> ## Documentation Index
> Fetch the complete documentation index at: https://developer.hellgate.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> Accept device wallet payments and manage the resulting wallet tokens

Wallet tokens let you accept payments from device wallets without the decrypted card data ever touching your systems. You pass the encrypted payload from the wallet to Guardian, and Guardian verifies, decrypts, and stores the credential server-side. From there you can [forward](#forwarding-wallet-tokens) it to your PSP or acquirer.

## Supported Wallets

Each wallet has its own tokenization endpoint and payload format. Once a payload is tokenized, every wallet token can be [forwarded](#forwarding-wallet-tokens) and [deleted](#deleting-wallet-tokens) through the same operations described here. Google Pay tokens can additionally be [promoted to a network token](/products/guardian/tokens/wallet-tokens/google-pay#promotion).

| Wallet     | Guide                                                            |
| ---------- | ---------------------------------------------------------------- |
| Google Pay | [Google Pay](/products/guardian/tokens/wallet-tokens/google-pay) |

## Forwarding Wallet Tokens

To use a wallet token in a payment, send your outbound request to the PSP or acquirer through [Forward wallet token](/products/guardian/api-reference/wallet/forward-wallet-token). This works like [PCI token forwarding](/products/guardian/tokens/pci-tokens#injection-of-sensitive-data): Guardian forwards your request to the third party named in the `x-destination-url` header and injects the sensitive card data on the fly.

Define where to inject each value using placeholders. Injected values are strings by default; append `| unwrap` to emit a value as its native type, for example `{{ expiry_month | unwrap }}`.

Which placeholders a token carries — and whether it can be forwarded more than once — depends on the credential type, which varies by wallet. See your wallet's guide for the exact placeholders and forwarding rules:

* [Google Pay](/products/guardian/tokens/wallet-tokens/google-pay#forwarding)

## Deleting Wallet Tokens

[Deleting a wallet token](/products/guardian/api-reference/wallet/delete-a-wallet-token) scrubs its stored card data immediately; the token record is kept with `deleted_at` set. A deleted token can no longer be forwarded or promoted. Tokens already promoted keep their network token and PCI token alive — the lifecycles are independent, as with every token pair on Guardian.
