> ## Documentation Index
> Fetch the complete documentation index at: https://api.corpay.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Register for getting details of newly created cards.

> To get newly ordered cards data from Corpay system, register for webhook using Customer Account Number and Order reference (Which was part of response of card order API).
Please note, the registration needs to be done immediately after card order.
If registration process has failed and consumer has missed the response, then same data can be obtained using /cards/search API.
for each card order the registration needs to be done separately. if hmac_enabled is set true then hmac_secret is needed. 
max_retries value by default it set to 1.
Upon successful card order, the newly created cards will be published to target url as array of card object.
The cards created will not be activated immediately, the card will be activated once the physical card has been created and sent to card delivery address, which takes upto 2 days.
The webhook would respond with created card data once the cards are activated in Corpay System, Which would take upto 24 - 36 hrs.
To get the real time status of the card, register for card status updates using Card Identifier received from this webhook.    




## OpenAPI

````yaml /openapi.yaml post /cards/created
openapi: 3.1.0
info:
  title: Corpay APIs
  version: 1.0.0
  description: >
    Corpay APIs for customer profile management, card management, transaction
    history, and master data retrieval.
servers:
  - url: https://apigwuat.corpay.com
    description: Test environment
  - url: https://apigw.corpay.com
    description: Production environment
security:
  - oauth2ClientCredentials: []
tags:
  - name: Customer
    description: Customer profile and account lifecycle APIs
  - name: Card
    description: Card retrieval, ordering and lifecycle APIs
  - name: Geosearch
    description: >-
      Search and retrieve detailed information about charging locations and
      stations
  - name: Remote Charging
    description: >-
      Control charging sessions remotely including starting and stopping
      sessions, and monitoring session status
  - name: EV Session
    description: >-
      Access and manage charging session data including history, status, and
      detailed session information
  - name: Transaction
    description: Transaction history APIs
  - name: Master
    description: Master/reference data APIs
  - name: Webhooks
    description: Event callback payloads sent by Corpay
paths:
  /cards/created:
    post:
      tags:
        - Webhooks
      summary: Register for getting details of newly created cards.
      description: >
        To get newly ordered cards data from Corpay system, register for webhook
        using Customer Account Number and Order reference (Which was part of
        response of card order API).

        Please note, the registration needs to be done immediately after card
        order.

        If registration process has failed and consumer has missed the response,
        then same data can be obtained using /cards/search API.

        for each card order the registration needs to be done separately. if
        hmac_enabled is set true then hmac_secret is needed. 

        max_retries value by default it set to 1.

        Upon successful card order, the newly created cards will be published to
        target url as array of card object.

        The cards created will not be activated immediately, the card will be
        activated once the physical card has been created and sent to card
        delivery address, which takes upto 2 days.

        The webhook would respond with created card data once the cards are
        activated in Corpay System, Which would take upto 24 - 36 hrs.

        To get the real time status of the card, register for card status
        updates using Card Identifier received from this webhook.    
      operationId: registerCardCreated
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - customerAccountNumber
                - orderReference
                - target_url
              properties:
                customerAccountNumber:
                  type: string
                orderReference:
                  type: string
                target_url:
                  type: string
                  description: >-
                    url for the system where webhook should respond to in case
                    of event.
                hmac_enabled:
                  type: boolean
                hmac_secret:
                  type: string
                max_retries:
                  type: integer
      responses:
        '201':
          description: created
          content:
            application/json:
              schema:
                type: object
                properties:
                  status:
                    type: string
                  integration_key:
                    type: string
                  webhook_id:
                    type: string
              example:
                status: created
                integration_key: >-
                  corpay.gfn.cards.created.customerAccountNumber.7000001565.orderReference.593153cc-7cb0-48e4-8f7c-e9bea6ce8bb9
                webhook_id: 744317f9-ca90-4388-bb00-f2a10f1db627
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          $ref: '#/components/responses/NotFound'
        '409':
          description: Conflict
          content:
            application/json:
              schema:
                type: object
                properties:
                  error:
                    type: string
                  integration_key:
                    type: string
              example:
                error: Integration key already registered
                integration_key: >-
                  corpay.gfn.cards.created.customerAccountNumber.7000001565.orderReference.593153cc-7cb0-48e4-8f7c-e9bea6ce8bb9
        '500':
          $ref: '#/components/responses/InternalServerError'
components:
  responses:
    BadRequest:
      content:
        application/json:
          example:
            errorCode: ER-001
            errorDescription: Invalid request parameters
          schema:
            $ref: '#/components/schemas/Error'
      description: Bad request - validation error
    Unauthorized:
      description: Unauthorized - missing or invalid authentication token
    Forbidden:
      description: Forbidden - insufficient permissions
    NotFound:
      description: Not found - resource does not exist
    InternalServerError:
      content:
        application/json:
          example:
            errorCode: ER-012
            errorDescription: >-
              The server encountered an unexpected condition and could not
              complete the request. Please contact Corpay Support.
          schema:
            $ref: '#/components/schemas/Error'
      description: Internal server error
  schemas:
    Error:
      example:
        errorCode: ER-001
        errorDescription: Invalid request parameters
      properties:
        errorCode:
          type: string
        errorDescription:
          type: string
      required:
        - errorCode
        - errorDescription
      type: object
  securitySchemes:
    oauth2ClientCredentials:
      description: >
        Use OAuth2 client credentials to obtain a bearer token.


        Token endpoint:

        `POST <BASE_URL>/keycloak/realms/longship/protocol/openid-connect/token`


        Use the same base URL as the selected API server:

        - Test environment: `https://apigwuat.corpay.com`

        - Production environment: `https://apigw.corpay.com`


        Example:

        ```bash

        curl --location
        '<BASE_URL>/keycloak/realms/longship/protocol/openid-connect/token' \

        --header 'accept: application/json' \

        --data-urlencode 'grant_type=client_credentials' \

        --data-urlencode 'client_id=.......' \

        --data-urlencode 'client_secret=......'

        ```
      flows:
        clientCredentials:
          scopes: {}
          tokenUrl: /keycloak/realms/longship/protocol/openid-connect/token
      type: oauth2

````