> ## Documentation Index
> Fetch the complete documentation index at: https://developer.hellgate.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Get wallet tokens

> List all wallet tokens.



## OpenAPI

````yaml /products/guardian/openapi.yaml get /api/wallet
openapi: 3.1.0
info:
  title: Guardian API
  version: '1.0'
  contact:
    name: Starfish GmbH & Co. KG
    email: hello@starfish.team
    url: https://hellgate.io/cpa/guardian
  license:
    name: Hellgate API Terms
    url: https://hellgate.io/terms-and-conditions
servers:
  - url: https://{cluster_id}.on-hellgate.cloud
    description: Guardian service instance
    variables:
      cluster_id:
        default: my-cluster-id
        description: |
          Guardian is a service of the Hellgate Cloud Platform.
          The unique cluster-id is used to connect to your instance.
security: []
tags:
  - name: pci
    description: Management of card payment credentials under the ruling of PCI DSS.
  - name: network
    description: Management of network tokens and cryptograms for secure transactions.
  - name: generic
    description: Management of generic tokens and their schemas for various use cases.
  - name: metadata
    description: Inquiries for card metadata based on PAN, PCI tokens, or network tokens.
  - name: wallet
    description: >-
      Management of wallet tokens ingested from device wallets such as Google
      Pay.
  - name: apikey
    description: Management of API keys for service access.
  - name: webhook
    description: Management of webhooks for event notifications.
  - name: types
    description: Management of types for generic token schemas.
paths:
  /api/wallet:
    get:
      tags:
        - wallet
      summary: Get wallet tokens
      description: List all wallet tokens.
      operationId: wallet_token_list
      parameters:
        - name: limit
          in: query
          description: >
            The limit parameter defines the maximum number of rows returned in a
            single call and enables consecutive pagination using the `next` link
            provided in the response payload.
          required: false
          schema:
            type: integer
            default: 20
            minimum: 1
            maximum: 100
      responses:
        '200':
          description: Success response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/wallet_token_list'
        '401':
          $ref: '#/components/responses/401_UnauthorizedError'
        '403':
          $ref: '#/components/responses/403_ForbiddenError'
      security:
        - APIKey: []
        - AdminToken: []
components:
  schemas:
    wallet_token_list:
      type: object
      properties:
        data:
          type: array
          items:
            $ref: '#/components/schemas/wallet_token'
        links:
          type: object
          properties:
            next:
              type: string
              description: The URL to the next page of results, if available.
              format: uri
          required:
            - next
      required:
        - data
        - links
      example:
        data:
          - id: 0d5c1774-5f3f-4a2f-9c86-1f30a0ea9be2
            kind: google_pay_pan_only
            ingestion_path: google_pay
            scheme: visa
            auth_method: PAN_ONLY
            requires_3ds: true
            card:
              scheme: visa
              last4: '4242'
              expiry_month: 12
              expiry_year: 2028
            created_at: '2026-06-29T12:00:00Z'
        links:
          next: >-
            https://my-cluster-id.on-hellgate.cloud/api/wallet?after=0d5c1774-5f3f-4a2f-9c86-1f30a0ea9be2&limit=20
    wallet_token:
      title: Wallet Token
      type: object
      properties:
        id:
          type: string
          format: uuid
        kind:
          type: string
          description: >-
            The specific credential kind, e.g. `google_pay_pan_only` or
            `google_pay_cryptogram_3ds`.
          example: google_pay_pan_only
        ingestion_path:
          type: string
          description: The wallet the token was ingested from.
          example: google_pay
        scheme:
          type: string
          enum:
            - visa
            - mastercard
            - american express
            - discover
            - diners club
            - jcb
            - unionpay
        auth_method:
          type: string
          enum:
            - PAN_ONLY
            - CRYPTOGRAM_3DS
          description: >
            The authentication method of the Google Pay credential. Determines
            which placeholders are available when
            [forwarding](/products/guardian/api-reference/wallet/forward-wallet-token)
            and whether the token can be
            [promoted](/products/guardian/tokens/wallet-tokens/google-pay#promotion).
        requires_3ds:
          type: boolean
          description: >-
            Whether the payment still requires 3-D Secure authentication on your
            side.
        promoted_to:
          type: string
          format: uuid
          description: >
            The ID of the network token this wallet token was promoted to.
            `null` until the token is promoted.
        card:
          $ref: '#/components/schemas/wallet_card'
        created_at:
          type: string
          format: date-time
        deleted_at:
          type: string
          format: date-time
          description: Set when the token has been deleted and its card data scrubbed.
      required:
        - id
        - kind
        - ingestion_path
        - scheme
        - card
        - created_at
      example:
        id: 0d5c1774-5f3f-4a2f-9c86-1f30a0ea9be2
        kind: google_pay_pan_only
        ingestion_path: google_pay
        scheme: visa
        auth_method: PAN_ONLY
        requires_3ds: true
        promoted_to: null
        card:
          scheme: visa
          last4: '4242'
          expiry_month: 12
          expiry_year: 2028
        created_at: '2026-06-29T12:00:00Z'
        deleted_at: null
    ErrorGeneric:
      type: object
      properties:
        code:
          $ref: '#/components/schemas/ErrorStatusCode'
        classifier:
          $ref: '#/components/schemas/ErrorClassifier'
        message:
          $ref: '#/components/schemas/ErrorMessage'
    wallet_card:
      type: object
      properties:
        scheme:
          type: string
          example: visa
        last4:
          type: string
          example: '4242'
        expiry_month:
          type: integer
          example: 12
        expiry_year:
          type: integer
          example: 2028
      required:
        - scheme
        - last4
        - expiry_month
        - expiry_year
    ErrorStatusCode:
      type: integer
      description: The corresponding HTTP status code for the error
    ErrorClassifier:
      type: string
      description: Technical code that helps to identify the error
    ErrorMessage:
      type: string
      description: Human readable representation of the error
  responses:
    401_UnauthorizedError:
      description: Unauthorized
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorGeneric'
          example:
            code: 401
            message: No valid means of authentication was provided
            classifier: UNAUTHORIZED
    403_ForbiddenError:
      description: Forbidden
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorGeneric'
          example:
            code: 403
            message: Not allowed to access this resource or feature
            classifier: FORBIDDEN
  securitySchemes:
    APIKey:
      type: apiKey
      name: x-api-key
      in: header
    AdminToken:
      type: apiKey
      name: x-admin-token
      in: header

````