Charge with a Token
Once you have an active token — from saving a payment method during a payment or from the default /tokens flow — you can use it to charge the customer again without them re-authenticating.
Create a payment with a token
Only active tokens can be used for payments. If the token is initiated or inactive, the payment will be rejected.
Endpoint: POST /v1/payments
{
"amount": 10000,
"currency": "SAR",
"callback_url": "https://merchant.example/return",
"source": {
"type": "token",
"token": "token_qbmmXzo97AESrZLS6KpWvof6uK2hAKcQGfEcKg"
}
}
curl -X POST https://api.moyasar.com/v1/payments \
-u pk_test_YOUR_PUBLISHABLE_KEY: \
-H "Content-Type: application/json" \
-d '{
"amount": 10000,
"currency": "SAR",
"callback_url": "https://merchant.example/return",
"source": {
"type": "token",
"token": "token_qbmmXzo97AESrZLS6KpWvof6uK2hAKcQGfEcKg"
}
}'
By default, 3DS is not triggered for token payments — the payment method was already verified when the token was created or saved. Tokens created via the save-only flow always trigger 3DS. To explicitly trigger 3DS on other tokens, add "3ds": true inside source.
Source parameters
| Field | Required | Description |
|---|---|---|
type | Yes | Must be "token" |
token | Yes | The token ID (e.g. token_...) |
cvc | No | Card verification code. Some issuers require it for recurring charges |
3ds | No | Set to true to force a 3DS challenge. Defaults to false |
manual | No | Set to true to place the payment in manual capture mode. Defaults to false |
Show the saved payment method to your customer
Fetch the token to display the payment method details — useful for letting customers confirm what they're being charged with.
curl https://api.moyasar.com/v1/tokens/token_qbmmXzo97AESrZLS6KpWvof6uK2hAKcQGfEcKg \
-u sk_test_YOUR_SECRET_KEY:
{
"id": "token_qbmmXzo97AESrZLS6KpWvof6uK2hAKcQGfEcKg",
"status": "active",
"brand": "visa",
"funding": "credit",
"country": "SA",
"month": "12",
"year": "2030",
"name": "John Doe",
"last_four": "1111",
"metadata": null,
"created_at": "2024-01-15T10:00:00.000Z",
"updated_at": "2024-01-15T10:00:00.000Z"
}
Delete a token
When a customer removes a saved payment method, delete the token so it can no longer be charged.
curl -X DELETE https://api.moyasar.com/v1/tokens/token_qbmmXzo97AESrZLS6KpWvof6uK2hAKcQGfEcKg \
-u sk_test_YOUR_SECRET_KEY:
A successful deletion returns an empty 204 No Content response. Tokens are also automatically invalidated when the underlying payment method expires.