "US",
        "first_name": "joseph",
        "last_name": "Doe"
    },
    "metadata": {
        "udf1": "value1",
        "new_customer": "true",
        "login_date": "2019-09-10T10:11:12Z"
    }
}'

2. Create a Payment Method Token

  • Endpoint: POST /payment_methods

  • Purpose: Generate a token for a card

curl --location 'https://sandbox.hyperswitch.io/v2/payment-methods' \
--header 'Content-Type: application/json' \
--header 'x-profile-id: <profile-id>' \
--header 'api-key: <api-key>' \
--data '{
  "payment_method_type": "card",
  "payment_method_subtype": "credit",
  "metadata": {},
  "customer_id": "12345_cus_01926c58bc6e77c09e809964e72af8c8",
  "payment_method_data": {
"card": {
   "card_number": "4111111145551142",
   "card_exp_month": "10",
   "card_exp_year": "25",
   "card_holder_name": "John Doe",
   "nick_name": "John Doe",
   "card_issuing_country": "AF",
   "card_network": "Visa",
   "card_issuer": "<string>",
   "card_type": "credit",
   "card_cvc": "242"
}
  },
  "billing": {
"address": {
   "city": "New York",
   "country": "AF",
   "line1": "123, King Street",
   "line2": "Powelson Avenue",
   "line3": "Bridgewater",
   "zip": "08807",
   "state": "New York",
   "first_name": "John",
   "last_name": "Doe"
},
"phone": {
   "number": "9123456789",
   "country_code": "+1"
},
"email": "abc@gmail.com"
  }
}'

a. Creating a Payment Method Token along with PSP Tokens

Use the same endpoint to generate PSP tokens for a card by passing the following parameters:

curl --location 'https://sandbox.hyperswitch.io/v2/payment-methods' \
--header 'Content-Type: application/json' \
--header 'x-profile-id: <profile-id>' \
--header 'api-key: <api-key>' \
--data '{
  "payment_method_type": "card",
  "payment_method_subtype": "ach",
  "metadata": {},
  "customer_id": "12345_cus_01926c58bc6e77c09e809964e72af8c8",
  "payment_method_data": {
	"card": {
  	"card_number": "4111111145551142",
  	"card_exp_month": "10",
  	"card_exp_year": "25",
  	"card_holder_name": "John Doe",
  	"nick_name": "John Doe",
  	"card_issuing_country": "AF",
  	"card_network": "Visa",
  	"card_issuer": "<string>",
  	"card_type": "credit",
  	"card_cvc": "242"
	}
  },
  "billing": {
	"address": {
  	"city": "New York",
  	"country": "AF",
  	"line1": "123, King Street",
  	"line2": "Powelson Avenue",
  	"line3": "Bridgewater",
  	"zip": "08807",
  	"state": "New York",
  	"first_name": "John",
  	"last_name": "Doe"
	},
	"phone": {
  	"number": "9123456789",
  	"country_code": "+1"
	},
	"email": "abc@gmail.com"
  },
  "psp_tokenization": {
	"tokenization_type": "single_use",
	"connector_id": "<string>"
  }
}'

b. Creating a Payment Method Token along with Network Tokens

Use the same endpoint to generate network tokens for a card by passing the following parameters:

curl --location 'https://sandbox.hyperswitch.io/v2/payment-methods' \
--header 'Content-Type: application/json' \
--header 'x-profile-id: <profile-id>' \
--header 'api-key: <api-key>' \
--data '{
  "payment_method_type": "card",
  "payment_method_subtype": "ach",
  "metadata": {},
  "customer_id": "12345_cus_01926c58bc6e77c09e809964e72af8c8",
  "payment_method_data": {
	"card": {
  	"card_number": "4111111145551142",
  	"card_exp_month": "10",
  	"card_exp_year": "25",
  	"card_holder_name": "John Doe",
  	"nick_name": "John Doe",
  	"card_issuing_country": "AF",
  	"card_network": "Visa",
  	"card_issuer": "<string>",
  	"card_type": "credit",
  	"card_cvc": "242"
	}
  },
  "billing": {
	"address": {
  	"city": "New York",
  	"country": "AF",
  	"line1": "123, King Street",
  	"line2": "Powelson Avenue",
  	"line3": "Bridgewater",
  	"zip": "08807",
  	"state": "New York",
  	"first_name": "John",
  	"last_name": "Doe"
	},
	"phone": {
  	"number": "9123456789",
  	"country_code": "+1"
	},
	"email": "<string>"
  },
  "network_tokenization": {
	"enable": "Enable"
  }
}'

2. Retrieve a Payment Method Token

  • Endpoint: GET /payment_methods/:pm_id

  • Purpose: Fetch details of an existing token.

curl --location --globoff 'https://sandbox.hyperswitch.io/v2/payment-methods/{id}' \
--header 'x-profile-id: <profile-id>' \
--header 'api-key: <api-key>'

3. Update a Payment Method Token

  • Endpoint: PATCH /payment_methods/:pm_id/update_saved_payment_method

  • Purpose: Modify token details.

curl --location --globoff --request PATCH 'https://sandbox.hyperswitch.io/v2/payment-methods/{id}/update-saved-payment-method' \
--header 'Content-Type: application/json' \
--header 'x-profile-id: <profile-id>' \
--header 'api-key: <api-key>' \
--data '{
  "payment_method_data": {
	"card": {
  	"card_holder_name": "John Doe",
  	"nick_name": "John Doe"
	}
  },
  "connector_token_details": {
	"token": "pm_9UhMqBMEOooRIvJFFdeW",
	"connector_token_request_reference_id": "<string>"
  }
}'

4. Delete a Payment Method Token

  • Endpoint: DELETE /payment_methods/:pm_id

  • Purpose: Remove a token from the vault.

curl --location --globoff --request DELETE 'https://sandbox.hyperswitch.io/v2/payment-methods/{id}' \
--header 'x-profile-id: <profile-id>' \
--header 'api-key: <api-key>'

Last updated 1 month ago

Was this helpful?