vellTRDocs
API ReferenceTransactionsCard Access Audit

Card Access Audit

GET/v1/transactions/card-accessOptional

Merchant-scoped card-vault audit rows (who detokenized which card token, when).

Authentication

Signature Pattern

HMAC-SHA256(secretKey, "{timestamp}\nGET\n/v1/transactions/card-access\n{sha256(\"\")}")
HeaderValueDescription
X-Api-Keypk_live_a1b2c3d4e5f6g7h8Merchant public API key
X-Signature{hmac_sha256_hex}Hex HMAC-SHA256 request signature
X-Timestamp2026-04-13T10:00:00ZISO 8601 UTC request time (±5 min)

Request Parameters

NameTypeRequiredDescription
fromstringOptionalISO 8601 lower bound
tostringOptionalISO 8601 upper bound
limitintegerOptionalPage size
cursorstringOptionalOpaque keyset cursor

Response Parameters

FieldTypeExample
itemsarray[…]
items[].opstring"detokenize"
items[].cardTokenstring"tok_9f8e7d6c5b4a"
items[].callerServicestring"payment-engine"
items[].resultstring"ok"
items[].createdAtstring"2026-04-13T10:00:01Z"

Response Example

JSONResponse
{
  "items": [
    {
      "op": "detokenize",
      "cardToken": "tok_9f8e7d6c5b4a",
      "callerService": "payment-engine",
      "result": "ok",
      "createdAt": "2026-04-13T10:00:01Z"
    }
  ]
}

Status Codes

200Success
201Created
400Bad Request
401Unauthorized
404Not Found
429Rate Limited
Try itMock
GEThttps://api.pay.sandbox.kvell.group