> ## Documentation Index
> Fetch the complete documentation index at: https://api.corpay.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Register for receiving replaced card information.

> To get replaced card data from Corpay system, register for webhook using Card Identifier of original card.
for each card the registration needs to be done separately. if hmac_enabled is set true then hmac_secret is needed. 
max_retries value by default it set to 1.
If registration process has failed and consumer has missed the response, then same data can be obtained using /cards/{cardIdentifier}/replacedCard API.
Upon successful replacement of the card, the replaced card object would be published to target url.
     




## OpenAPI

````yaml /openapi.yaml post /cards/replaced
openapi: 3.1.0
info:
  title: Corpay APIs
  version: 1.0.0
  description: >
    Corpay APIs for customer profile management, card management, transaction
    history, and master data retrieval.
servers:
  - url: https://apigwuat.corpay.com
    description: Test environment
  - url: https://apigw.corpay.com
    description: Production environment
security:
  - oauth2ClientCredentials: []
tags:
  - name: Customer
    description: Customer profile and account lifecycle APIs
  - name: Card
    description: Card retrieval, ordering and lifecycle APIs
  - name: Geosearch
    description: >-
      Search and retrieve detailed information about charging locations and
      stations
  - name: Remote Charging
    description: >-
      Control charging sessions remotely including starting and stopping
      sessions, and monitoring session status
  - name: EV Session
    description: >-
      Access and manage charging session data including history, status, and
      detailed session information
  - name: Transaction
    description: Transaction history APIs
  - name: Master
    description: Master/reference data APIs
  - name: Webhooks
    description: Event callback payloads sent by Corpay
paths:
  /cards/replaced:
    post:
      tags:
        - Webhooks
      summary: Register for receiving replaced card information.
      description: >
        To get replaced card data from Corpay system, register for webhook using
        Card Identifier of original card.

        for each card the registration needs to be done separately. if
        hmac_enabled is set true then hmac_secret is needed. 

        max_retries value by default it set to 1.

        If registration process has failed and consumer has missed the response,
        then same data can be obtained using
        /cards/{cardIdentifier}/replacedCard API.

        Upon successful replacement of the card, the replaced card object would
        be published to target url.
             
      operationId: registerCardReplaced
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - cardIdentifier
                - target_url
              properties:
                cardIdentifier:
                  type: integer
                target_url:
                  type: string
                  description: >-
                    url for the system where webhook should respond to in case
                    of event.
                hmac_enabled:
                  type: boolean
                hmac_secret:
                  type: string
                max_retries:
                  type: integer
      responses:
        '201':
          description: created
          content:
            application/json:
              schema:
                type: object
                properties:
                  status:
                    type: string
                  integration_key:
                    type: string
                  webhook_id:
                    type: string
              example:
                status: created
                integration_key: corpay.public.api.card.replaced.cardIdenitifier.2823795
                webhook_id: 744317f9-ca90-4388-bb00-f2a10f1db627
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          $ref: '#/components/responses/NotFound'
        '409':
          description: Conflict
          content:
            application/json:
              schema:
                type: object
                properties:
                  error:
                    type: string
                  integration_key:
                    type: string
              example:
                error: Integration key already registered
                integration_key: corpay.public.api.card.replaced.cardIdenitifier.2823795
        '500':
          $ref: '#/components/responses/InternalServerError'
components:
  responses:
    BadRequest:
      content:
        application/json:
          example:
            errorCode: ER-001
            errorDescription: Invalid request parameters
          schema:
            $ref: '#/components/schemas/Error'
      description: Bad request - validation error
    Unauthorized:
      description: Unauthorized - missing or invalid authentication token
    Forbidden:
      description: Forbidden - insufficient permissions
    NotFound:
      description: Not found - resource does not exist
    InternalServerError:
      content:
        application/json:
          example:
            errorCode: ER-012
            errorDescription: >-
              The server encountered an unexpected condition and could not
              complete the request. Please contact Corpay Support.
          schema:
            $ref: '#/components/schemas/Error'
      description: Internal server error
  schemas:
    Error:
      example:
        errorCode: ER-001
        errorDescription: Invalid request parameters
      properties:
        errorCode:
          type: string
        errorDescription:
          type: string
      required:
        - errorCode
        - errorDescription
      type: object
  securitySchemes:
    oauth2ClientCredentials:
      description: >
        Use OAuth2 client credentials to obtain a bearer token.


        Token endpoint:

        `POST <BASE_URL>/keycloak/realms/longship/protocol/openid-connect/token`


        Use the same base URL as the selected API server:

        - Test environment: `https://apigwuat.corpay.com`

        - Production environment: `https://apigw.corpay.com`


        Example:

        ```bash

        curl --location
        '<BASE_URL>/keycloak/realms/longship/protocol/openid-connect/token' \

        --header 'accept: application/json' \

        --data-urlencode 'grant_type=client_credentials' \

        --data-urlencode 'client_id=.......' \

        --data-urlencode 'client_secret=......'

        ```
      flows:
        clientCredentials:
          scopes: {}
          tokenUrl: /keycloak/realms/longship/protocol/openid-connect/token
      type: oauth2

````