Token lifecycle notification

Provides notification of events in the lifecycle of a token such as token creation, activation and suspension. This will be sent whenever the status of a token changes.

info

The first notification will be sent on token creation, denoted by a TokenStatus value of "Inactive".

Token lifecycle notification parameters

Parameters Type Description
NotificationType string Three-digit identifier of the notification type. "075" denotes the Token lifecycle notification.
CardID integer Unique identifier of the card.
TokenID integer Unique identifier of the token.
CardEndingNumber string Last four digits of the card number.
TokenRequestorCode string Token requestor code. Possible values are:
"APLPAY"
"GGLPAY"
"SAMPAY"
TokenStatus string The current status of the token. Possible values are:
"INACTIVE" (The status of all new tokens)
"ACTIVE"
"SUSPENDED"
"RESUME"
"DELETE"
DeviceID string Mobile device ID.
DeviceType string Device type value. Possible values are:
"01" – Mobile Phone
"02" – Tablet
"03" – Watch
"04" – Mobile Phone or Tablet
"05" – Personal Computer
Datetime string The date and time of the token status change in yyyyMMddHHmmss format.
SecurityHash string Contains the hash of the payload values and your webhook security key, to verify the origin and integrity of the notification.

Example of Token lifecycle notification

Copy
Copied
{
    "NotificationType": "075",
    "CardID": "74318",
    "TokenID": "478",
    "CardEndingNumber": "5574",
    "TokenRequestorCode": "APLPAY",
    "TokenStatus": "Inactive",
    "DeviceID": "0000123",
    "DeviceType": "01",
    "DateTime": "20201105173851",
    "SecurityHash": "02b0fd30ea502dd3e5ea24086a4e5663b80060543be296b026940776c579e0e8"
}

Validating the notification security hash

Security Hash validation

See the respective guide for more information on calculating and verifying the notification security hash.

To compute the hash of the notification payload, concatenate the payload values in the following sequence, with your webhook security key as the final item:

Copy
Copied
<NotificationType>&<CardID>&<TokenID>&<CardEndingNumber>&<TokenRequestorCode>&<TokenStatus>&<DeviceID>&<DeviceType>&<DateTime>&<webhook-security-key>

The payload values above and example webhook security key of abcdefghijklmnop, will produce the following hash input:

Copy
Copied
075&74318&478&5574&APLPAY&Inactive&0000123&01&20201105173851&abcdefghijklmnop
Solaris is the brand name for the regulated entities Contis Financial Services Ltd and UAB „Finansinės paslaugos „Contis“, which are part of the Solaris Group.