m2pfintech
API LibraryToken Management

Get signed nonce for Apple Pay provisioning

Generate a signed nonce required for Apple Pay in-app provisioning flow. The nonce is a one-time use security token that must be passed to the encryptedCardData API.

Important - This endpoint does NOT use the /Yappay/ prefix. The full path is /provision/v1/signedNonce/{appId}.

The appId is your Apple Pay application identifier provided during onboarding.

GET
/provision/v1/signedNonce/{appId}

Authorization

BearerAuth TenantHeader
AuthorizationBearer <token>

JWT Bearer token obtained from the /auth/login endpoint

In: header

TENANT<token>

Tenant identifier provided by M2P (e.g. ENBDTABBY)

In: header

Path Parameters

appId*string

Apple Pay application identifier provided by M2P during onboarding

Response Body

application/json

curl -X GET "https://api.m2p.com/provision/v1/signedNonce/com.example.wallet"
{
  "nonce": "eyJleHAiOjE3MTA5MTg1NDgsImlhdCI6MTcxMDkxODQyOCwiYWxnIjoiSFMyNTYifQ..."
}

Get encrypted card data for digital wallet provisioning POST

Retrieve encrypted card details (account number, expiration, billing address) for secure card provisioning into digital wallets such as Apple Pay and Google Pay. Important - This endpoint does NOT use the /Yappay/ prefix. The full path is /provision/v1/encryptedCardData. The signedNonce is a one-time use security token. The response contains encrypted card data suitable for passing to wallet SDKs for in-app provisioning. The billing address in the response is populated from the customer registration address on file. If an address is provided in the request, it overrides the address on file. Ensure PCI DSS compliant handling of all encrypted card data in the response.

Retrieve digital wallet tokens for a card or specific token POST

Retrieve details about tokens associated with a card kit number or a specific token reference. One card (kitNo) can have multiple tokens, one per device or wallet. Important - This endpoint does NOT use the /Yappay/ prefix. The full path is /itsp/issuer/getTokens. There are two distinct response formats based on the searchSource value. Search by KIT - Set searchSource to KIT and provide kitNo. Returns an array of all tokens associated with the card. The deviceType and deviceID fields may not be present if not found in local records. Search by TOKEN - Set searchSource to TOKEN and provide tokenRequestorID and tokenReferenceID. Returns a single flat object for the specific token queried. Does not include deviceType or deviceID. Token requestor IDs identify wallet providers (e.g. 40010030273 for Apple Pay). Token types include SECURE_ELEMENT (Apple Pay, Google Pay on-device), CLOUD (web payments), and DEVICE (device-specific).