This endpoint generates a one-time access token for a specific card. The access token is required by the Interlace iframe component to securely retrieve and display sensitive card information (such as card number, expiration date, and CVV).

The token is valid for 5 minutes.

The token is single-use only — once consumed, it cannot be reused.

For clients without PCI DSS Level 1 certification, sensitive card data is never exposed directly through this API response; decryption and rendering are handled exclusively by the iframe component.

For clients with PCI DSS Level 1 certification, alternative integration options may be available subject to compliance approval.