> ## Documentation Index > Fetch the complete documentation index at: https://www.cashfree.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Fetch cryptogram for a saved card instrument > Use this API To get the card network token, token expiry and cryptogram for a saved card instrument using instrument id ## OpenAPI ````yaml /openapi/payments/v2023-08-01.yaml get /customers/{customer_id}/instruments/{instrument_id}/cryptogram openapi: 3.0.0 info: version: '2023-08-01' title: Cashfree Payment Gateway APIs license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html contact: email: developers@cashfree.com name: API Support url: https://discord.com/invite/QdZkNSxXsB description: >- Cashfree's Payment Gateway APIs provide developers with a streamlined pathway to integrate advanced payment processing capabilities into their applications, platforms and websites. servers: - url: https://sandbox.cashfree.com/pg description: Sandbox server - url: https://api.cashfree.com/pg description: Production server security: [] tags: - name: Orders description: Collection of APIs to handle orders. - name: Payments description: Collection of APIs to handle payments. - name: Refunds description: Collection of APIs to handle refunds. - name: Settlements description: Collection of APIs to handle settlements. - name: Payment Links description: Collection of APIs to handle payment links. - name: Token Vault description: >- Collection of APIs to use Cashfree's token Vault. This helps you save cards and tokenize them in a PCI complaint manner. We support creation of network tokens which can be used across acquiring banks - name: softPOS description: Collection of APIs to manage softPOS' agent and order - name: Offers description: Collection of APIs to handle offers - name: Eligibility description: >- Collection of APIs to check eligibile entities - payment methods, offer, affordibility - name: Settlement Reconciliation description: Collection of APIs to handle settlements - name: PG Reconciliation description: Collection of APIs to handle reconciliation - name: Customers description: Collection of APIs to handle customers. - name: Easy-Split description: Collection of APIs to handle Easy-Split. - name: Simulation description: Collection of APIs to handle simulation. - name: Disputes description: Collection of APIs to handle disputes. externalDocs: url: https://api.cashfree.com/pg description: This url will have the information of all the APIs. paths: /customers/{customer_id}/instruments/{instrument_id}/cryptogram: get: tags: - Token Vault summary: Fetch cryptogram for a saved card instrument description: >- Use this API To get the card network token, token expiry and cryptogram for a saved card instrument using instrument id operationId: PGCustomerInstrumentsFetchCryptogram parameters: - $ref: '#/components/parameters/apiVersionHeader' - $ref: '#/components/parameters/xRequestIDHeader' - $ref: '#/components/parameters/customerIDParam' - $ref: '#/components/parameters/xIdempotencyKeyHeader' - in: path name: instrument_id required: true example: some-instrument-id description: >- The instrument_id of the saved card instrument which needs to be queried schema: type: string responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/CryptogramEntity' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' '400': $ref: '#/components/responses/Response400' '401': $ref: '#/components/responses/Response401' '404': $ref: '#/components/responses/Response404' '409': $ref: '#/components/responses/Response409' '422': $ref: '#/components/responses/Response422' '429': $ref: '#/components/responses/Response429' '500': $ref: '#/components/responses/Response500' '502': $ref: '#/components/responses/Response502' deprecated: false security: - XClientID: [] XClientSecret: [] - XClientID: [] XPartnerAPIKey: [] - XClientID: [] XClientSignatureHeader: [] - XPartnerMerchantID: [] XPartnerAPIKey: [] components: parameters: apiVersionHeader: in: header name: x-api-version required: true description: API version to be used. Format is in YYYY-MM-DD schema: type: string description: API version to be used default: '2023-08-01' example: '2023-08-01' xRequestIDHeader: in: header name: x-request-id description: >- Request id for the API call. Can be used to resolve tech issues. Communicate this in your tech related queries to cashfree required: false schema: type: string example: 4dfb9780-46fe-11ee-be56-0242ac120002 customerIDParam: name: customer_id in: path required: true description: Your Customer ID that you had sent during create order API `POST/orders` schema: type: string example: your-customer-id xIdempotencyKeyHeader: in: header name: x-idempotency-key required: false description: > An idempotency key is a unique identifier you include with your API call. If the request fails or times out, you can safely retry it using the same key to avoid duplicate actions. schema: type: string format: UUID example: 47bf8872-46fe-11ee-be56-0242ac120002 schemas: CryptogramEntity: title: CryptogramEntity description: Crytogram Card object example: instrument_id: 54deabb4-ba45-4a60-9e6a-9c016fe7ab10 token_requestor_id: '22457512314' card_number: '4491365621601472' card_expiry_mm: '06' card_expiry_yy: '2025' cryptogram: AQBBBBBBZatIlaIAmWKSghwBBBB= card_display: '1234' properties: instrument_id: type: string description: instrument_id of saved instrument token_requestor_id: type: string description: TRID issued by card networks card_number: type: string description: token pan number card_expiry_mm: type: string description: token pan expiry month card_expiry_yy: type: string description: token pan expiry year cryptogram: type: string description: cryptogram card_display: type: string description: last 4 digits of original card number BadRequestError: title: BadRequestError description: Invalid request received from client example: message: bad URL, please check API documentation code: request_failed type: invalid_request_error type: object properties: message: type: string code: type: string type: type: string enum: - invalid_request_error AuthenticationError: title: AuthenticationError description: Error if api keys are wrong example: message: authentication Failed code: request_failed type: authentication_error type: object properties: message: type: string code: type: string type: type: string description: authentication_error ApiError404: title: ApiError404 description: Error when resource requested is not found example: message: something is not found code: somethind_not_found type: invalid_request_error type: object properties: message: type: string code: type: string type: type: string enum: - invalid_request_error description: invalid_request_error ApiError409: title: ApiError409 description: duplicate request example: message: order with same id is already present code: order_already_exists type: invalid_request_error type: object properties: message: type: string code: type: string type: type: string enum: - invalid_request_error description: invalid_request_error IdempotencyError: title: IdempotencyError description: >- Error when idempotency fails. Different request body with the same idempotent key example: message: something is not found code: request_invalid type: idempotency_error type: object properties: message: type: string code: type: string type: type: string enum: - idempotency_error description: idempotency_error RateLimitError: title: RateLimitError description: Error when rate limit is breached for your api example: message: Too many requests from IP. Check headers code: request_failed type: rate_limit_error type: object properties: message: type: string code: type: string type: type: string enum: - rate_limit_error description: rate_limit_error ApiError: title: ApiError description: Error at cashfree's server example: message: internal Server Error code: internal_error type: api_error type: object properties: message: type: string code: type: string type: type: string enum: - api_error description: api_error ApiError502: title: ApiError502 description: Error when there is error at partner bank example: message: something is not found code: bank_processing_failure type: api_error type: object properties: message: type: string code: type: string description: > `bank_processing_failure` will be returned here to denote failure at bank. type: type: string enum: - api_error description: api_error headers: x-api-version: schema: type: string format: YYYY-MM-DD enum: - '2022-09-01' description: >- This header has the version of the API. The current version is `2022-09-01`. x-ratelimit-limit: schema: type: integer example: 200 description: Ratelimit set for your account for this API per minute x-ratelimit-remaining: schema: type: integer example: 2 description: >- Rate limit remaning for your account for this API in the next minute. Uses sliding window x-ratelimit-retry: schema: type: integer example: 4 description: | Contains number of seconds to wait if rate limit is breached - Is 0 if withing the limit - Is between 1 and 59 if breached x-ratelimit-type: schema: type: string enum: - app_id - ip example: ip description: > either ip or app_id - `ip` if making a call from the browser. True for api where you don't need `x-client-id` and `x-client-secret` - `app_id` for authenticated api calls i.e using `x-client-id` and `x-client-secret` x-request-id: schema: type: string example: some-req-id description: >- Request id for your api call. Is blank or null if no `x-request-id` is sent during the request x-idempotency-key: schema: type: string example: some-idem-id description: >- An idempotency key is a unique identifier you include with your API call. If the request fails or times out, you can safely retry it using the same key to avoid duplicate actions. x-idempotency-replayed: schema: type: string format: boolean example: 'true' description: |- In conjunction with `x-idempotency-key` this means - `true` if the response was replayed - `false` if the response has not been replayed responses: Response400: description: Bad request error content: application/json: schema: $ref: '#/components/schemas/BadRequestError' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' Response401: description: Authentication Error content: application/json: schema: $ref: '#/components/schemas/AuthenticationError' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' Response404: description: Resource Not found content: application/json: schema: $ref: '#/components/schemas/ApiError404' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' Response409: description: Resource already present content: application/json: schema: $ref: '#/components/schemas/ApiError409' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' Response422: description: Idempotency error content: application/json: schema: $ref: '#/components/schemas/IdempotencyError' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' Response429: description: Rate Limit Error content: application/json: schema: $ref: '#/components/schemas/RateLimitError' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' Response500: description: API related Error content: application/json: schema: $ref: '#/components/schemas/ApiError' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' Response502: description: Bank related Error content: application/json: schema: $ref: '#/components/schemas/ApiError502' headers: x-api-version: $ref: '#/components/headers/x-api-version' x-ratelimit-limit: $ref: '#/components/headers/x-ratelimit-limit' x-ratelimit-remaining: $ref: '#/components/headers/x-ratelimit-remaining' x-ratelimit-retry: $ref: '#/components/headers/x-ratelimit-retry' x-ratelimit-type: $ref: '#/components/headers/x-ratelimit-type' x-request-id: $ref: '#/components/headers/x-request-id' x-idempotency-key: $ref: '#/components/headers/x-idempotency-key' x-idempotency-replayed: $ref: '#/components/headers/x-idempotency-replayed' securitySchemes: XClientID: type: apiKey in: header name: x-client-id description: >- Client app ID. You can find your app id in the [Merchant Dashboard](https://merchant.cashfree.com/auth/login/pg/developers/api-keys?env=prod). XClientSecret: type: apiKey in: header name: x-client-secret description: >- Client secret key. You can find your secret key in the [Merchant Dashboard](https://merchant.cashfree.com/auth/login/pg/developers/api-keys?env=prod). XPartnerAPIKey: type: apiKey in: header name: x-partner-apikey description: >- If you are partner and you are making an api call on behalf of a merchant XClientSignatureHeader: type: apiKey in: header name: x-client-signature description: >- Use this if you do not want to pass the secret key and instead want to use signature XPartnerMerchantID: type: apiKey in: header name: x-partner-merchantid description: >- If you are partner use this to specify the merchant id if you don't have the merchant client app id ````