> ## Documentation Index > Fetch the complete documentation index at: https://developer.hellgate.io/llms.txt > Use this file to discover all available pages before exploring further. # Get payment-data > List all payment-data bundles created for this Commerce Token. Gated Feature ## OpenAPI ````yaml /products/commerce/v2/openapi.yaml get /tokens/{id}/payment-data openapi: 3.1.0 info: title: Commerce API version: '2.0' description: > The Commerce V2 API provides a comprehensive payment orchestration platform designed to streamline and optimize payment processing for modern businesses. Built with flexibility and security at its core, our API enables you to process payments, manage authentications, and handle cardholder data across multiple payment processors without vendor lock-in. contact: name: Starfish GmbH & Co. KG email: hello@starfish.team url: https://hellgate.io/cpa/commerce license: name: Commerce API Terms url: https://hellgate.io/terms-and-conditions servers: - url: https://sandbox.hellgate.io description: Commerce SaaS Sandbox - url: https://api.hellgate.io description: Commerce SaaS Production security: [] tags: - name: payments_ci description: >- Handle payment processing where the customer is actively present and authorizing the transaction. - name: payments_mi description: >- Process transactions without direct customer interaction at the time of payment. - name: payments_modifications description: >- Modify existing payment transactions after initial authorization (capture, void, refund). - name: payments_data description: >- Access comprehensive payment transaction data for reporting, reconciliation, and analysis. - name: refunds_data description: Access detailed refund transaction data for tracking and reconciliation. - name: authentications_ci description: >- Process EMVCo 3-D Secure authentication requests as standalone transactions (one-off, recurring, installment). - name: authentications_mi description: >- Process requestor-initiated EMVCo 3-D Secure authentication requests (3RI) as standalone transactions. - name: authentications_data description: Access the results of prior authentications for reference. - name: credentials_management description: >- Manage stored payment credentials for repeat customers across all operating models. - name: tokens_create description: >- Create and import Commerce tokens to securely store cardholder data while maintaining PCI DSS compliance. - name: tokens_management description: Manage stored Commerce tokens including CVC2 security code management. - name: compliance_service description: >- Safely handle sensitive cardholder data while maintaining PCI DSS compliance via a secure proxy service. - name: network_tokens description: >- Manage network tokens with major card schemes with automatic lifecycle management. - name: merchants description: >- Configure and manage merchant accounts based on your chosen operating model. - name: reconciliation description: Reconcile imported token data. - name: processor_backup description: >- Migrate payment tokens from third-party processors (currently supports stripe.com). paths: /tokens/{id}/payment-data: get: tags: - network_tokens summary: Get payment-data description: | List all payment-data bundles created for this Commerce Token. operationId: list_payment_data parameters: - in: path name: id description: The ID of the Commerce token schema: type: string format: uuid required: true - in: query name: limit description: > The desired amount of records per page. The parameter defaults to 50 if it is omitted and has a maximum of 500. schema: type: integer minimum: 1 maximum: 500 required: false - in: query name: page description: The desired number of the page to return. schema: type: integer minimum: 1 required: false - in: query name: sort description: > It allows sorting the result by created_at. e.g `sort=created_at+asc` or `sort=created_at+desc` schema: type: string required: false responses: '200': description: Success response content: application/json: schema: $ref: '#/components/schemas/PaymentDataList' '401': $ref: '#/components/responses/401_UnauthorizedError' '403': $ref: '#/components/responses/403_ForbiddenError' '404': $ref: '#/components/responses/404_NotFoundError' security: - APIKeyAuth: [] components: schemas: PaymentDataList: type: object properties: data: type: array items: $ref: '#/components/schemas/PaymentData' pagination: $ref: '#/components/schemas/Pagination' PaymentData: type: object properties: id: type: string format: uuid description: The id of the requested payment data amount: $ref: '#/components/schemas/Amount' currency_code: $ref: '#/components/schemas/CurrencyCode' created_at: type: string format: date-time description: The date-time the payment-data was created (following ISO 8601) encrypted_authentication_data: $ref: '#/components/schemas/EncryptedAuthenticationData' failure_details: type: array description: > The reasons why the processing failed. There are two categories of errors that can happen in this context (the `source` field indicates the category): 1. Scheme errors: errors that are returned by the scheme. 2. Configuration errors: errors that are caused by the configuration with respect to the scheme. items: type: object properties: classifier: type: string scheme_code: type: string description: > Sometimes schemes provide a code that describe a reason why a request failed. message: type: string source: type: string enum: - scheme - configuration merchant_id: type: string description: The ID of the merchant for whom the authentication is requested format: uuid reference: type: string description: Reference in calling system success: type: boolean description: > The result of the processing of the request. If true, the processing was successfully completed. In case it is false, the processing failed and the `failure_details` field contains more information about the failure. token_id: type: string format: uuid description: The ID of the token on Commerce required: - id - amount - currency_code - merchant_id - reference - success - token_id Pagination: type: object description: > The meta-data describing lists of data from the Commerce API. The pages are indexed from 1 up to the total_pages. properties: current_page: type: integer description: The index of the current page page_size: type: integer description: > The maximum number of items on a page (relates to the limit query parameter) total_items: type: integer description: The total quantity of items regardless of the pages total_pages: type: integer description: The total amount of pages the data is segmented into example: current_page: 1 page_size: 1 total_items: 1 total_pages: 1 ErrorGeneric: type: object properties: code: $ref: '#/components/schemas/ErrorStatusCode' classifier: $ref: '#/components/schemas/ErrorClassifier' message: $ref: '#/components/schemas/ErrorMessage' Amount: type: integer minimum: 0 description: > The amount given in minor units (e.g. use 700 for 7€). Some currencies do not support minor units (e.g. Japanese Yen). In this case send in the full value, .i.e. 100 for 100 JPY. CurrencyCode: type: string description: | The three letter currency code. See: [ISO-4217](https://en.wikipedia.org/wiki/ISO_4217#Active_codes) EncryptedAuthenticationData: type: string description: > JWE encrypted JSON string containing authentication data. Encrypted in a symmetric way with the shared encryption key using "alg"=A256GCMKW and "enc"="A256GCM". For decryption make sure the shared secret is hashed with a sha256 digest. The decrypted JSON has the following format: ```json { network_token: { token: "token_value", expiry_year: 2023, expiry_month: 12 }, cryptogram: "cryptogram_value", eci: "eci_value" } ``` - The field `network_token` contains the value of the token, the year of expiry and the month of expiry of the token and is always included. - The field `cryptogram` contains the value of the cryptogram and is always included. - The field `eci` can instead have a value if there was an Electronic Commerce Indicator assigned, or it can be `null` if no information was provided. ErrorStatusCode: type: integer description: The corresponding HTTP status code for the error ErrorClassifier: type: string description: Technical code that helps to identify the error ErrorMessage: type: string description: Human readable representation of the error responses: 401_UnauthorizedError: description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 401 message: No valid means of authentication was provided classifier: UNAUTHORIZED 403_ForbiddenError: description: Forbidden content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 403 message: Not allowed to access this resource or feature classifier: FORBIDDEN 404_NotFoundError: description: Not found content: application/json: schema: $ref: '#/components/schemas/ErrorGeneric' example: code: 404 message: The requested resource was not found. classifier: NOT_FOUND securitySchemes: APIKeyAuth: type: apiKey name: X-API-Key in: header ````