Push Provisioning

Learn how to add cards to digital wallets with push provisioning.

Provision Card - Digital Wallet (Enterprise)

API Reference: Provision card (Digital Wallet)

Allow your cardholders to directly add payment cards to the device's digital wallet (e.g. Apple Pay) with one touch from your app.

Returns provisioning_payload, a cryptographic payload representing a payment card that can be passed to a device's digital wallet. Each digital wallet has a different API; consult the wallet's documentation for more info.

To determine if a transaction originated from a card once provisioned to the wallet, use the token_info field in ASA.


Provisioning digital wallets requires some additional setup and configuration. Please Contact Us or your Customer Success rep for more information.

POST https://api.lithic.com/v1/cards/{card_token}/provision

Sample Request

curl https://api.lithic.com/v1/cards/f5f905f5-8a8e-49bf-a9b4-c0adaa401456/provision \
  -X POST \
  -H "Authorization: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '
card_token (required, path parameter)Globally unique identifier for the card to be added to a device's digital wallet.
String. Permitted values: 36-digit version 4 UUID (including hyphens).
digital_wallet (required)Name of digital wallet to which the card will be added.
String. Permitted values: APPLE_PAY, GOOGLE_PAY, SAMSUNG_PAY.
certificate (required only if digital_wallet is APPLE_PAY)Apple's public leaf certificate, provided by the device's wallet.
String. Permitted values: Base64 encoded in PEM format with headers (-----BEGIN CERTIFICATE-----) and trailers omitted.
nonce (required only if digital_wallet is APPLE_PAY)Number provided by the device's wallet to prevent replay attacks.
String. Permitted values: Base64 cryptographic nonce.
nonce_signature (required only if digital_wallet is APPLE_PAY)Device-specific signature for the nonce provided by the device's wallet.
String. Permitted values: Base64 nonce signature.

Sample Response: Apple Pay

     "provisioning_payload": "{\"activationData\": \"...\", \"ephemeralPublicKey\": \"...\", \"encryptedData\": \"...\"}"

Sample Response: Google Pay or Samsung Pay

The provisioning_payload is a base64 encoded JSON payload. The details of this payload may vary based on the digital wallet provider; consult the wallet's documentation for more info.

     "provisioning_payload": "eyJjYXJkSW5mbyI...Q3MjRFRUEzQkI3OEU="

Did this page help you?