Push to Wallet

Mobile Wallets are digital wallets held on mobile devices that transact with merchants by turning Native Card Primary Account Numbers (PANs) into digital tokens (e.g. for use with Apple Pay, G

Push

POST https://api.synapsefi.com/v3.1/users/:user_id/nodes/:node_id/subnets/:subnet_id/push

This endpoint allows you generate a token to push card to digital wallet.

Path Parameters

Name

Type

Description

subnet_id

string

ID of the subnet.

node_id

string

ID of the node.

user_id

string

ID of the user.

Headers

Name

Type

Description

X-SP-USER

string

User's OAuth key and device fingerprint, separated by a pipe.

X-SP-USER-IP

string

IP address of user's device.

X-SP-GATEWAY

string

Your Client ID and Secret, separated by a pipe.

Request Body

Name

Type

Description

type

string

Instant provisioning type. Can be set as APPLE_PUSH, GOOGLE_PUSH, or SAMSUNG_PUSH.

nonce

string

Base64-encoded nonce provided by Apple.

nonce_signature

string

Base64-encoded nonce signature provided by Apple.

certificates

string

Array of 2 certificates provided by Apple.

{
    "data": {
        "authentication": {
            "activation_data": "eyJ2ZXJzaW9uIjogIjMiLCAic2lnbmF0dXJlQWxnb3JpdGhtIjogIlJTQS1TSEEyNTYiLCAiZGF0YVZhbGlkVW50aWxUaW1lc3RhbXAiOiAiMjAyMC0xMi0yM1QwMTozMTo0NloiLCAiaW5jbHVkZWRGaWVsZHNJbk9yZGVyIjogImRhdGFWYWxpZFVudGlsVGltZXN0YW1wfGFjY291bnROdW1iZXJ8YWNjb3VudEV4cGlyeSIsICJzaWduYXR1cmUiOiAiZXZ1bmVvc0M1ZEVwMG1OaFpxWkVsaWJvV2tHSkJ5N005Mm00YXRNeVE1S1JJMDI0MTR5UFFyWUhGYXZqWk1FRDd5VXcxR21ETzZlMHF1bk91VGRuY2l3STljYmxRd01IQ3NNSWlwdGF6UWcwTCtVcEIweXEzUzRLSm5OQVlkZGR4cGJHbnU5WjZMSjZWSnVjSXJvbUovVXFkYnc3ajV0TTJka3RKZWt6L3pWZHpORXlyOUJJeklhb2NCMmVPSzk2OHFFNTkxWTYwdTZmVFNQK0ZSYUZaZVZGLzQyTnNWdTFMYmkzK1NUK001RnREWHJqL2luUXd2dnFYYXNzNlhKVVNIbDBKb1hBZXhSRXdHdlVoUHdvMmU4amRxZTBpdzhkQ0J6bUpxNS80bkJHWEQ4NEtFTkpLNER0ZmF6cmxucFZLK2VucHp1cE43T1BxdlQrSlU3Ykl3PT0ifQ==",
            "encrypted_data": "Iy/xjUlfaKoSqqDs9sQW2JZA6FwFZai0ynNFt6V4XVYps6X89DAUVNEkuH1xj9Qxj0KgRiyNCJJ4Cx5TQzLx+05pZbZjPKLlX+WVrBessL43U9nQqoTfTELuufFr8Z/Aq554izOPHsB4jgddRsJYl9pNm2kWL26Yx9aNEIcytrTWH4bWeTKkBUll+jk9I8qfoUj0Ugk695k1/bmUzJftGyR7XvuaeLMCdEyt/n7OGJRYmwiaW+ilUq03JumsrVHsPFJ3VVohMaTPps1VStsuER/qWGxPAdWU3lMOp+sJgc3DL5v1MymvjG+4n55mKXgXa+RWWwcbwUlGLZo9AU6/EYVuKS7Uv9A6gqZ7LJVeFmnY+SUNcRTPodNBskfKHt6EbtpSvwNYrcjag+SDaRYF7VEacGl7",
            "public_key": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaAxkO4AsRV+t6Jybi54dbGAJmoQ2dDFChptj+OaARbtEUP+ET7RsX5xd6O9dxuIyBtqDwBr61ncYi+t5AQXTSw=="
        }
    },
    "error": {},
    "success": true
}

{
    "error": {
        "code": "missing_user_credentials",
        "en": "User credentials are missing from the request."
    },
    "error_code": "200",
    "http_code": "400",
    "success": false
}

Example Request

POST /v3.1/users/5fd7acfd8677040053ad486d/nodes/5fd901bb20b3aa0bc7caee85/subnets/5fe28e3e7dac291e78cb4d74/push HTTP/1.1
Host: uat-api.synapsefi.com
X-SP-USER-IP: 255.127.79.76
X-SP-USER: oauth_A0GrzQJKInyljsCtNV37MbeF4ZTYxau9o1WSkdpq|e83cf6ddcf778e37bfe3d48fc78a6502062fc
Content-Type: application/json

{
  "type": "APPLE_PUSH",
  "nonce": "RH0jOQ==",
  "nonce_signature": "QNyNZuyDOO3yu5ymQacY8TjecyYOZP/HraOrc6X4FzNfXZNWG+Om/ocPGg/mQxnmYi2ldudvtny57rLOsiWa5zelzdjUnq0sgpz8kgkEFg/Q",
  "certificates": [
    "MIICzDCCAnKgAwIBAgICEAEwCgYIKoZIzj0EAwIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEDAOBgNVBAoMB1N5bmFwc2UxOjA4BgNVBAMMMVN5bmFwc2UgSW50ZXJtZWRpYXRlIENlcnRpZmljYXRlIEF1dGhvcml0eSAoVGVzdCkwHhcNMjAwNTEwMTY0MDAyWhcNMjEwNTEwMTY0MDAyWjBjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEQMA4GA1UECgwHU3luYXBzZTEtMCsGA1UEAwwkU3luYXBzZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgKFRlc3QpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnYyH0+ctc8rB60T7NFiokvseIlKqXaCNfxr0ui4WBZymQ/5K7+BGJy0hBtLKxOowqXvQB0jhX1NJsfzEpuZoN6OCAQcwggEDMIGYBgNVHSMEgZAwgY2hgYakgYMwgYAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRAwDgYDVQQKDAdTeW5hcHNlMTIwMAYDVQQDDClTeW5hcHNlIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IChUZXN0KYICEAAwHQYDVR0OBBYEFDDO+VuBY5zOYtENt17gsbfkp2upMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgTwMC8GA1UdEQQoMCaCJFN5bmFwc2UgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IChUZXN0KTAKBggqhkjOPQQDAgNIADBFAiB1PZEBcjildMm7Htmxym0wCPubW5TdoVNly5xK2QopKQIhAP9gxYLy4hsRCmgAmu2zLVEc50UQYETpgV5Ugv+C+2k+",
    "MIIB8TCCAZegAwIBAgICEAAwCgYIKoZIzj0EAwIwgYAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRAwDgYDVQQKDAdTeW5hcHNlMTIwMAYDVQQDDClTeW5hcHNlIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IChUZXN0KTAeFw0yMDA1MTAxNjQwMDJaFw0yMTA1MTAxNjQwMDJaMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRAwDgYDVQQKDAdTeW5hcHNlMTowOAYDVQQDDDFTeW5hcHNlIEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgKFRlc3QpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEYw824ov/grw4wHSBOZIJOwiY5TEKpRYCaRKt6E0T/XQnUgwNbiSfiAlIuQ48lTpBizjKU5Xb64veLjqW/xa476MQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiAXzh7aHIWLMgJGl1P4haaekp0HZDWJ7bYzgu3uCy6u/gIhAMTAkXwMlm+9iGLSj+ofgsMXPIIz5+LOQgC1OM/8OPQ7"
  ]
}

curl --location --request POST 'https://uat-api.synapsefi.com/v3.1/users/5fd7acfd8677040053ad486d/nodes/5fd901bb20b3aa0bc7caee85/subnets/5fe28e3e7dac291e78cb4d74/push' \
--header 'X-SP-USER-IP: 255.127.79.76' \
--header 'X-SP-USER: oauth_A0GrzQJKInyljsCtNV37MbeF4ZTYxau9o1WSkdpq|e83cf6ddcf778e37bfe3d48fc78a6502062fc' \
--header 'Content-Type: application/json' \
--header 'Cookie: __cfduid=d8d8fd4abbd2cc9946b8f9e91b46812cc1608683042' \
--data-raw '{
  "type": "APPLE_PUSH",
  "nonce": "RH0jOQ==",
  "nonce_signature": "QNyNZuyDOO3yu5ymQacY8TjecyYOZP/HraOrc6X4FzNfXZNWG+Om/ocPGg/mQxnmYi2ldudvtny57rLOsiWa5zelzdjUnq0sgpz8kgkEFg/Q",
  "certificates": [
    "MIICzDCCAnKgAwIBAgICEAEwCgYIKoZIzj0EAwIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExEDAOBgNVBAoMB1N5bmFwc2UxOjA4BgNVBAMMMVN5bmFwc2UgSW50ZXJtZWRpYXRlIENlcnRpZmljYXRlIEF1dGhvcml0eSAoVGVzdCkwHhcNMjAwNTEwMTY0MDAyWhcNMjEwNTEwMTY0MDAyWjBjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEQMA4GA1UECgwHU3luYXBzZTEtMCsGA1UEAwwkU3luYXBzZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgKFRlc3QpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnYyH0+ctc8rB60T7NFiokvseIlKqXaCNfxr0ui4WBZymQ/5K7+BGJy0hBtLKxOowqXvQB0jhX1NJsfzEpuZoN6OCAQcwggEDMIGYBgNVHSMEgZAwgY2hgYakgYMwgYAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRAwDgYDVQQKDAdTeW5hcHNlMTIwMAYDVQQDDClTeW5hcHNlIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IChUZXN0KYICEAAwHQYDVR0OBBYEFDDO+VuBY5zOYtENt17gsbfkp2upMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgTwMC8GA1UdEQQoMCaCJFN5bmFwc2UgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IChUZXN0KTAKBggqhkjOPQQDAgNIADBFAiB1PZEBcjildMm7Htmxym0wCPubW5TdoVNly5xK2QopKQIhAP9gxYLy4hsRCmgAmu2zLVEc50UQYETpgV5Ugv+C+2k+",
    "MIIB8TCCAZegAwIBAgICEAAwCgYIKoZIzj0EAwIwgYAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMRAwDgYDVQQKDAdTeW5hcHNlMTIwMAYDVQQDDClTeW5hcHNlIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IChUZXN0KTAeFw0yMDA1MTAxNjQwMDJaFw0yMTA1MTAxNjQwMDJaMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRAwDgYDVQQKDAdTeW5hcHNlMTowOAYDVQQDDDFTeW5hcHNlIEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgKFRlc3QpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEYw824ov/grw4wHSBOZIJOwiY5TEKpRYCaRKt6E0T/XQnUgwNbiSfiAlIuQ48lTpBizjKU5Xb64veLjqW/xa476MQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiAXzh7aHIWLMgJGl1P4haaekp0HZDWJ7bYzgu3uCy6u/gIhAMTAkXwMlm+9iGLSj+ofgsMXPIIz5+LOQgC1OM/8OPQ7"
  ]
}'

//

//

//

//

Notes on Apple Pay

Please review Apple's for additional information on how to implement push provisioning in your iOS app. Apple has 3 different "Payment Data Configurations" - Synapse uses Configuration 1.

Below is an overview of the data you must pass from Synapse's API response to Apple's PKAddPaymentPassRequest:

activationData: This is the activation_data returned in Synapse's API response.
encryptedPassData: This is the encrypted_data returned in Synapse's API response.
ephemeralPublicKey: This is the public_key returned in Synapse's API response.

Notes on Google Pay

Please review Google's for additional information on how to implement push provisioning in your Android app.

The Opaque Payment Card ('OPC') object is a combination of the encrypted_data and activation_data returned in Synapse's API response, and can be constructed as follows:

{
    <encrypted_data>,
    "tokenizationAuthenticationValue": <activation_data>
}

Here is an example:

{
    "fundingAccountInfo": {
        "encryptedPayload": {
            "encryptedData": "e471f285c5",
            "encryptedKey": "a0d1746cf0d110abae",
            "iv": "7777606a400",
            "oaepHashingAlgorithm": "SHA256",
            "publicKeyFingerprint": "e980877c757"
        }
    },
    "tokenizationAuthenticationValue": "activation_data"
}

Once you have the OPC object, you should encode it as Base64. The above object would be:

eyJmdW5kaW5nQWNjb3VudEluZm8iOiB7ImVuY3J5cHRlZFBheWxvYWQiOiB7ImVuY3J5cHRlZERhdGEiOiAiZTQ3MWYyODVjNSIsICJlbmNyeXB0ZWRLZXkiOiAiYTBkMTc0NmNmMGQxMTBhYmFlIiwgIml2IjogIjc3Nzc2MDZhNDAwIiwgIm9hZXBIYXNoaW5nQWxnb3JpdGhtIjogIlNIQTI1NiIsICJwdWJsaWNLZXlGaW5nZXJwcmludCI6ICJlOTgwODc3Yzc1NyJ9fSwgInRva2VuaXphdGlvbkF1dGhlbnRpY2F0aW9uVmFsdWUiOiAiYWN0aXZhdGlvbl9kYXRhIn0=

Finally, this is the call your app would make to Google:

UserAddress userAddress = UserAddress.newBuilder()
  .setAddress1("123 Mission St.")
  .setAddress2("#100")
  .setCountryCode("US")
  .setLocality("San Francisco")
  .setAdministrativeArea("CA")
  .setName("Synabot")
  .setPhoneNumber("4155550000")
  .setPostalCode("94105")
  .build();

# this is the Base64 encoded JSON object we created above
string opc_string = “eyJmdW5kaW5nQWNjb3VudEluZm8iOiB7ImVuY3J5cHRlZFBheWxvYWQiOiB7ImVuY3J5cHRlZERhdGEiOiAiZTQ3MWYyODVjNSIsICJlbmNyeXB0ZWRLZXkiOiAiYTBkMTc0NmNmMGQxMTBhYmFlIiwgIml2IjogIjc3Nzc2MDZhNDAwIiwgIm9hZXBIYXNoaW5nQWxnb3JpdGhtIjogIlNIQTI1NiIsICJwdWJsaWNLZXlGaW5nZXJwcmludCI6ICJlOTgwODc3Yzc1NyJ9fSwgInRva2VuaXphdGlvbkF1dGhlbnRpY2F0aW9uVmFsdWUiOiAiYWN0aXZhdGlvbl9kYXRhIn0=”

byte [] opc = opc_string.getBytes()
PushTokenizeRequest pushTokenizeRequest =
                    new PushTokenizeRequest.Builder()
                            .setOpaquePaymentCard(opc)
                            .setNetwork(TapAndPay.CARD_NETWORK_MASTERCARD)
                            .setTokenServiceProvider(TapAndPay.TOKEN_PROVIDER_MASTERCARD)
                            .setDisplayName(“My Synapse Card")
                            .setLastDigits(“1234")
                            .setUserAddress(userAddress)
                            .build();

PreviousUpdate Subnet NextShipments

Last updated 3 years ago

Was this helpful?