Tokenization Services
GetClientSession
Endpoint URL:
https://secure.ftipgw.com/admin/ws/recurring.asmx?op=GetClientSessionID
Method:
SOAP (Action: GetClientSessionID)
Description:
Generates a ClientSessionID, which is a temporary token used to associate a cardholder or payer with subsequent tokenization requests (e.g., GetToken, GetCheckToken). This session ID must be passed in with any tokenization call.
Request Parameters:
Username
string
Yes
API credential username
Password
string
Yes
API credential password
ClientIP
string
Yes
IP address of the end user initiating the session
UserAgent
string
No
Optional browser or client User-Agent string
Notes:
ClientSessionIDis required in all tokenization calls and is valid for a short time only.UsernameandPasswordare SOAP-level credentials, not tied to merchant accounts.ClientIPshould reflect the actual end user's IP — using a server IP may affect fraud tools.Including the
UserAgentmay assist with device fingerprinting or risk analysis, if enabled.Be sure to secure and store this session ID only temporarily.
SOAP 1.1
The following is a sample SOAP 1.1 request and response. The placeholders shown need to be replaced with actual values.
HTTP POST
The following is a sample HTTP POST request and response. The placeholders shown need to be replaced with actual values.
GetToken
Endpoint URL:
https://secure.ftipgw.com/admin/ws/recurring.asmx?op=GetToken
Method:
SOAP (Action: GetToken)
Description:
Retrieves a CcInfoKey for a user, which represents a tokenized version of the credit card. This key can be reused for future transactions without resubmitting raw card data.
Request Parameters:
ClientSessionID
string
Yes
Identifies the user session
CcAccountNum
string
Yes
Raw credit card number to tokenize
CcExpDate
string
Yes
Expiration date in MMYY format
CcNameOnCard
string
No
Name on the card, as it appears
Notes:
This is a sensitive operation and must be called over HTTPS with appropriate security controls in place.
The resulting
CcInfoKeyis used in place of card data for subsequent transactions.This call does not authorize a payment or validate the card beyond formatting.
ClientSessionIDmust be retrieved via a prior call toGetClientSession.The
CcNameOnCardfield is optional and not validated or persisted.
SOAP 1.1
The following is a sample SOAP 1.1 request and response. The placeholders shown need to be replaced with actual values.
HTTP POST
The following is a sample HTTP POST request and response. The placeholders shown need to be replaced with actual values.
GetCheckToken
Endpoint URL:
https://secure.ftipgw.com/admin/ws/recurring.asmx?op=GetCheckToken
Method:
SOAP (Action: GetCheckToken)
Description:
Retrieves a CheckInfoKey for a user, which represents a tokenized version of their bank account information. This key can be used to initiate ACH or eCheck transactions without resubmitting raw bank data.
Request Parameters:
ClientSessionID
string
Yes
Identifies the user session
BankRoutingNum
string
Yes
The bank routing number (9 digits)
BankAccountNum
string
Yes
The bank account number
BankAcctType
string
Yes
Type of account: "C" for Checking, "S" for Savings
BankName
string
No
Optional bank name
Notes:
The returned
CheckInfoKeycan be stored and reused for initiating future ACH transactions.This call does not validate the bank account or perform any micro-deposits.
ClientSessionIDmust be created viaGetClientSessionbeforehand.The
BankAcctTypeis typically"C"or"S"— this field must be correctly set or the request will fail.Always use HTTPS, and do not log or persist raw account/routing numbers.
SOAP 1.1
The following is a sample SOAP 1.1 request and response. The placeholders shown need to be replaced with actual values.
HTTP POST
The following is a sample HTTP POST request and response. The placeholders shown need to be replaced with actual values.
Last updated