Skip to main content
POST
/
card-add
Save a card
curl --request POST \
  --url https://aarwcjjzhlmkgdwrisyt.supabase.co/functions/v1/card-add \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "authorization_code": "AUTH_xyz123",
  "last4": "4081",
  "brand": "visa",
  "exp_month": "12",
  "exp_year": "2027",
  "bank": "GTBank",
  "signature": "SIG_abc456"
}
'
{
  "success": true,
  "status": 201,
  "data": {
    "id": "c1d2e3f4-a5b6-7890-abcd-ef1234567890",
    "last4": "4081",
    "brand": "visa",
    "exp_month": "12",
    "exp_year": "2027",
    "bank": "GTBank",
    "signature": "SIG_abc456",
    "is_default": true,
    "created_at": "2026-04-18T10:00:00.000Z"
  }
}

Authorizations

Authorization
string
header
required

JWT access token obtained from /auth-verify (login context) or /auth-signup. Set the bearer_token environment variable in your API client to apply it globally.

Body

application/json
authorization_code
string
required

Paystack authorization code from the SDK success callback. Stored server-side only — never returned.

Example:

"AUTH_xyz123"

last4
string
required
Required string length: 4
Example:

"4081"

brand
string
required
Example:

"visa"

exp_month
string
required
Example:

"12"

exp_year
string
required
Example:

"2027"

signature
string
required

Paystack card signature — used for deduplication.

Example:

"SIG_abc456"

bank
string
Example:

"GTBank"

Response

Card saved

success
boolean
Example:

true

status
integer
Example:

201

data
object

A saved card. authorization_code is never included.