Ask Moov Beta
Generative AI is experimental and can make mistakes.
Guides Dashboard Use cases API Changelog
  1. API reference
  2. Sources
  3. Cards

List cards

List all the active cards associated with a Moov account.

Read our accept card payments guide to learn more.

To access this endpoint using an access token you’ll need to specify the /accounts/{accountID}/cards.read scope.

GET
/accounts/{accountID}/cards
cURL Go 
1
2

curl -X GET "https://api.moov.io/accounts/{accountID}/cards" \
  -H "Authorization: Bearer {token}" \

1
2
3
4
5

mc, _ := moov.NewClient()

var accountID string

mc.ListCards(ctx, accountID)
200 401 403 429 500 504
The request completed successfully.
[
  {
    "billingAddress": {
      "addressLine1": "123 Main Street",
      "addressLine2": "Apt 302",
      "city": "Boulder",
      "country": "US",
      "postalCode": "80301",
      "stateOrProvince": "CO"
    },
    "bin": "123456",
    "brand": "Visa",
    "cardAccountUpdater": {
      "updateType": "number-update",
      "updatedOn": "2024-05-06T12:20:38.184Z"
    },
    "cardCategory": "CLASSIC",
    "cardID": "01234567-89ab-cdef-0123-456789abcdef",
    "cardOnFile": true,
    "cardType": "credit",
    "cardVerification": {
      "accountName": {
        "firstName": "match",
        "fullName": "match",
        "lastName": "match",
        "middleName": "match"
      },
      "addressLine1": "match",
      "cvv": "match",
      "postalCode": "match"
    },
    "commercial": false,
    "domesticPullFromCard": "supported",
    "domesticPushToCard": "standard",
    "expiration": {
      "month": "01",
      "year": "21"
    },
    "fingerprint": "9948962d92a1ce40c9f918cd9ece3a22bde62fb325a2f1fe2e833969de672ba3",
    "holderName": "Jules Jackson",
    "issuer": "GRINGOTTS BANK",
    "issuerCountry": "US",
    "issuerPhone": "8185551212",
    "issuerURL": "HTTPS://WWW.EXAMPLE.COM/",
    "lastFourCardNumber": "1234",
    "merchantAccountID": "01234567-89ab-cdef-0123-456789abcdef",
    "paymentMethods": [
      {
        "paymentMethodID": "01234567-89ab-cdef-0123-456789abcdef",
        "paymentMethodType": "card-payment"
      },
      {
        "paymentMethodID": "01234567-89ab-cdef-0123-456789abcdef",
        "paymentMethodType": "push-to-card"
      },
      {
        "paymentMethodID": "01234567-89ab-cdef-0123-456789abcdef",
        "paymentMethodType": "pull-from-card"
      }
    ],
    "regulated": false
  }
]

Response headers

x-request-id

string <uuid> required
A unique identifier used to trace requests.
The request contained missing or expired authentication.

Response headers

x-request-id

string <uuid> required
A unique identifier used to trace requests.
The user is not authorized to make the request.

Response headers

x-request-id

string <uuid> required
A unique identifier used to trace requests.
Request was refused due to rate limiting.

Response headers

x-request-id

string <uuid> required
A unique identifier used to trace requests.
The request failed due to an unexpected error.

Response headers

x-request-id

string <uuid> required
A unique identifier used to trace requests.
The request failed because a downstream service failed to respond.

Response headers

x-request-id

string <uuid> required
A unique identifier used to trace requests.

Headers

x-moov-version

string
API version

Specify an API version.

API versioning follows the format vYYYY.QQ.BB, where

  • YYYY is the year
  • QQ is the two-digit month for the first month of the quarter (e.g., 01, 04, 07, 10)
  • BB is the build number, starting at .01, for subsequent builds in the same quarter.
    • For example, v2024.01.00 is the initial release of the first quarter of 2024.

The latest version represents the most recent development state. It may include breaking changes and should be treated as a beta release.

Default: v2024.01.00

Path parameters

accountID

string <uuid> required

Response

application/json

billingAddress

object
Show child attributes

postalCode

string <=10 characters required

addressLine1

string <=60 characters

addressLine2

string <=32 characters

city

string <=32 characters

country

string <=2 characters

stateOrProvince

string <=2 characters

bin

string [6 to 8] characters
The first six to eight digits of the card number, which identifies the financial institution that issued the card.

brand

string<enum>
The card brand.
Possible values: American Express, Discover, Mastercard, Visa, Unknown

cardAccountUpdater

object
The results of the most recent card update request.
Show child attributes

updateType

string<enum>
The results of the card update request.
Possible values: unspecified, account-closed, contact-cardholder, expiration-update, no-change, no-match, number-update

updatedOn

string<date-time>

cardCategory

string
The category or level of the card defined by the issuer. Examples include, but not limited to, “REWARDS”, “TRADITIONAL REWARDS”, “CLASSIC”, and “CORPORATE PURCHASING”.

cardID

string<uuid>
ID of the card.

cardOnFile

boolean
Indicates cardholder has authorized card to be stored for future payments.

cardType

string<enum>
The type of the card.
Possible values: debit, credit, prepaid, unknown

cardVerification

object
The results of submitting cardholder data to a card network for verification.
Show child attributes

accountName

object required
The results of submitting cardholder name to a card network for verification.
Show child attributes

firstName

string<enum> required
Possible values: noMatch, match, notChecked, unavailable, partialMatch

fullName

string<enum> required
Possible values: noMatch, match, notChecked, unavailable, partialMatch

lastName

string<enum> required
Possible values: noMatch, match, notChecked, unavailable, partialMatch

middleName

string<enum> required
Possible values: noMatch, match, notChecked, unavailable, partialMatch

addressLine1

string<enum> required
Possible values: noMatch, match, notChecked, unavailable, partialMatch

cvv

string<enum> required
Possible values: noMatch, match, notChecked, unavailable, partialMatch

postalCode

string<enum> required
Possible values: noMatch, match, notChecked, unavailable, partialMatch

commercial

boolean
If true, the card is for commercial use, or associated with a business. If false, the card is associated with a general consumer.

domesticPullFromCard

string<enum>
Indicates if the card supports domestic pull-from-card transfer.
Possible values: not-supported, supported, unknown

domesticPushToCard

string<enum>
Indicates which level of domestic push-to-card transfer is supported by the card, if any.
Possible values: not-supported, standard, fast-funds, unknown

expiration

object
The expiration date of the card or token.
Show child attributes

month

string 2 characters required

year

string 2 characters required

fingerprint

string <=100 characters
Uniquely identifies a linked payment card or token. For Apple Pay, the fingerprint is based on the tokenized card number and may vary based on the user’s device. This field can be used to identify specific payment methods across multiple accounts on your platform.

holderName

string
The name of the cardholder as it appears on the card.

issuer

string
Financial institution that issued the card.

issuerCountry

string
Country where the card was issued.

issuerPhone

string
Phone number of the issuer.

issuerURL

string<uri>
URL of the issuer.

lastFourCardNumber

string 4 characters
Last four digits of the card number

merchantAccountID

string<uuid>

paymentMethods

array
Show child attributes

paymentMethodID

string<uuid>
ID of the payment method.

paymentMethodType

string<enum>
The payment method type that represents a payment rail and directionality
Possible values: moov-wallet, ach-debit-fund, ach-debit-collect, ach-credit-standard, ach-credit-same-day, rtp-credit, card-payment, push-to-card, pull-from-card, apple-pay, card-present-payment

regulated

boolean
If true, the card issuing bank is regulated, and the scheme fees for debit transactions will be limited based on the Durbin Amendment. If false, the card issuing bank is not regulated, and the scheme fees will not be limited.