Paymob

Paymob Card Tokens API

Tokenisation surface for the Paymob "Pay with saved card" flow. Lists and deletes tokenised cards and runs both customer-initiated (CIT) and merchant-initiated (MIT) transactions against saved tokens for recurring, on-demand, and one-click payments.

Paymob Card Tokens API is one of 5 APIs that Paymob publishes on the APIs.io network, described by a machine-readable OpenAPI specification.

This API exposes 1 machine-runnable capability that can be deployed as REST, MCP, or Agent Skill surfaces via Naftiko.

Tagged areas include Payments, Card Tokens, Saved Cards, CIT, and MIT. The published artifact set on APIs.io includes API documentation, an OpenAPI specification, and 1 Naftiko capability spec.

GitHub OpenAPI

Documentation

📖
Documentation
https://developers.paymob.com

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/paymob/refs/heads/main/openapi/paymob-card-tokens-api-openapi.yml

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/paymob/refs/heads/main/capabilities/card-tokens-saved-cards.yaml

OpenAPI Specification

paymob-card-tokens-api-openapi.yml Raw ↑ 
openapi: 3.0.3
info:
  title: Paymob Card Tokens API
  version: "1.0"
  description: >-
    The Card Tokens API exposes tokenisation operations for saved-card flows
    (CIT / MIT) and recurring billing. A card token is created the first time a
    cardholder pays with the "save card" flag enabled, then reused on subsequent
    customer-initiated or merchant-initiated transactions.
  contact:
    name: Paymob Developers
    url: https://developers.paymob.com
servers:
- url: https://accept.paymob.com
security:
- BearerAuth: []
paths:
  /api/acceptance/card_tokens:
    get:
      summary: List Card Tokens
      operationId: listCardTokens
      tags: [Card Tokens]
      responses:
        '200':
          description: Card tokens
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/CardToken'
  /api/acceptance/card_tokens/{token_id}:
    delete:
      summary: Delete Card Token
      operationId: deleteCardToken
      tags: [Card Tokens]
      parameters:
      - name: token_id
        in: path
        required: true
        schema:
          type: string
      responses:
        '204':
          description: Token deleted
  /api/acceptance/payments/cit:
    post:
      summary: Customer-Initiated Transaction
      operationId: customerInitiatedTransaction
      tags: [Saved Card Payments]
      description: Charge a saved card with the cardholder present (CIT).
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SavedCardPayment'
      responses:
        '200':
          description: Charge result
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Transaction'
  /api/acceptance/payments/mit:
    post:
      summary: Merchant-Initiated Transaction
      operationId: merchantInitiatedTransaction
      tags: [Saved Card Payments]
      description: Charge a saved card without the cardholder present (MIT).
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SavedCardPayment'
      responses:
        '200':
          description: Charge result
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Transaction'
components:
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
  schemas:
    CardToken:
      type: object
      properties:
        id:
          type: string
        token:
          type: string
        masked_pan:
          type: string
        card_subtype:
          type: string
        email:
          type: string
        order_id:
          type: integer
        created_at:
          type: string
          format: date-time
    SavedCardPayment:
      type: object
      required: [payment_token, source]
      properties:
        payment_token:
          type: string
        source:
          type: object
          required: [identifier, subtype]
          properties:
            identifier:
              type: string
              description: Card token identifier from a previous transaction.
            subtype:
              type: string
              enum: [TOKEN]
    Transaction:
      type: object
      properties:
        id:
          type: integer
        success:
          type: boolean
        amount_cents:
          type: integer
        currency:
          type: string
        is_3d_secure:
          type: boolean
        source_data:
          type: object
          properties:
            type:
              type: string
            sub_type:
              type: string
            pan:
              type: string