The PCaaSA Processor API allows issuers and fintechs to issue cards, retrieve transaction data, and more via JSON-based REST APIs.

Authentication is performed via API keys issued by PCaaSA to each fintech, which are passed as part of the JSON body along with key inputs identifying the API call being performed. All UUIDs in the PCaaSA system are using the 36-character V4 format. For example:

{
  "app": "customer-account",
  "object": "account",
  "action": "create",
  "version": 1,
  "sessionUuid": "8159FF71-A541-4357-AB53-03A67073DE9A",
  "externalTranUuid": "E2D296B5-0CBE-4350-BEEC-F7E055588B27",
  ...
}

Breaking down the example above, the "app", "object", "action", and "version" keys will identify the API call being performed. The "sessionUuid" should be populated with the API key provided by the PCaaSA team, and an "externalTranUuid" may be passed in to allow for tracing of specific requests through the system.