> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sezzle.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get card data by token

> You can use this endpoint to request card data with the checkout card token. The card token is temporary and only available for a limited time. This endpoint is only needed when a card session is created with a card response format of token.

<Warning>
  **Security Rules** Data is only available for 24 hours and requires an
  authorization token. Once accessed the token is deleted which cannot be
  undone.
</Warning>


## OpenAPI

````yaml get /v2/session/card/token/{token}
openapi: 3.1.0
info:
  title: Sezzle API v2
  description: >-
    This Sezzle API is for merchants who want to accept Sezzle as a payment
    option
  termsOfService: https://legal.sezzle.com
  version: 2.0.0
  x-logo:
    url: https://media.sezzle.com/branding/2.0/png/Logo_WhiteWordmark_500x126.png
    backgroundColor: '#392558'
servers:
  - url: https://sandbox.gateway.sezzle.com
    description: development server, usa, ca
  - url: https://gateway.sezzle.com
    description: production server, usa, ca
security:
  - Bearer: []
externalDocs:
  description: Sezzle API guides and tutorials
  url: https://docs.sezzle.com/sezzle-integration
paths:
  /v2/session/card/token/{token}:
    get:
      tags:
        - Virtual
      summary: Get VC data by token
      description: >-
        You can use this endpoint to request card data with the checkout card
        token. The card token is temporary and only available for a limited
        time. This endpoint is only needed when a card session is created with a
        card response format of token.
      operationId: cardDataByToken
      parameters:
        - name: token
          in: path
          description: The session token to get (from Create Card Session response)
          required: true
          schema:
            type: string
      responses:
        '200':
          description: Successful Operation
          content:
            application/json:
              schema:
                type: object
                properties:
                  cvv_number:
                    type: string
                    description: Sezzle Virtual Card security code
                  expiration_date:
                    type: string
                    format: date-time
                    description: The expiration date of the virtual card
                  first_name:
                    type: string
                    description: Customer's first name
                  last_name:
                    type: string
                    description: Customer's last name
                  pan:
                    type: string
                    description: The 16-digit virtual card number
                example:
                  cvv_number: '123'
                  expiration_date: '0228'
                  first_name: John
                  last_name: Doe
                  pan: '1234'
        '400':
          $ref: '#/components/responses/BadRequestV2'
          example:
            code: bad_request
            message: bad request
        '401':
          $ref: '#/components/responses/UnauthorizedV2'
          example:
            code: unauthorized
            message: authorization not accepted
        '404':
          $ref: '#/components/responses/NotFoundV2'
          example:
            code: record_not_found
            message: not found
        '422':
          $ref: '#/components/responses/UnprocessableV2'
          example:
            code: invalid
            message: UnprocessableV2 entity
components:
  responses:
    BadRequestV2:
      description: Invalid request
      content:
        application/json:
          schema:
            type: array
            items:
              $ref: '#/components/schemas/ErrorV2'
          example:
            - code: bad_request
              message: bad request
    UnauthorizedV2:
      description: >-
        Unauthorized. Returned for any failed bearer or basic auth, including
        expired bearer tokens.
      content:
        application/json:
          schema:
            type: array
            items:
              $ref: '#/components/schemas/ErrorV2'
          example:
            - code: unauthorized
              message: authorization not accepted
    NotFoundV2:
      description: The specified resource was not found
      content:
        application/json:
          schema:
            type: array
            items:
              $ref: '#/components/schemas/ErrorV2'
          example:
            - code: record_not_found
              message: not found
    UnprocessableV2:
      description: Unable to process the request entity
      content:
        application/json:
          schema:
            type: array
            items:
              $ref: '#/components/schemas/ErrorV2'
          example:
            - code: invalid
              message: Unprocessable entity
  schemas:
    ErrorV2:
      type: object
      properties:
        code:
          type: string
          description: The general error type
        message:
          type: string
          description: A more specific error message, if available
        location:
          type: string
          description: Where the error occurred
        debug_uuid:
          type: string
          description: The unique identifier assigned to this error for troubleshooting
  securitySchemes:
    Bearer:
      type: apiKey
      name: Authorization
      in: header
      description: >-
        The authentication token generated from providing API Keys to Sezzle
        Gateway

````