Skip to main content

Update Card

POST https://api-sandbox.letpay.io/subscriptions/SUBSCRIPTION_ID/token

This HTTP POST request is used to update the card associated with an active subscription. Use this endpoint when a payer's card has expired, been replaced, or when the merchant wants to link a different card to the recurring billing. The subscription remains ACTIVE and the next billing cycle will use the new card.

Two strategies are supported:

  • New Card: Provide the raw card details to tokenize a new card.
  • Existing Token: Reference a card already tokenized in ePag using public_person_id and public_card_id.

Authorization

HeaderValue
X-Auth-TokenMY_ACCESS_TOKEN

Request Body Parameters

Use one of the following strategies:

New Card (tokenization)

  • number (required/string): Card number (PAN).
  • cvv (required/string): Card security code.
  • month (required/string): Two-digit expiry month (e.g., "12").
  • year (required/string): Four-digit expiry year (e.g., "2028").
  • holder (required/string): Name as printed on the card.

Existing Token

  • public_person_id (required/string): ePag's public identifier for the payer.
  • public_card_id (required/string): ePag's public identifier for the card token.

Example Request

New Card
    curl --location 'https://api-sandbox.letpay.io/subscriptions/SUBSCRIPTION_ID/token' \
    --header 'X-Auth-Token: MY_ACCESS_TOKEN' \
    --header 'Content-Type: application/json' \
    --data '{
        "number": "4539620659922097",
        "cvv": "123",
        "month": "12",
        "year": "2028",
        "holder": "Alice Sonnentag"
    }'

Example Response

Header
  Content-Type: application/json
200 OK
    {
        "subscription_id": "00994eee-580e-4334-8030-790178e59d3f",
        "reference_id": "MY_REFERENCE_ID",
        "status": "ACTIVE",
        "public_person_id": "PUBLIC_PERSON_ID",
        "public_card_id": "PUBLIC_CARD_ID",
        "refresh_token": "MY_ACCESS_TOKEN"
    }