openapi: 3.0.3
info:
  title: dLocal Cards API
  version: '2.1'
  description: |
    Securely store cards for repeat usage. Create returns a `card_id` token
    that can be used in subsequent Payments and Authorizations.
servers:
  - url: https://api.dlocal.com
    description: Production
  - url: https://sandbox.dlocal.com
    description: Sandbox
tags:
  - name: Cards
    description: Tokenize, retrieve, and delete cards.
paths:
  /secure_cards:
    post:
      tags: [Cards]
      operationId: createCard
      summary: Create A Card
      description: Tokenize a card for use in future payments and recurring billing.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CardRequest'
      responses:
        '200':
          description: Card created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CardToken'
  /secure_cards/{card_id}:
    get:
      tags: [Cards]
      operationId: retrieveCard
      summary: Retrieve A Card
      description: Retrieve a previously created card token.
      parameters:
        - name: card_id
          in: path
          required: true
          schema: { type: string }
      responses:
        '200':
          description: Card returned
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CardToken'
    delete:
      tags: [Cards]
      operationId: deleteCard
      summary: Delete A Card
      description: Delete a previously created card token.
      parameters:
        - name: card_id
          in: path
          required: true
          schema: { type: string }
      responses:
        '204':
          description: Card deleted
components:
  schemas:
    CardRequest:
      type: object
      required: [card, payer]
      properties:
        country: { type: string }
        card:
          type: object
          required: [holder_name, number, expiration_month, expiration_year]
          properties:
            holder_name: { type: string }
            number: { type: string }
            expiration_month: { type: integer }
            expiration_year: { type: integer }
            cvv: { type: string }
            encrypted_data: { type: string }
            token: { type: string }
            cvv_token: { type: string }
        payer:
          type: object
          properties:
            name: { type: string }
            email: { type: string, format: email }
            document: { type: string }
            phone: { type: string }
            birth_date: { type: string, format: date }
            address: { type: object }
            ip: { type: string }
            device_id: { type: string }
    CardToken:
      type: object
      properties:
        holder_name: { type: string }
        expiration_month: { type: integer }
        expiration_year: { type: integer }
        brand: { type: string }
        last4: { type: string }
        card_id: { type: string }
        country: { type: string }
  securitySchemes:
    dLocalSignature:
      type: apiKey
      in: header
      name: Authorization
security:
  - dLocalSignature: []