Skip to main content
A PSP token is a provider-specific card token issued by a payment service. Unlike a Gr4vy vault token (which is portable), a PSP token is tied to a single provider and can only be used with that provider. Once a card is stored in the vault, you can provision a PSP token for it against any connected payment service.
using Gr4vy;
using Gr4vy.Models.Components;

var sdk = new Gr4vySDK(
    id: "example",
    server: SDKConfig.Server.Sandbox,
    bearerAuthSource: Auth.WithToken(privateKey),
    merchantAccountId: "default"
);

var res = await sdk.PaymentMethods.PaymentServiceTokens.CreateAsync(
    paymentMethodId: "ef9496d8-53a5-4aad-8ca2-00eb68334389",
    paymentServiceTokenCreate: new PaymentServiceTokenCreate() {
        PaymentServiceId = "fffd152a-9532-4087-9a4f-de58754210f0",
        RedirectUrl = "https://example.com/callback",
    }
);

// handle response
package main

import (
	"context"
	"os"
	gr4vygo "github.com/gr4vy/gr4vy-go"
	"github.com/gr4vy/gr4vy-go/models/components"
	"log"
)

func main() {
    ctx := context.Background()

    s := gr4vygo.New(
        gr4vygo.WithMerchantAccountID("default"),
        gr4vygo.WithSecurity(os.Getenv("GR4VY_BEARER_AUTH")),
    )

    res, err := s.PaymentMethods.PaymentServiceTokens.Create(
        ctx,
        "ef9496d8-53a5-4aad-8ca2-00eb68334389",
        components.PaymentServiceTokenCreate{
            PaymentServiceID: "fffd152a-9532-4087-9a4f-de58754210f0",
            RedirectURL:      "https://example.com/callback",
        },
    )
    if err != nil {
        log.Fatal(err)
    }
    if res != nil {
        // handle response
    }
}
package hello.world;

import com.gr4vy.sdk.Gr4vy;
import com.gr4vy.sdk.models.components.PaymentServiceTokenCreate;
import com.gr4vy.sdk.models.operations.CreatePaymentMethodPaymentServiceTokenResponse;
import java.lang.Exception;

public class Application {

    public static void main(String[] args) throws Exception {

        Gr4vy sdk = Gr4vy.builder()
                .merchantAccountId("default")
                .bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
            .build();

        CreatePaymentMethodPaymentServiceTokenResponse res = sdk.paymentMethods().paymentServiceTokens().create()
                .paymentMethodId("ef9496d8-53a5-4aad-8ca2-00eb68334389")
                .paymentServiceTokenCreate(PaymentServiceTokenCreate.builder()
                    .paymentServiceId("fffd152a-9532-4087-9a4f-de58754210f0")
                    .redirectUrl("https://example.com/callback")
                    .build())
                .call();

        if (res.paymentServiceToken().isPresent()) {
            System.out.println(res.paymentServiceToken().get());
        }
    }
}
declare(strict_types=1);

require 'vendor/autoload.php';

use Gr4vy;
use Gr4vy\Auth;

$privateKey = file_get_contents('./private_key.pem');

$sdk = Gr4vy\SDK::builder()
    ->setId('example')
    ->setServer('sandbox')
    ->setSecuritySource(Auth::withToken($privateKey))
    ->setMerchantAccountId('default')
    ->build();

$response = $sdk->paymentMethods->paymentServiceTokens->create(
    paymentMethodId: 'ef9496d8-53a5-4aad-8ca2-00eb68334389',
    paymentServiceTokenCreate: new Gr4vy\PaymentServiceTokenCreate(
        paymentServiceId: 'fffd152a-9532-4087-9a4f-de58754210f0',
        redirectUrl: 'https://example.com/callback',
    )
);

if ($response->paymentServiceToken !== null) {
    // handle response
}
from gr4vy import Gr4vy, auth

with Gr4vy(
    id="example",
    server="sandbox",
    merchant_account_id="default",
    bearer_auth=auth.with_token(open("./private_key.pem").read())
) as g_client:
    res = g_client.payment_methods.payment_service_tokens.create(
        payment_method_id="ef9496d8-53a5-4aad-8ca2-00eb68334389",
        payment_service_id="fffd152a-9532-4087-9a4f-de58754210f0",
        redirect_url="https://example.com/callback"
    )
    print(res)
import { Gr4vy, withToken } from "@gr4vy/sdk";
import fs from "fs";

const gr4vy = new Gr4vy({
    id: "example",
    server: "sandbox",
    merchantAccountId: "default",
    bearerAuth: withToken({
      privateKey: fs.readFileSync("private_key.pem", "utf8"),
    }),
});

const result = await gr4vy.paymentMethods.paymentServiceTokens.create({
    paymentServiceId: "fffd152a-9532-4087-9a4f-de58754210f0",
    redirectUrl: "https://example.com/callback",
}, "ef9496d8-53a5-4aad-8ca2-00eb68334389");

console.log(result);
The response contains the provisioned token details, including the provider’s token reference.

PSP Tokenization feature guide

Learn more about PSP tokens, when to use them vs network tokens, and how to list and delete them

Next steps

With a card stored in the vault, you can forward it to a third-party endpoint using Vault Forwarding.