> ## Documentation Index > Fetch the complete documentation index at: https://developer.hellgate.io/llms.txt > Use this file to discover all available pages before exploring further. # Get credentials > Get a list of credentials on file which belong to this account. The results are grouped into pages. The caller can specify how many customers per page shall be listed (maximum is 500). ## OpenAPI ````yaml /products/commerce/v2/openapi.yaml get /credentials openapi: 3.1.0 info: title: Commerce API version: '2.0' description: > The Commerce V2 API provides a comprehensive payment orchestration platform designed to streamline and optimize payment processing for modern businesses. Built with flexibility and security at its core, our API enables you to process payments, manage authentications, and handle cardholder data across multiple payment processors without vendor lock-in. contact: name: Starfish GmbH & Co. KG email: hello@starfish.team url: https://hellgate.io/cpa/commerce license: name: Commerce API Terms url: https://hellgate.io/terms-and-conditions servers: - url: https://sandbox.hellgate.io description: Commerce SaaS Sandbox - url: https://api.hellgate.io description: Commerce SaaS Production security: [] tags: - name: payments_ci description: >- Handle payment processing where the customer is actively present and authorizing the transaction. - name: payments_mi description: >- Process transactions without direct customer interaction at the time of payment. - name: payments_modifications description: >- Modify existing payment transactions after initial authorization (capture, void, refund). - name: payments_data description: >- Access comprehensive payment transaction data for reporting, reconciliation, and analysis. - name: refunds_data description: Access detailed refund transaction data for tracking and reconciliation. - name: authentications_ci description: >- Process EMVCo 3-D Secure authentication requests as standalone transactions (one-off, recurring, installment). - name: authentications_mi description: >- Process requestor-initiated EMVCo 3-D Secure authentication requests (3RI) as standalone transactions. - name: authentications_data description: Access the results of prior authentications for reference. - name: credentials_management description: >- Manage stored payment credentials for repeat customers across all operating models. - name: tokens_create description: >- Create and import Commerce tokens to securely store cardholder data while maintaining PCI DSS compliance. - name: tokens_management description: Manage stored Commerce tokens including CVC2 security code management. - name: compliance_service description: >- Safely handle sensitive cardholder data while maintaining PCI DSS compliance via a secure proxy service. - name: network_tokens description: >- Manage network tokens with major card schemes with automatic lifecycle management. - name: merchants description: >- Configure and manage merchant accounts based on your chosen operating model. - name: reconciliation description: Reconcile imported token data. - name: processor_backup description: >- Migrate payment tokens from third-party processors (currently supports stripe.com). paths: /credentials: get: tags: - credentials_management summary: Get credentials description: | Get a list of credentials on file which belong to this account. The results are grouped into pages. The caller can specify how many customers per page shall be listed (maximum is 500). operationId: list_credentials parameters: - in: query name: limit description: The desired amount of records per page. schema: type: integer minimum: 1 default: 50 maximum: 500 required: false - in: query name: page description: The desired number of the page to return. schema: type: integer minimum: 1 required: false responses: '200': description: Success response content: application/json: schema: $ref: '#/components/schemas/CredentialList' '401': $ref: '#/components/responses/401_UnauthorizedError' '403': $ref: '#/components/responses/403_ForbiddenError' security: - APIKeyAuth: [] components: schemas: CredentialList: type: object properties: data: type: array items: $ref: '#/components/schemas/Credential' pagination: $ref: '#/components/schemas/Pagination' Credential: description: The underlying payment-method type of this stored credential. discriminator: propertyName: type mapping: card: $ref: '#/components/schemas/CredentialCard' oneOf: - $ref: '#/components/schemas/CredentialCard' Pagination: type: object description: > The meta-data describing lists of data from the Commerce API. The pages are indexed from 1 up to the total_pages. properties: current_page: type: integer description: The index of the current page page_size: type: integer description: > The maximum number of items on a page (relates to the limit query parameter) total_items: type: integer description: The total quantity of items regardless of the pages total_pages: type: integer description: The total amount of pages the data is segmented into example: current_page: 1 page_size: 1 total_items: 1 total_pages: 1 ErrorGeneric: type: object properties: code: $ref: '#/components/schemas/ErrorStatusCode' classifier: $ref: '#/components/schemas/ErrorClassifier' message: $ref: '#/components/schemas/ErrorMessage' CredentialCard: type: object properties: type: type: string description: The type of the credential id: type: string description: The ID of the credential on file format: uuid created_at: type: string description: The date-time the credential was created (following ISO 8601) format: date-time cardholder_name: type: string description: The name of the owner of the card expiry_month: type: integer description: The number of month in a year (e.g. April is 4) expiry_year: type: integer description: The year given as four digit number (e.g. 2023) issuer: type: object properties: account: type: object properties: funding: type: string enum: - credit - debit - prepaid - charge - deferred debit country_code: $ref: '#/components/schemas/CountryCode_3166_2' currency: $ref: '#/components/schemas/CurrencyCode' identification_number: type: string description: The issuer idenfication number (IIN) - also know as BIN name: type: string description: The name of the bank scheme: type: string description: The scheme in which the card was issued segment: type: string enum: - consumer - business - commercial - other masked_account_number: type: string description: > The full lenght of the card number, but masked to conform to PCI DSS requirments required: - id - type - created_at - cardholder_name - expiry_month - expiry_year - masked_account_number ErrorStatusCode: type: integer description: The corresponding HTTP status code for the error ErrorClassifier: type: string description: Technical code that helps to identify the error ErrorMessage: type: string description: Human readable representation of the error CountryCode_3166_2: type: string description: The ISO 3166 two letter country code CurrencyCode: type: string description: | The three letter currency code. See: [ISO-4217](https://en.wikipedia.org/wiki/ISO_4217#Active_codes) responses: 401_UnauthorizedError: description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 401 message: No valid means of authentication was provided classifier: UNAUTHORIZED 403_ForbiddenError: description: Forbidden content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 403 message: Not allowed to access this resource or feature classifier: FORBIDDEN securitySchemes: APIKeyAuth: type: apiKey name: X-API-Key in: header ````