Take the card_token out of the url when creating a new payment authorization using a tokenized payment card.

bambora / api.bambora.com

Bambora API designs

1 stars 8 forks source link

Take the card_token out of the url when creating a new payment authorization using a tokenized payment card. #6

Closed svnv closed 8 years ago

svnv commented 8 years ago

I was looking at the api with my colleague @frodeaa and he pointed out that it might not be a good idea to have the card_token as a GET variable, since urls for requests are commonly logged, and then we end up with card_tokens that can be used for payments in our (or our customers) logs.

ChristerWendel commented 8 years ago

But the token isn't a query parameter?

svnv commented 8 years ago

Yes, you are correct. I guess we can just close this issue.