Quick Start

Get from zero to a tokenized card and a proxied request in a few steps.

Step 1: Get your API key and pub key

X-API-Key: Create an account at Ozura Vault and create a project and application to get your API key. X-Pub-Key: For testing only, you can use this pub key: pk_prod_jys4le1jgncomgda_L8HbeakKLNRWdBXoX5A6QJUYOlhUkNle Do not use this test pub key in production or with sensitive card data. For a production pub key, contact ammar@ozura.com. Store your API key securely (e.g. in an environment variable) and never expose it in frontend code.

Step 2: Tokenize a card

From your backend, call POST /tokenize with the card data. You need both X-API-Key and X-Pub-Key:

curl -X POST https://sandbox-vault.ozura.com/tokenize \
  -H "Content-Type: application/json" \
  -H "X-API-Key: YOUR_API_KEY" \
  -H "X-Pub-Key: YOUR_PUB_KEY" \
  -d '{
    "type": "card",
    "data": {
      "cardNumber": "4111111111111111",
      "expirationMonth": "12",
      "expirationYear": "2025",
      "cvv": "123"
    }
  }'

You’ll get back a token and, because you sent CVV, a cvc_session_id. Store both; you’ll need them for the next step. Full request/response details: API Reference → POST /tokenize.

Step 3: Process a payment (proxy)

Send the token (and CVC session if you have one) to your payment processor via the proxy so your server never sees raw card data:

curl -X POST https://sandbox-vault.ozura.com/proxy/transaction \
  -H "Content-Type: application/json" \
  -H "X-API-Key: YOUR_API_KEY" \
  -d '{
    "token": "tok_...",
    "cvc_session_id": "550e8400-...",
    "proxy_url": "https://api.stripe.com/v1/charges",
    "request_data": {
      "amount": 2000,
      "currency": "usd",
      "source": {
        "number": "${cardNumber}",
        "exp_month": "${expirationMonth}",
        "exp_year": "${expirationYear}",
        "cvc": "${cvv}"
      }
    },
    "http_headers": { "Authorization": "Bearer sk_test_xxx" }
  }'

The proxy replaces ${cardNumber}, ${expirationMonth}, ${expirationYear}, and ${cvv} with real values and forwards the request. Full reference: API Reference → POST /proxy/transaction.

Step 4: Check audit logs (optional)

In the dashboard or via the audit-logs API you can confirm the tokenization and proxy calls. See Audit logs.

What’s next?

Card Payments — API, Elements, or Checkout for cards.
Bank Payments — API, Elements, or Checkout for bank accounts.
Proxy — How the proxy works and when to use it.
Error handling — How to handle errors and when to retry.

Test cards

Use these in sandbox:

Brand	Number	CVC	Expiry
Visa	4111111111111111	Any 3	Any future
Mastercard	5555555555554444	Any 3	Any future
Amex	378282246310005	Any 4	Any future

Getting Started

Vault

Payments

​Quick Start

​Step 1: Get your API key and pub key

​Step 2: Tokenize a card

​Step 3: Process a payment (proxy)

​Step 4: Check audit logs (optional)

​What’s next?

​Test cards