Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.ozura.com/llms.txt

Use this file to discover all available pages before exploring further.

Vault API

Reference for Ozura Vault endpoints. For integration steps and concepts, see the Vault Guides. Deployed backends may use different hostnames (e.g. Azure); the path segments below are correct regardless. There is no version prefix (e.g. no /v1).

Authentication

All requests require one of:
  • API KeyX-API-Key header (server-to-server). Get an API key by creating an account at Ozura Vault. POST /tokenize and POST /test-tokens also require X-Pub-Key. For testing you can use: pk_prod_jys4le1jgncomgda_L8HbeakKLNRWdBXoX5A6QJUYOlhUkNle. Do not use this test pub key in production or with sensitive card data. For a production pub key, contact ammar@ozura.com. See Verify API Key.
  • JWTAuthorization: Bearer <token> or cookie (user context).
Details: Authentication.

Endpoints

MethodPathDescription
POST/tokenizeCreate a token from card or bank data
POST/proxy/transactionForward request to a PSP with card data injected
GET/api/applications/keyVerify API key and read permissions
AuthenticationAPI key vs JWT, which endpoints use which
| POST | Test tokens | Create test token with long-lived CVC (X-Pub-Key + API key/JWT) | | GET/POST/PUT/DELETE | Applications | Create, list, update, delete apps; verify key (API key) |

Errors