Collect and tokenize card details from client applications.

**Authentication Required:** Public Key (NOT API Key)
- Requires `X-Public-Key: <public_key>` header
- Public key identifies the merchant but provides limited access

**Additional Requirements:**
- `X-User-ID` header required
- Card details are immediately tokenized via VGS
- Raw card data never stored in our systems

Collect Card Details

Location

Message

Error Type

ValidationError

CardDetailsRequest

Auth0Key

PublicKeyAuth

CustomerIdHeader

Confirmation of card collection with tokenized reference

Response model for the /api/v1/wallet/collect endpoint.

CollectCardResponse

HTTPValidationError

nekuda SDK

The nekuda SDK lets any AI agent to securely handle payments and complete checkouts across e-commerce, travel, and other online services.

Introduction

Get started with nekuda SDKs for AI agents to handle payments securely in minutes.

Quickstart

We're here to help you get the most out of Mintlify

Support

Get up and running with `@nekuda/react-nekuda-js`

Getting Started

Customize the appearance and behavior of React nekuda.js components

Customization

Advanced configuration and usage patterns for React nekuda.js

Advanced Usage

Handle errors and troubleshoot issues with React nekuda.js

Error Handling

Install the nekuda Python SDK, set your API key and make your first authenticated call.

Complete your first payment flow with the nekuda Python SDK in under 5 minutes.

Understand the key building blocks of the nekuda Python SDK.

Core Concepts

Complete walkthrough of the payment flow lifecycle with type-safe responses using the nekuda Python SDK.

Usage Guide

Customize the nekuda Python SDK for your production environment.

Configuration

Build resilient applications with comprehensive error handling in the nekuda Python SDK.

Create a new payment mandate for a specific transaction context.

**Authentication Required:** Private API Key
- Requires `X-API-Key: <private_key>` header
- Private key validates customer and grants mandate creation access

**Additional Requirements:**
- `X-User-ID` and `X-Request-ID` headers required
- Mandate data in request body

Create Mandate

Retrieve all mandates for the authenticated customer.

**Authentication Required:** JWT Bearer Token
- Requires `Authorization: Bearer <jwt_token>` header
- Token must contain valid customer ID

Get All Mandates

Retrieve a specific mandate by its ID.

**Authentication Required:** JWT Bearer Token
- Requires `Authorization: Bearer <jwt_token>` header
- Token must contain valid customer ID
- Only returns mandates owned by the authenticated customer

Get Mandate by ID

List all API keys for the authenticated customer (non-sensitive info only).

**Authentication Required:** JWT Bearer Token
- Requires `Authorization: Bearer <jwt_token>` header
- Token must contain valid customer ID

**Returns:** Key metadata without sensitive key values

List API Keys

Generate a new API key pair (public/private) for the authenticated customer.

**Authentication Required:** JWT Bearer Token
- Requires `Authorization: Bearer <jwt_token>` header
- Token must contain valid customer ID

**Returns:** Both public and private keys (private key only shown once!)
- Public Key: For collect operations and read-only access
- Private Key: For sensitive operations like mandate creation

Create API Key

Get details for a specific API key (non-sensitive info only).

**Authentication Required:** JWT Bearer Token
- Requires `Authorization: Bearer <jwt_token>` header
- Token must contain valid customer ID
- Only returns keys owned by the authenticated customer

Get API Key Details

Permanently delete an API key (irreversible action).

**Authentication Required:** JWT Bearer Token
- Requires `Authorization: Bearer <jwt_token>` header
- Token must contain valid customer ID
- Only affects keys owned by the authenticated customer

Delete API Key

Revoke an API key, preventing its future use (irreversible).

**Authentication Required:** JWT Bearer Token
- Requires `Authorization: Bearer <jwt_token>` header
- Token must contain valid customer ID
- Only affects keys owned by the authenticated customer

Revoke API Key

Retrieve all transactions for the authenticated customer.

**Authentication Required:** JWT Bearer Token (signed-in user)
- Requires `Authorization: Bearer <jwt_token>` header
- Token must contain valid customer ID

Get All Transactions

Request a short-lived token to reveal card details for a specific user.

**Authentication Required:** Private API Key
- Requires `X-API-Key: <private_key>` header
- Private key validates customer and grants full access

**Additional Requirements:**
- `X-User-ID` header required
- Valid `mandate_id` in request body
- Mandate validation performed automatically

Request Card Reveal Token

Reveal full card details using a short-lived token.

**Authentication Required:** Short-lived Token
- Requires `Authorization: Bearer <short_lived_token>` header
- Token obtained from `/request_card_reveal_token` endpoint
- Token contains customer_id and user_id context

**Security Note:** Returns sensitive card data including full card number.

Reveal Card Details

Retrieve stored card details for a user (last 4 digits only).

**Authentication Required:** Public Key
- Requires `X-Public-Key: <public_key>` header

**Use Case:** Pre-fill card forms in SDK/frontend applications

Mandates

API Keys

Transactions

Wallet

Collect Card Details

Authorizations

Headers

Body

Response