Link a debit card to Sila entities using a Checkout card token.

This endpoint requires a Checkout card token, which you will obtain from Checkout via an iFrame in your app. Your app will then pass that card token to this endpoint.


There are two valid card numbers to use for testing:

  • Debit passing: 4659105569051157 - a DEBIT card whose payment requests will always be APPROVED.
  • Debit rejected: 4095254802642505 - a DEBIT card whose payment requests will always be REJECTED.

Card tokens for testing

For testing in Sandbox, use the /create_test_cko_token endpoint to generate a CKO token to input into the /link_card request.


Authorization / Authentication

Apps using Access Token Authorization

Use a valid access token in an Authorization: Bearer request header.

See Authenticating with an Access Token for more details.

Apps using ECDSA Authentication

Both authsignature and usersignature headers are required for this request. The usersignature header should be generated with a keypair registered to the user (either registered from the /register endpoint or the /register_wallet endpoint).

See the section on ECDSA Authentication for more detail about ECDSA signature generation.

POST /0.2/link_card HTTP/1.1
Host: sandbox.silamoney.com
// if using Auth Token
Authorization: Bearer [GENERATED JWT TOKEN HERE]
// if using ECDSA
Content-Type: application/json

  "header": {
    "created": 1234567890, 
    "app_handle": "handle.silamoney.eth", 
    "reference": "<your unique id>"
  "card_name": "card nickname",
  "token": "provider_token",
  "provider": "cko",
  "skip_verification": false


HTTP/1.1  200
    "success": true,
    "message": "Card was successfully linked.",
    "reference": "<your unique id>",
    "card_details": {
        "card_name": "Card Name",
        "card_last_4": 1157,
        "expiration": "202512",
        "card_type": "Debit",
        "card_network": "Visa",
        "pull_enabled": true,
        "push_enabled": null,
        "push_availability": null,
        "active": true,
        "country": "GB",
        "currency": "USD",
        "card_id": "c56455ac-4612-4d8c-a79c-14b804e4430d"
    "status": "SUCCESS",
    "response_time_ms": "1007"
var cardObject = {
    "card_name":"your card name",
    "token":"token here",
    "provider": "provider",
    "skip_verification": false
const res = await Sila.linkCard(userHandle, userPrivateKey, cardObject);

// Success Response Object
console.log(res.statusCode); // 200
console.log(res.data.card_name); // Your card name
payload = {
            "user_handle": "user.silamoney.eth",
            "card_name": "Your Card",
            "account_postal_code": "12345",
            "token": "token here",
  					"skip_verification" : False

response = User.link_card(silaApp, payload, eth_private_key)

### Success Response Object
    'success': True,
    'message': 'Card was successfully linked.',
    'card_name': 'visa',
    'avs': 'Confirmed',
    'status': 'SUCCESS',
    'status_code': 200

### Failure Response Object
    status: 'FAILURE'
String token ="token here";
String cardName ="card name";
String accountPostalCode ="1234";
String provider ="evolve"; // Optional
ApiResponse response = api.linkCard(userHandle, userPrivateKey, token,cardName,accountPostalCode,provider);

// Success Response
System.out.println(response.getStatusCode()); // 200
LinkCardResponse parsedResponse = (LinkCardResponse) response.getData();
System.out.println(parsedResponse.getStatus()); // SUCCESS
System.out.println(parsedResponse.getSuccess()); // true
System.out.println(parsedResponse.getReference()); // Reference number
System.out.println(parsedResponse.getMessage()); // Card was successfully linked.
System.out.println(parsedResponse.getCardName()); // Your card name
System.out.println(parsedResponse.getAvs()); // Confirmed

parsedResponse.getCardDetails(); // Card details

System.out.print(parsedResponse.getCardDetails().getActive()); // true
System.out.print(parsedResponse.getCardDetails().getCardId()); // cf3950a1-d945-4c6d-9dc1-5c9c36365ce5
System.out.print(parsedResponse.getCardDetails().getCardName()); // Your card name
System.out.print(parsedResponse.getCardDetails().getCardType()); // Debit
System.out.print(parsedResponse.getCardDetails().getCountry()); // US
System.out.print(parsedResponse.getCardDetails().getCurrency()); // USD
System.out.print(parsedResponse.getCardDetails().getCardLast4()); // 1234
System.out.print(parsedResponse.getCardDetails().getExpiration()); // 202209
System.out.print(parsedResponse.getCardDetails().getPullEnabled()); // true
System.out.print(parsedResponse.getCardDetails().getPushEnabled()); // true
System.out.print(parsedResponse.getCardDetails().getPushAvailability()); // Immediate
$client = new \GuzzleHttp\Client();

$tokenResponse = $client->request('POST', 'https://sso.sandbox.tabapay.com:8443/v2/SSOEncrypt', [
    'headers' => [
        'follow_redirects' => TRUE,
        'Content-Type' => 'application/tabapay-compact'
    'body' => 'cBm0RU8eASGfSxLYJjsG73Q	n9010111999999992	e202201	s4561',

$token = $tokenResponse->getBody()->getContents();
$tokenArr = explode("	", $token);


$userHandle = 'user.silamoney.eth';
$userPrivateKey = 'some private key'; // The private key used to register the specified user
$cardName = 'visa';
$token = $tokenArr[1];
$accountPostalCode = '32514'; // Recommended but not required. See note above.

$response = $client->linkCard($userHandle, $userPrivateKey, $cardName, $token, $accountPostalCode);

echo $response->getStatusCode();
echo $response->getData()->getStatus();
echo $response->getData()->getSuccess();
echo $response->getData()->getMessage();
echo $response->getData()->getAvs();
ApiResponse<object> response = api.LinkCard(userHandle, token, userPrivateKey, accountPostalCode, cardName);
// cardName  is optional  

// Success Response Object
Console.WriteLine(response.StatusCode); // 200
Console.WriteLine(((LinkCardResponse)response.Data).Reference); // Random reference number
Console.WriteLine(((LinkCardResponse)response.Data).Success); // true
Console.WriteLine(((LinkCardResponse)response.Data).CardName); // Card Name
Console.WriteLine(((LinkCardResponse)response.Data).AVS); // Confirmed
Console.WriteLine(((LinkCardResponse)response.Data).Message); // Card was successfully linked.
Console.WriteLine(((LinkCardResponse)response.Data).Status); // SUCCESS

Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.Active); // cf3950a1-d945-4c6d-9dc1-5c9c36365ce5
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.CardId); // 1234
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.CardName); // Your Card            
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.CardType); // Debit
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.Country); // US
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.Currency); // USD
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.Expiration); // 202209
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.Last4); // 1234
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.PullEnabled); // true
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.PushAvailability); // Immediate
Console.WriteLine(((LinkCardResponse)response.Data).CardDetail.PushEnabled); // true
headerJSON ObjectRequired. Requires these keys in JSON format: created, app_handle, user_handle. See the /check_handle endpoint for the complete list of fields in this object.

Example: Custom Card Name
NOTE - We highly recommend specifying a custom name here as this is how a card is identified for /issue_sila, /redeem_sila, and /get_transactions.
tokenStringRequired. In Production, pass the card token obtained from Checkout, and in SANDBOX/testing, the card token returned from the /create_cko_testing_token endpoint.
providerStringRequired. Must be one of the following: "EVOLVE", "evolve", "cko", "CKO"
skip_verificationBooleanOptional. Skip the card verification process when linking a card. May allow linking a card which will be able to submit an approved payment request. Default: true


Status Codesuccess AttributeDescription