POST /test-tokens

Create a test card token with a long-lived CVC session (1-year TTL). Test CVC sessions are not deleted after use in proxy (unlike production CVC sessions). Use for development and testing. Auth: Same as tokenize: X-Pub-Key and X-API-Key (or JWT). For testing you can use pub key pk_prod_jys4le1jgncomgda_L8HbeakKLNRWdBXoX5A6QJUYOlhUkNle. Do not use this test pub key in production or with sensitive card data. For a production pub key, contact ammar@ozura.com.

Request

{
  "cardNumber": "4111111111111111",
  "expirationMonth": "12",
  "expirationYear": "2025",
  "cvc": "123",
  "firstName": "Test",
  "lastName": "User"
}

Field	Type	Required	Description
`cardNumber`	string	Yes	Test card number
`expirationMonth`	string	Yes	2-digit month (01–12)
`expirationYear`	string	Yes	2- or 4-digit year
`cvc`	string	Yes	Security code
`firstName`	string	No	Cardholder first name
`lastName`	string	No	Cardholder last name

Response

201 Created. Includes token, cvc_session_id, mask, bin, test_mode: true, and expires_in (e.g. "1 year (test session)"). The CVC session is long-lived and is not deleted after use in proxy. See POST /tokenize for production tokenization. CVC sessions from /tokenize have a 90-second TTL and are deleted after use.

Vault

Test Tokens

POST /test-tokens

Request

Response

Vault

​POST /test-tokens

​Request

​Response

POST /test-tokens

Request

Response