> ## Documentation Index > Fetch the complete documentation index at: https://developer.nomba.com/llms.txt > Use this file to discover all available pages before exploring further. # Submit customer card details > Use this endpoint to submit the customers card details ## OpenAPI ````yaml post /v1/checkout/checkout-card-detail openapi: 3.0.1 info: description: '' title: Vendor API version: 1.0.0 servers: - description: Production url: https://api.nomba.com - description: Sandbox url: https://sandbox.nomba.com security: [] tags: - name: Authenticate - name: Accounts - name: Virtual Accounts - name: Online Checkout - name: Charge - name: Transfers - name: Direct Debits - name: Terminals - name: Transactions - name: Airtime and Data Vending - name: Electricity Vending - name: CableTV Subscription - name: Betting Vending paths: /v1/checkout/checkout-card-detail: post: tags: - Charge summary: Submit customer card details description: Use this endpoint to submit the customers card details operationId: Submit customer card details requestBody: content: application/json: schema: $ref: '#/components/schemas/SubmitCardDetails' description: The request payload required to filter account transactions. required: true responses: '200': content: application/json: schema: type: object properties: code: type: string example: '00' description: Response Code description: type: string example: Success description: Response description data: $ref: '#/components/schemas/SubmitCardDetailsResponse' required: - code - description - data description: OK - your request was successful. headers: X-Rate-Limit-Limit: description: The number of allowed requests in the current period schema: type: string example: '40' X-Rate-Limit-Remaining: description: The number of remaining requests in the current period schema: type: string example: '39' X-Rate-Limit-Window: description: The specified rate limit window schema: type: string example: 1s '400': content: application/json: schema: $ref: '#/components/schemas/RequestError' description: The request body sent by merchant did not pass the validation checks '401': content: application/json: schema: $ref: '#/components/schemas/AuthenticationError' description: >- The access_token provided to access the resource is missing or invalid. '403': content: application/json: schema: $ref: '#/components/schemas/AuthorizationError' description: The client does not have the permissions to access this resource '404': content: application/json: schema: $ref: '#/components/schemas/RecordNotFoundError' description: The record that the client is trying to access does not exist. '429': content: application/json: schema: $ref: '#/components/schemas/RateLimitError' description: >- The client has maxed out the number of calls within a time period on this resource. '500': content: application/json: schema: $ref: '#/components/schemas/ServerError' description: Downstream system error. security: - BearerAuth: [] components: schemas: SubmitCardDetails: type: object properties: cardDetails: type: string description: Stringified card details example: cardCVV: 11 cardExpiryMonth: 3 cardExpiryYear: 2050 cardNumber: '5190752909999995' cardPin: 1111 key: type: string description: encryption key is data encrption is in use, else empty string example: '' orderReference: type: string description: the order reference returned when the order was created example: c4307d58-2513-41d8-b7f7-dfecd5f9fdbe saveCard: type: boolean description: >- if true, this this user cardn will be saved for the user's future use. Note the process is not complete until the user-card verification endpoints are called to authenticate the user's phone number. example: 'true' deviceInformation: $ref: '#/components/schemas/DeviceInformation' SubmitCardDetailsResponse: type: object properties: status: type: boolean description: true if the card details were submitted successfully example: 'true' message: type: string description: >- Response message describing the transaction status or further instruction for the user like the case of OTP example: Success responseCode: type: string description: >- response code from the payment gate way. 00 means transaction was successful and completed, T0 means an OTP has been sent to the user and should be entered next, SO means 3D Secure authentication is required and the client application needs to redirect to the 3D secure page based on the information provided in the secureAuthenticationData field example: '00' transactionId: type: string description: >- the unique id of the transaction just created by the submittion of the card details. This value should be passed back to all API calls that require it. example: c4307d58-2513-41d8-b7f7-dfecd5f9fdbe secureAuthenticationData: $ref: '#/components/schemas/SecureAuthenticationData' RequestError: type: object description: Request Error response. properties: code: type: string description: API error code. example: '400' description: type: string description: Additional details about the error. example: Request failed. AuthenticationError: type: object description: Authentication Error response. properties: code: type: string description: API error code. example: '401' description: type: string description: Additional details about the error. example: Unauthorized AuthorizationError: type: object description: Permissions error response. properties: code: type: string description: API error code. example: '403' description: type: string description: Additional details about the error. example: Forbidden RecordNotFoundError: type: object description: Record-Not-Found error response. properties: code: type: string description: API error code. example: '404' description: type: string description: Additional details about the error. example: Record not found RateLimitError: type: object description: Rate-limit error response. properties: code: type: string description: API error code. example: '429' description: type: string description: Additional details about the error. example: Too many requests ServerError: type: object description: Server error response. properties: code: type: string description: API error code. example: '500' description: type: string description: Additional details about the error. example: Server error DeviceInformation: type: object description: Contains browser information for the device making the api calls properties: httpBrowserLanguage: type: string description: Browser language example: en-GB httpBrowserJavaEnabled: type: boolean description: true if Java is enabled in the browser in use example: 'true' httpBrowserJavaScriptEnabled: type: boolean description: true if Javascript is enabled in the browser in use example: 'true' httpBrowserColorDepth: type: string description: Browser color depth example: '30' httpBrowserScreenHeight: type: string description: Browser scren height example: '900' httpBrowserScreenWidth: type: string description: Browser screen weidth example: '1500' httpBrowserTimeDifference: type: string description: Browser time difference example: '-60' userAgentBrowserValue: type: string description: Browser user agent example: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) deviceChannel: type: string description: Device channel example: Browser SecureAuthenticationData: type: object description: >- Authentication data returned from the payment gateway when the payment card requires 3D Secure authentication. This data will be passed to the properties: jwt: type: string description: jwt token example: >- eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c md: type: string description: encryption key is data encrption is in use, else empty string example: '6775843012' acsUrl: type: string description: the order reference returned when the order was created example: https://ip:port/merchant.com/callback termUrl: type: string description: the order reference returned when the order was created example: https://ip:port/merchant.com/callback securitySchemes: BearerAuth: description: >- Nomba authenticates API calls with [OAuth2 HTTP bearer tokens](http://tools.ietf.org/html/rfc6750). There are two methods of authentication; [Client-Credentials method](https://www.rfc-editor.org/rfc/rfc6749) and [PKCE (Proof Key for Code Exchange)](https://www.rfc-editor.org/rfc/rfc7636) method. In each of the methods, You will get an `ACCESS_TOKEN`. You need to use an `"Authorization"` HTTP header to provide your `ACCESS_TOKEN`. For example: `Authorization: {ACCESS_TOKEN}`. scheme: bearer type: http bearerFormat: JWT ````