Skip to main content
POST
/
cards
/
order
Order cards
curl --request POST \
  --url https://apigwuat.corpay.com/cards/order \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "customerAccountNumber": "<string>",
  "cards": [
    {
      "additionalEmbossing": "new purchase",
      "cardAddress": {
        "companyName": "ABC Ltd",
        "addressLines": "Unit 10, Industrial Estate Oxford Road",
        "city": "Oxford",
        "country": "United Kingdom",
        "countryCode": "GBR",
        "region": "Oxfordshire",
        "zipCode": "OX1 3PA"
      },
      "cardCategoryId": 1,
      "cardContact": {
        "emailAddress": "jane.smith@example.com",
        "firstName": "Jane",
        "lastName": "Smith",
        "middleName": "B",
        "mobilePhone": "+447700900124",
        "telephone": "+441234567891"
      },
      "cardGroupId": 12,
      "cardPIN": "2345",
      "cardTypeId": 1234,
      "driverName": "James Smith",
      "fuelProductRestrictionId": 1,
      "isDriverEmbossed": true,
      "isVRNEmbossed": true,
      "products": [
        {
          "productId": 101
        },
        {
          "productId": 102
        }
      ],
      "purchaseCategoryId": 12,
      "vehicleRegNumber": "AB12 CDE"
    }
  ]
}
'
import requests

url = "https://apigwuat.corpay.com/cards/order"

payload = {
    "customerAccountNumber": "<string>",
    "cards": [
        {
            "additionalEmbossing": "new purchase",
            "cardAddress": {
                "companyName": "ABC Ltd",
                "addressLines": "Unit 10, Industrial Estate Oxford Road",
                "city": "Oxford",
                "country": "United Kingdom",
                "countryCode": "GBR",
                "region": "Oxfordshire",
                "zipCode": "OX1 3PA"
            },
            "cardCategoryId": 1,
            "cardContact": {
                "emailAddress": "jane.smith@example.com",
                "firstName": "Jane",
                "lastName": "Smith",
                "middleName": "B",
                "mobilePhone": "+447700900124",
                "telephone": "+441234567891"
            },
            "cardGroupId": 12,
            "cardPIN": "2345",
            "cardTypeId": 1234,
            "driverName": "James Smith",
            "fuelProductRestrictionId": 1,
            "isDriverEmbossed": True,
            "isVRNEmbossed": True,
            "products": [{ "productId": 101 }, { "productId": 102 }],
            "purchaseCategoryId": 12,
            "vehicleRegNumber": "AB12 CDE"
        }
    ]
}
headers = {
    "Authorization": "Bearer <token>",
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
  method: 'POST',
  headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
  body: JSON.stringify({
    customerAccountNumber: '<string>',
    cards: [
      {
        additionalEmbossing: 'new purchase',
        cardAddress: {
          companyName: 'ABC Ltd',
          addressLines: 'Unit 10, Industrial Estate Oxford Road',
          city: 'Oxford',
          country: 'United Kingdom',
          countryCode: 'GBR',
          region: 'Oxfordshire',
          zipCode: 'OX1 3PA'
        },
        cardCategoryId: 1,
        cardContact: {
          emailAddress: 'jane.smith@example.com',
          firstName: 'Jane',
          lastName: 'Smith',
          middleName: 'B',
          mobilePhone: '+447700900124',
          telephone: '+441234567891'
        },
        cardGroupId: 12,
        cardPIN: '2345',
        cardTypeId: 1234,
        driverName: 'James Smith',
        fuelProductRestrictionId: 1,
        isDriverEmbossed: true,
        isVRNEmbossed: true,
        products: [{productId: 101}, {productId: 102}],
        purchaseCategoryId: 12,
        vehicleRegNumber: 'AB12 CDE'
      }
    ]
  })
};

fetch('https://apigwuat.corpay.com/cards/order', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://apigwuat.corpay.com/cards/order",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => json_encode([
    'customerAccountNumber' => '<string>',
    'cards' => [
        [
                'additionalEmbossing' => 'new purchase',
                'cardAddress' => [
                                'companyName' => 'ABC Ltd',
                                'addressLines' => 'Unit 10, Industrial Estate Oxford Road',
                                'city' => 'Oxford',
                                'country' => 'United Kingdom',
                                'countryCode' => 'GBR',
                                'region' => 'Oxfordshire',
                                'zipCode' => 'OX1 3PA'
                ],
                'cardCategoryId' => 1,
                'cardContact' => [
                                'emailAddress' => 'jane.smith@example.com',
                                'firstName' => 'Jane',
                                'lastName' => 'Smith',
                                'middleName' => 'B',
                                'mobilePhone' => '+447700900124',
                                'telephone' => '+441234567891'
                ],
                'cardGroupId' => 12,
                'cardPIN' => '2345',
                'cardTypeId' => 1234,
                'driverName' => 'James Smith',
                'fuelProductRestrictionId' => 1,
                'isDriverEmbossed' => true,
                'isVRNEmbossed' => true,
                'products' => [
                                [
                                                                'productId' => 101
                                ],
                                [
                                                                'productId' => 102
                                ]
                ],
                'purchaseCategoryId' => 12,
                'vehicleRegNumber' => 'AB12 CDE'
        ]
    ]
  ]),
  CURLOPT_HTTPHEADER => [
    "Authorization: Bearer <token>",
    "Content-Type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io"
)

func main() {

	url := "https://apigwuat.corpay.com/cards/order"

	payload := strings.NewReader("{\n  \"customerAccountNumber\": \"<string>\",\n  \"cards\": [\n    {\n      \"additionalEmbossing\": \"new purchase\",\n      \"cardAddress\": {\n        \"companyName\": \"ABC Ltd\",\n        \"addressLines\": \"Unit 10, Industrial Estate Oxford Road\",\n        \"city\": \"Oxford\",\n        \"country\": \"United Kingdom\",\n        \"countryCode\": \"GBR\",\n        \"region\": \"Oxfordshire\",\n        \"zipCode\": \"OX1 3PA\"\n      },\n      \"cardCategoryId\": 1,\n      \"cardContact\": {\n        \"emailAddress\": \"jane.smith@example.com\",\n        \"firstName\": \"Jane\",\n        \"lastName\": \"Smith\",\n        \"middleName\": \"B\",\n        \"mobilePhone\": \"+447700900124\",\n        \"telephone\": \"+441234567891\"\n      },\n      \"cardGroupId\": 12,\n      \"cardPIN\": \"2345\",\n      \"cardTypeId\": 1234,\n      \"driverName\": \"James Smith\",\n      \"fuelProductRestrictionId\": 1,\n      \"isDriverEmbossed\": true,\n      \"isVRNEmbossed\": true,\n      \"products\": [\n        {\n          \"productId\": 101\n        },\n        {\n          \"productId\": 102\n        }\n      ],\n      \"purchaseCategoryId\": 12,\n      \"vehicleRegNumber\": \"AB12 CDE\"\n    }\n  ]\n}")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("Authorization", "Bearer <token>")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://apigwuat.corpay.com/cards/order")
  .header("Authorization", "Bearer <token>")
  .header("Content-Type", "application/json")
  .body("{\n  \"customerAccountNumber\": \"<string>\",\n  \"cards\": [\n    {\n      \"additionalEmbossing\": \"new purchase\",\n      \"cardAddress\": {\n        \"companyName\": \"ABC Ltd\",\n        \"addressLines\": \"Unit 10, Industrial Estate Oxford Road\",\n        \"city\": \"Oxford\",\n        \"country\": \"United Kingdom\",\n        \"countryCode\": \"GBR\",\n        \"region\": \"Oxfordshire\",\n        \"zipCode\": \"OX1 3PA\"\n      },\n      \"cardCategoryId\": 1,\n      \"cardContact\": {\n        \"emailAddress\": \"jane.smith@example.com\",\n        \"firstName\": \"Jane\",\n        \"lastName\": \"Smith\",\n        \"middleName\": \"B\",\n        \"mobilePhone\": \"+447700900124\",\n        \"telephone\": \"+441234567891\"\n      },\n      \"cardGroupId\": 12,\n      \"cardPIN\": \"2345\",\n      \"cardTypeId\": 1234,\n      \"driverName\": \"James Smith\",\n      \"fuelProductRestrictionId\": 1,\n      \"isDriverEmbossed\": true,\n      \"isVRNEmbossed\": true,\n      \"products\": [\n        {\n          \"productId\": 101\n        },\n        {\n          \"productId\": 102\n        }\n      ],\n      \"purchaseCategoryId\": 12,\n      \"vehicleRegNumber\": \"AB12 CDE\"\n    }\n  ]\n}")
  .asString();
require 'uri'
require 'net/http'

url = URI("https://apigwuat.corpay.com/cards/order")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n  \"customerAccountNumber\": \"<string>\",\n  \"cards\": [\n    {\n      \"additionalEmbossing\": \"new purchase\",\n      \"cardAddress\": {\n        \"companyName\": \"ABC Ltd\",\n        \"addressLines\": \"Unit 10, Industrial Estate Oxford Road\",\n        \"city\": \"Oxford\",\n        \"country\": \"United Kingdom\",\n        \"countryCode\": \"GBR\",\n        \"region\": \"Oxfordshire\",\n        \"zipCode\": \"OX1 3PA\"\n      },\n      \"cardCategoryId\": 1,\n      \"cardContact\": {\n        \"emailAddress\": \"jane.smith@example.com\",\n        \"firstName\": \"Jane\",\n        \"lastName\": \"Smith\",\n        \"middleName\": \"B\",\n        \"mobilePhone\": \"+447700900124\",\n        \"telephone\": \"+441234567891\"\n      },\n      \"cardGroupId\": 12,\n      \"cardPIN\": \"2345\",\n      \"cardTypeId\": 1234,\n      \"driverName\": \"James Smith\",\n      \"fuelProductRestrictionId\": 1,\n      \"isDriverEmbossed\": true,\n      \"isVRNEmbossed\": true,\n      \"products\": [\n        {\n          \"productId\": 101\n        },\n        {\n          \"productId\": 102\n        }\n      ],\n      \"purchaseCategoryId\": 12,\n      \"vehicleRegNumber\": \"AB12 CDE\"\n    }\n  ]\n}"

response = http.request(request)
puts response.read_body
{
  "orderReference": "ORD-20260117-001"
}
[
  {
    "errorCode": "ER-001",
    "errorDescription": "Invalid request parameters"
  },
  {
    "errorCode": "ER-002",
    "errorDescription": "Missing required field"
  }
]
{
  "errorCode": "ER-012",
  "errorDescription": "The server encountered an unexpected condition and could not complete the request. Please contact Corpay Support."
}
Performance expectations:
p50: 300 ms, p99: 900 ms.
Measured on successful requests (2xx), server-side only.
How to interpret these metrics

Authorizations

Authorization
string
header
required

Use OAuth2 client credentials to obtain a bearer token.

Token endpoint: POST <BASE_URL>/keycloak/realms/longship/protocol/openid-connect/token

Use the same base URL as the selected API server:

  • Test environment: https://apigwuat.corpay.com
  • Production environment: https://apigw.corpay.com

Example:

curl --location '<BASE_URL>/keycloak/realms/longship/protocol/openid-connect/token' \
--header 'accept: application/json' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=.......' \
--data-urlencode 'client_secret=......'

Body

application/json
customerAccountNumber
string
required
cards
object[]
required

Response

Order accepted (async)

orderReference
string
required