npm - cybersource-rest-client - Versions diffs - 0.0.76 → 0.0.78 - Mend

cybersource-rest-client 0.0.76 → 0.0.78

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (790) hide show

package/MLE.md CHANGED Viewed

@@ -11,6 +11,17 @@ MLE supports both **Request Encryption** (encrypting outgoing request payloads)
 - **Request MLE**: Only supported with `JWT (JSON Web Token)` authentication type
 - **Response MLE**: Only supported with `JWT (JSON Web Token)` authentication type
+### MLE with JWT Key Types
+MLE works with both JWT key types:
+| JWT Key Type | MLE Support | Request MLE Certificate Source |
+|---|---|---|
+| `P12` (default) | Supported | Auto-extracted from the P12 file (using `requestMleKeyAlias`), or from a separate file via `mleForRequestPublicCertPath` |
+| `SHARED_SECRET` | Supported | **Must** be provided via `mleForRequestPublicCertPath` (since there is no P12 file to extract from) |
+> **Important:** When using `jwtKeyType=SHARED_SECRET` with MLE, the `mleForRequestPublicCertPath` property is **required** for request MLE. The SDK cannot auto-extract the MLE certificate from a P12 file because shared secret authentication does not use one. The request MLE public certificate can be downloaded from the CyberSource Business Center ([Test](https://businesscentertest.cybersource.com/ebc2) | [Production](https://businesscenter.cybersource.com/ebc2)).
 <br/>
 ## Configuration
@@ -292,6 +303,58 @@ var merchantConfig = {
 };
 ```
+### (ix) Request MLE with Shared Secret (JWT Symmetric Key) Authentication
+```javascript
+// MLE with JWT SHARED_SECRET authentication — requires mleForRequestPublicCertPath
+var merchantConfig = {
+  // JWT authentication with SHARED_SECRET key type
+  authenticationType: 'jwt',
+  jwtKeyType: 'SHARED_SECRET',
+  merchantID: 'your_merchant_id',
+  runEnvironment: 'apitest.cybersource.com',
+  merchantKeyId: 'your_key_id',
+  merchantsecretKey: 'your_base64_encoded_shared_secret',
+  // Request MLE settings
+  enableRequestMLEForOptionalApisGlobally: true,
+  // mleForRequestPublicCertPath is REQUIRED for SHARED_SECRET since there is no P12 file
+  mleForRequestPublicCertPath: '/path/to/mle/public/cert.pem',
+  requestMleKeyAlias: 'CyberSource_SJC_US'  // Optional, defaults to CyberSource_SJC_US
+};
+```
+> **Note:** When using `jwtKeyType=SHARED_SECRET`, the MLE certificate cannot be auto-extracted from a P12 file. You **must** provide the certificate via `mleForRequestPublicCertPath`. The request MLE public certificate can be downloaded from the CyberSource Business Center ([Test](https://businesscentertest.cybersource.com/ebc2) | [Production](https://businesscenter.cybersource.com/ebc2)).
+### (x) Response MLE with MetaKey
+When using MetaKey (`useMetaKey: true`) with Response MLE, the response MLE private key and KID must belong to the **portfolio (parent account)**, not the transacting merchant.
+```javascript
+// MetaKey + Response MLE — portfolio's response MLE key is required
+var merchantConfig = {
+  // JWT authentication with MetaKey
+  authenticationType: 'jwt',
+  jwtKeyType: 'SHARED_SECRET',
+  merchantID: 'your_transacting_merchant_id',
+  merchantKeyId: 'your_metakey_portfolio_KeyId',
+  merchantsecretKey: 'your_metakey_portfolio_shared_secret_key',
+  portfolioID: 'your_portfolio_id',
+  useMetaKey: true,
+  runEnvironment: 'apitest.cybersource.com',
+  // Response MLE — use the portfolio's response MLE key, not the transacting merchant's
+  enableResponseMleGlobally: true,
+  responseMlePrivateKeyFilePath: '/path/to/portfolio/response/mle/private/key.p12',
+  responseMlePrivateKeyFilePassword: 'portfolio_private_key_password'
+  // responseMleKID is optional when using a CyberSource-generated P12 file (auto-fetched from P12)
+  // Required when using PEM files or responseMlePrivateKey object
+  // responseMleKID: 'your_portfolio_response_mle_kid'
+};
+```
+> **Important:** In MetaKey mode, the portfolio is the transaction submitter. The response is encrypted using the portfolio's MLE certificate, so the decryption key must also be the portfolio's.
 <br/>
 ## 5. Common Pitfalls
@@ -612,7 +675,8 @@ For Response MLE private key files, the following formats are supported:
 - If `enableRequestMLEForOptionalApisGlobally` is set to `true`, it enables request MLE for all APIs that have optional MLE support
 - APIs with mandatory MLE requirements are enabled by default unless `disableRequestMLEForMandatoryApisGlobally` is set to `true`
 - If `mapToControlMLEonAPI` doesn't contain a specific API, the global setting applies
-- For HTTP Signature authentication, request MLE will fall back to non-encrypted requests with a warning
+- When using `jwtKeyType=SHARED_SECRET`, the `mleForRequestPublicCertPath` parameter is **required** because the SDK cannot auto-extract the MLE certificate from a P12 file. See [Example (ix)](#ix-request-mle-with-shared-secret-jwt-symmetric-key-authentication) for a complete configuration.
+- For HTTP Signature authentication, request MLE will fall back to non-encrypted requests with a warning. **Note:** HTTP Signature is being deprecated — migrate to JWT with Shared Secret (`jwtKeyType=SHARED_SECRET`) to enable full MLE support using the same credentials. See [Example (ix)](#ix-request-mle-with-shared-secret-jwt-symmetric-key-authentication) for details.
 ### (ii) Response MLE
 - Response MLE requires either `responseMlePrivateKey` object OR `responseMlePrivateKeyFilePath` (not both)
@@ -622,6 +686,7 @@ For Response MLE private key files, the following formats are supported:
   - **Required** when using PEM format files (`.pem`, `.key`, `.p8`)
   - **Required** when using `responseMlePrivateKey` object directly
   - When both auto-fetched and user-provided values exist, the user-provided value takes precedence
+- **MetaKey (`useMetaKey=true`):** When Response MLE is used with MetaKey, the `responseMlePrivateKeyFilePath` (or `responseMlePrivateKey` object) and `responseMleKID` must belong to the **portfolio (parent account)** — not the transacting merchant. This is because in MetaKey mode the portfolio is the transaction submitter, and the response is encrypted using the portfolio's MLE certificate.
 - If an API expects a mandatory MLE response but the map specifies non-MLE response, the API might return an error
 - Both the private key object and file path approaches are mutually exclusive

package/README.md CHANGED Viewed

@@ -25,6 +25,130 @@ Follow the first step mentioned in [Getting Started with CyberSource REST SDKs](
 Follow the second step mentioned in [Getting Started with CyberSource REST SDKs](https://developer.cybersource.com/hello-world/rest-api-sdks.html#gettingstarted) to configure the SDK by inputting your credentials.
+> **⚠️ HTTP Signature Deprecation Notice:** HTTP Signature authentication is being deprecated. **JWT with Shared Secret** is the recommended migration path — it uses the same `merchantKeyId` and `merchantsecretKey` credentials, requires only two property changes, and enables MLE (Message Level Encryption) support that HTTP Signature does not provide.
+## Authentication Configuration
+To set your API credentials for an API request, configure the following information in your configuration object:
+### For HTTP Signature authentication (⚠️ Deprecated — migrate to JWT with Shared Secret)
+```javascript
+var merchantConfig = {
+    authenticationType: 'http_signature',
+    merchantID: 'testrest',
+    runEnvironment: 'apitest.cybersource.com',
+    merchantKeyId: 'your_merchant_key_id',
+    merchantsecretKey: 'your_merchant_secret_key',
+    enableLog: true,
+    logDirectory: './log',
+    logFilename: 'cybs'
+};
+```
+### For JWT authentication (with P12 certificate)
+```javascript
+var merchantConfig = {
+    authenticationType: 'jwt',
+    merchantID: 'testrest',
+    runEnvironment: 'apitest.cybersource.com',
+    keyAlias: 'testrest',
+    keyPass: 'testrest',
+    keyFileName: 'testrest',
+    keysDirectory: './resource',
+    enableLog: true,
+    logDirectory: './log',
+    logFilename: 'cybs'
+};
+```
+### For JWT authentication with Shared Secret (Recommended migration from HTTP Signature)
+Uses the **same** `merchantKeyId` and `merchantsecretKey` credentials as HTTP Signature. Only two properties change:
+```javascript
+var merchantConfig = {
+    authenticationType: 'jwt',
+    jwtKeyType: 'SHARED_SECRET',
+    merchantID: 'testrest',
+    runEnvironment: 'apitest.cybersource.com',
+    merchantKeyId: 'your_merchant_key_id',
+    merchantsecretKey: 'your_merchant_secret_key',
+    enableLog: true,
+    logDirectory: './log',
+    logFilename: 'cybs'
+};
+```
+### For using MetaKey
+MetaKey can be used for HTTP Signature, JWT (P12), and JWT with Shared Secret authentication.
+#### For HTTP Signature Authentication (⚠️ Deprecated)
+```javascript
+var merchantConfig = {
+    authenticationType: 'http_signature',
+    merchantID: '<transacting merchantID>',
+    merchantKeyId: '<MetaKey Portfolio KeyId>',
+    merchantsecretKey: '<MetaKey Portfolio Shared Secret Key>',
+    useMetaKey: true,
+    portfolioID: '<Portfolio ID>'
+};
+```
+#### For JWT Authentication (P12)
+```javascript
+var merchantConfig = {
+    authenticationType: 'jwt',
+    merchantID: '<transacting merchantID>',
+    keyAlias: '<Portfolio ID>',
+    keyPass: '<MetaKey Portfolio P12 File Password>',
+    keyFileName: '<MetaKey Portfolio P12 File Name>',
+    keysDirectory: '<keysDirectory>',
+    useMetaKey: true
+};
+```
+#### For JWT Authentication with Shared Secret (Recommended)
+```javascript
+var merchantConfig = {
+    authenticationType: 'jwt',
+    jwtKeyType: 'SHARED_SECRET',
+    merchantID: '<transacting merchantID>',
+    merchantKeyId: '<MetaKey Portfolio KeyId>',
+    merchantsecretKey: '<MetaKey Portfolio Shared Secret Key>',
+    useMetaKey: true,
+    portfolioID: '<Portfolio ID>'
+};
+```
+#### Response MLE with MetaKey
+When Response MLE is enabled (`enableResponseMleGlobally: true`) and MetaKey is in use (`useMetaKey: true`), the Response MLE configuration must use the **portfolio's** response MLE key — not the transacting merchant's. Specifically:
+- `responseMlePrivateKeyFilePath` (or the `responseMlePrivateKey` object) must point to the **portfolio's** response MLE private key.
+- `responseMleKID` — the KID value associated with the **portfolio's** response MLE certificate.
+  - **Optional** when `responseMlePrivateKeyFilePath` points to a CyberSource-generated P12 file (SDK auto-fetches from P12).
+  - **Required** when using PEM format files (`.pem`, `.key`, `.p8`) or when providing `responseMlePrivateKey` object directly.
+```javascript
+var merchantConfig = {
+    // ... other MetaKey configuration ...
+    enableResponseMleGlobally: true,
+    responseMlePrivateKeyFilePath: '/path/to/portfolio/response/mle/private/key.p12',
+    responseMlePrivateKeyFilePassword: 'portfolio_private_key_password'
+    // responseMleKID is optional when using a CyberSource-generated P12 file (auto-fetched from P12)
+    // Required when using PEM files or responseMlePrivateKey object
+    // responseMleKID: '<Portfolio Response MLE KID>'
+};
+```
+> **Important:** The response MLE private key (and KID, if applicable) must belong to the portfolio (parent account), since in MetaKey mode the portfolio is the transaction submitter and the response is encrypted using the portfolio's MLE certificate.
 ## How to Use
 To get started using this SDK, it's highly recommended to download our sample code repository:

package/docs/AccountValidationsRequest.md CHANGED Viewed

@@ -6,5 +6,6 @@ Name | Type | Description | Notes
 **clientReferenceInformation** | [**Bavsv1accountvalidationsClientReferenceInformation**](Bavsv1accountvalidationsClientReferenceInformation.md) |  | [optional]
 **processingInformation** | [**Bavsv1accountvalidationsProcessingInformation**](Bavsv1accountvalidationsProcessingInformation.md) |  |
 **paymentInformation** | [**Bavsv1accountvalidationsPaymentInformation**](Bavsv1accountvalidationsPaymentInformation.md) |  |
+**tokenInformation** | [**Bavsv1accountvalidationsTokenInformation**](Bavsv1accountvalidationsTokenInformation.md) |  | [optional]

package/docs/Acpv1mppcredentialsChallenge.md ADDED Viewed

@@ -0,0 +1,15 @@
+# CyberSource.Acpv1mppcredentialsChallenge
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Unique challenge identifier issued by the merchant server. |
+**realm** | **String** | Merchant realm (typically the API domain). |
+**amount** | **String** | Amount in the smallest currency unit (e.g., '4999' = $49.99). |
+**currency** | **String** | Three-letter ISO 4217 currency code, lowercase (e.g., 'usd'). |
+**acceptedNetworks** | **[String]** | Card networks accepted by the merchant (e.g., ['visa', 'mastercard']). |
+**merchantId** | **String** | Merchant identifier (maps to 'recipient' in MPP spec request object). |
+**merchantName** | **String** | Human-readable merchant name. |
+**encryptionJwk** | [**Acpv1mppcredentialsChallengeEncryptionJwk**](Acpv1mppcredentialsChallengeEncryptionJwk.md) |  |

package/docs/Acpv1mppcredentialsChallengeEncryptionJwk.md ADDED Viewed

@@ -0,0 +1,13 @@
+# CyberSource.Acpv1mppcredentialsChallengeEncryptionJwk
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**kty** | **String** | Key type. MUST be 'RSA'. |
+**kid** | **String** | Key ID. Identifies the key within a JWKS. |
+**use** | **String** | Public key use. MUST be 'enc'. |
+**alg** | **String** | Algorithm. MUST be 'RSA-OAEP-256'. |
+**n** | **String** | RSA modulus (Base64urlUInt-encoded per RFC 7518 Section 6.3.1.1). |
+**e** | **String** | RSA public exponent (Base64urlUInt-encoded per RFC 7518 Section 6.3.1.2). |

package/docs/Acpv1tokensAssuranceData.md CHANGED Viewed

@@ -3,12 +3,12 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**verificationType** | **String** | Type of the verification data.   Possible values:   - `CARDHOLDER` (Default)   - `DEVICE`  | [optional]
-**verificationEntity** | **String** | Entity performing the verification.   Possible value:     - `10` - VISA (Default)  | [optional]
-**verificationEvents** | **[String]** | Event where the verification occurred.   Possible values:     - `01` - Payment transaction   - `02` - Add card/Card enrollment   - `03` - Profile access   - `04` - Account verification  | [optional]
-**verificationMethod** | **String** | Method of the verification.   Possible values:     - `02` - App-based authentication   - `04` - One-time passcode   - `21` - Visa Token Service step-up: Device binding   - `22` - Visa Token Service step-up: Cardholder verification   - `23` - FIDO2  |
-**verificationResults** | **String** | Result of the verification.   Possible values:     - `01` - Verified   - `02` - Not Verified   - `03` - Not performed   - `04` - Not required   - `21` - Not allowed  |
-**verificationTimestamp** | **String** | Date and time the verification occurred. UTC time in Unix epoch format. |
+**verificationType** | **String** | Optional. Type of the verification data.   Possible values:   - `CARDHOLDER` (Default)   - `DEVICE`  | [optional]
+**verificationEntity** | **String** | Optional. Entity performing the verification.   Possible value:     - `10` - VISA (Default)  | [optional]
+**verificationEvents** | **[String]** | Optional. Event where the verification occurred.   Possible values:     - `01` - Payment transaction   - `02` - Add card/Card enrollment   - `03` - Profile access   - `04` - Account verification  | [optional]
+**verificationMethod** | **String** | Required. Method of the verification.   Possible values:     - `02` - App-based authentication   - `04` - One-time passcode   - `21` - Visa Token Service step-up: Device binding   - `22` - Visa Token Service step-up: Cardholder verification   - `23` - FIDO2  |
+**verificationResults** | **String** | Required. Result of the verification.   Possible values:     - `01` - Verified   - `02` - Not Verified   - `03` - Not performed   - `04` - Not required   - `21` - Not allowed  |
+**verificationTimestamp** | **String** | Required. Date and time the verification occurred. UTC time in Unix epoch format. |
 **authenticationContext** | [**Acpv1tokensAuthenticationContext**](Acpv1tokensAuthenticationContext.md) |  | [optional]
 **authenticatedIdentities** | [**Acpv1tokensAuthenticatedIdentities**](Acpv1tokensAuthenticatedIdentities.md) |  | [optional]
 **additionalData** | **String** | Additional data related to assurance. | [optional]

package/docs/AddNegativeListRequest.md CHANGED Viewed

@@ -5,7 +5,7 @@ Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **orderInformation** | [**Riskv1liststypeentriesOrderInformation**](Riskv1liststypeentriesOrderInformation.md) |  | [optional]
 **paymentInformation** | [**Riskv1liststypeentriesPaymentInformation**](Riskv1liststypeentriesPaymentInformation.md) |  | [optional]
-**clientReferenceInformation** | [**Riskv1liststypeentriesClientReferenceInformation**](Riskv1liststypeentriesClientReferenceInformation.md) |  | [optional]
+**clientReferenceInformation** | [**RiskV1DecisionsPost201ResponseClientReferenceInformation**](RiskV1DecisionsPost201ResponseClientReferenceInformation.md) |  | [optional]
 **deviceInformation** | [**Riskv1liststypeentriesDeviceInformation**](Riskv1liststypeentriesDeviceInformation.md) |  | [optional]
 **riskInformation** | [**Riskv1liststypeentriesRiskInformation**](Riskv1liststypeentriesRiskInformation.md) |  | [optional]
 **buyerInformation** | [**Riskv1liststypeentriesBuyerInformation**](Riskv1liststypeentriesBuyerInformation.md) |  | [optional]

package/docs/AuthReversalRequest.md CHANGED Viewed

@@ -9,6 +9,7 @@ Name | Type | Description | Notes
 **orderInformation** | [**Ptsv2paymentsidreversalsOrderInformation**](Ptsv2paymentsidreversalsOrderInformation.md) |  | [optional]
 **pointOfSaleInformation** | [**Ptsv2paymentsidreversalsPointOfSaleInformation**](Ptsv2paymentsidreversalsPointOfSaleInformation.md) |  | [optional]
 **paymentInformation** | [**Ptsv2paymentsidreversalsPaymentInformation**](Ptsv2paymentsidreversalsPaymentInformation.md) |  | [optional]
+**deviceInformation** | [**Ptsv2paymentsidreversalsDeviceInformation**](Ptsv2paymentsidreversalsDeviceInformation.md) |  | [optional]
 **processorInformation** | [**Ptsv2paymentsProcessorInformationReversal**](Ptsv2paymentsProcessorInformationReversal.md) |  | [optional]

package/docs/BatchesApi.md CHANGED Viewed

@@ -153,7 +153,7 @@ No authorization required
 ### HTTP request headers
  - **Content-Type**: application/json;charset=utf-8
- - **Accept**: application/json;charset=utf-8
+ - **Accept**: application/json, application/json;charset=utf-8
 <a name="postBatch"></a>
 # **postBatch**

package/docs/Bavsv1accountvalidationsPaymentInformation.md CHANGED Viewed

@@ -3,6 +3,9 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**bank** | [**Bavsv1accountvalidationsPaymentInformationBank**](Bavsv1accountvalidationsPaymentInformationBank.md) |  |
+**customer** | [**Bavsv1accountvalidationsPaymentInformationCustomer**](Bavsv1accountvalidationsPaymentInformationCustomer.md) |  | [optional]
+**paymentInstrument** | [**Bavsv1accountvalidationsPaymentInformationPaymentInstrument**](Bavsv1accountvalidationsPaymentInformationPaymentInstrument.md) |  | [optional]
+**instrumentIdentifier** | [**Bavsv1accountvalidationsPaymentInformationInstrumentIdentifier**](Bavsv1accountvalidationsPaymentInformationInstrumentIdentifier.md) |  | [optional]
+**bank** | [**Bavsv1accountvalidationsPaymentInformationBank**](Bavsv1accountvalidationsPaymentInformationBank.md) |  | [optional]

package/docs/Bavsv1accountvalidationsPaymentInformationBank.md CHANGED Viewed

@@ -3,7 +3,7 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**routingNumber** | **String** | Bank routing number. This is also called the transit number.  Non-Negative Integer  |
+**routingNumber** | **String** | Bank routing number. This is also called the transit number.  Non-Negative String, containing only digits.  |
 **account** | [**Bavsv1accountvalidationsPaymentInformationBankAccount**](Bavsv1accountvalidationsPaymentInformationBankAccount.md) |  |

package/docs/Bavsv1accountvalidationsPaymentInformationBankAccount.md CHANGED Viewed

@@ -3,6 +3,6 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**_number** | **String** | Account Number.  Non-Negative Integer. example: 12345678901234577  |
+**_number** | **String** | Account Number.  Non-Negative String, containing only digits.  |

package/docs/Bavsv1accountvalidationsPaymentInformationCustomer.md ADDED Viewed

@@ -0,0 +1,8 @@
+# CyberSource.Bavsv1accountvalidationsPaymentInformationCustomer
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Unique identifier for the Customer token. When this value is included in your request, the bank object becomes optional. | [optional]

package/docs/Bavsv1accountvalidationsPaymentInformationInstrumentIdentifier.md ADDED Viewed

@@ -0,0 +1,8 @@
+# CyberSource.Bavsv1accountvalidationsPaymentInformationInstrumentIdentifier
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Unique identifier for the Instrument Identifier token. When this value is included in your request, the bank object becomes optional. | [optional]

package/docs/Bavsv1accountvalidationsPaymentInformationPaymentInstrument.md ADDED Viewed

@@ -0,0 +1,8 @@
+# CyberSource.Bavsv1accountvalidationsPaymentInformationPaymentInstrument
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Unique identifier for the Payment Instrument token. When this value is included in your request, the bank object becomes optional. | [optional]

package/docs/Bavsv1accountvalidationsTokenInformation.md ADDED Viewed

@@ -0,0 +1,9 @@
+# CyberSource.Bavsv1accountvalidationsTokenInformation
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**jti** | **String** | TMS Transient Token for BAVS detokenization. A 64 hexadecimal character identifier representing captured payment credentials. | [optional]
+**transientTokenJwt** | **String** | Flex API Transient Token encoded as JWT for BAVS detokenization. Contains encrypted bank account information from Flex microform or Unified Payment checkout. | [optional]

package/docs/Boardingv1registrationsIntegrationInformation.md CHANGED Viewed

@@ -5,5 +5,6 @@ Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **oauth2** | [**[Boardingv1registrationsIntegrationInformationOauth2]**](Boardingv1registrationsIntegrationInformationOauth2.md) |  | [optional]
 **tenantConfigurations** | [**[Boardingv1registrationsIntegrationInformationTenantConfigurations]**](Boardingv1registrationsIntegrationInformationTenantConfigurations.md) | tenantConfigurations is an array of objects that includes the tenant information this merchant is associated with. | [optional]
+**msd** | [**Boardingv1registrationsIntegrationInformationMsd**](Boardingv1registrationsIntegrationInformationMsd.md) |  | [optional]

package/docs/Boardingv1registrationsIntegrationInformationMsd.md ADDED Viewed

@@ -0,0 +1,8 @@
+# CyberSource.Boardingv1registrationsIntegrationInformationMsd
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**customerId** | **String** | The customerId is an external customer Identifier given by MSD (MS Dynamics). | [optional]

package/docs/CardProcessingConfigCommonProcessors.md CHANGED Viewed

@@ -48,6 +48,10 @@ Name | Type | Description | Notes
 **enableLeastCostRouting** | **Boolean** | Indicates whether Least Cost Routing is enabled. Applicable for EFTPOS and CUP processors. | [optional]
 **enableCVVResponseIndicator** | **Boolean** | This field denotes EFTPOS Merchant's choice of receiving CVV Processing Response in return. Applicable for EFTPOS processors. | [optional]
 **enableMultiCurrencyProcessing** | **String** | Applicable for Barclays (barclays2) processor.  Validation details (for selected processors)...  <table> <thead><tr><th>Processor</th><th>Acceptance Type</th><th>Required</th><th>Default Value</th></tr></thead> <tr><td>Barclays</td><td>cnp, cp, hybrid</td><td>No</td><td>Yes</td></tr> </table>  | [optional]
+**transactionTypeIdentifier** | **String** | Transaction Type Identifier (TTI) field for Mastercard AFT transactions. Maps to ISO field F104.65.32. Used to ensure compliance with Mastercard's requirements for money send transactions when wallet classifications differ between Visa and Mastercard schemes. Takes priority over BAI values for Mastercard AFT transactions when present. | [optional]
+**subMerchantId** | **String** | The Sub merchant ID, sometimes referred to as the 'Seller ID' is generally used and *required for Aggregators and OptBlue participants. The 'Sub Merchant' is the Merchant whose transactions are submitted by a payment aggregator. | [optional]
+**subMerchantEmail** | **String** | Sub Merchant Email of the Payment Facilitator's, OptBlue Participant | [optional]
+**subMerchantPhoneNumber** | **String** | Sub Merchant Phone Number of the Payment Facilitator's, OptBlue Participant's | [optional]
 **enablePosNetworkSwitching** | **Boolean** | 'POS Network Switching' or 'Alternate Routing' means merchant can process PIN Debit transactions without a PIN. Set the value to 'Yes' if it is supported. Applicable for FDI Global (fdiglobal) processor. | [optional]
 **enableDynamicCurrencyConversion** | **Boolean** | Enable dynamic currency conversion for a merchant. | [optional]
 **merchantTier** | **String** | Merchant Tier defines the type of merchant, the numeric Merchant Tier value is allocated by EFTPOS. Applicable for EFTPOS processors. | [optional]

package/docs/CheckPayerAuthEnrollmentRequest.md CHANGED Viewed

@@ -3,7 +3,7 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**clientReferenceInformation** | [**Riskv1authenticationsetupsClientReferenceInformation**](Riskv1authenticationsetupsClientReferenceInformation.md) |  | [optional]
+**clientReferenceInformation** | [**Riskv1decisionsClientReferenceInformation**](Riskv1decisionsClientReferenceInformation.md) |  | [optional]
 **orderInformation** | [**Riskv1authenticationsOrderInformation**](Riskv1authenticationsOrderInformation.md) |  | [optional]
 **paymentInformation** | [**Riskv1authenticationsPaymentInformation**](Riskv1authenticationsPaymentInformation.md) |  | [optional]
 **processingInformation** | [**Riskv1authenticationsetupsProcessingInformation**](Riskv1authenticationsetupsProcessingInformation.md) |  | [optional]

package/docs/CommerceSolutionsProducts.md CHANGED Viewed

@@ -6,5 +6,6 @@ Name | Type | Description | Notes
 **tokenManagement** | [**CommerceSolutionsProductsTokenManagement**](CommerceSolutionsProductsTokenManagement.md) |  | [optional]
 **accountUpdater** | [**CommerceSolutionsProductsAccountUpdater**](CommerceSolutionsProductsAccountUpdater.md) |  | [optional]
 **binLookup** | [**CommerceSolutionsProductsBinLookup**](CommerceSolutionsProductsBinLookup.md) |  | [optional]
+**agenticCommerce** | [**PaymentsProductsTax**](PaymentsProductsTax.md) |  | [optional]

package/docs/CreateCreditRequest.md CHANGED Viewed

@@ -20,5 +20,6 @@ Name | Type | Description | Notes
 **senderInformation** | [**Ptsv2creditsSenderInformation**](Ptsv2creditsSenderInformation.md) |  | [optional]
 **promotionInformation** | [**Ptsv2paymentsPromotionInformation**](Ptsv2paymentsPromotionInformation.md) |  | [optional]
 **processorInformation** | [**Ptsv2reversalsProcessorInformation**](Ptsv2reversalsProcessorInformation.md) |  | [optional]
+**tokenInformation** | [**Ptsv2creditsTokenInformation**](Ptsv2creditsTokenInformation.md) |  | [optional]

package/docs/CreateNewWebhooksApi.md CHANGED Viewed

@@ -100,11 +100,11 @@ No authorization required
 ### HTTP request headers
  - **Content-Type**: application/json;charset=utf-8
- - **Accept**: application/hal+json;charset=utf-8
+ - **Accept**: application/json;charset=utf-8
 <a name="saveSymEgressKey"></a>
 # **saveSymEgressKey**
-> InlineResponse2015 saveSymEgressKey(vCSenderOrganizationId, vCPermissions, opts)
+> InlineResponse2015 saveSymEgressKey(opts)
 Create Webhook Security Keys
@@ -116,12 +116,10 @@ var CyberSource = require('CyberSource');
 var apiInstance = new CyberSource.CreateNewWebhooksApi();
-var vCSenderOrganizationId = "vCSenderOrganizationId_example"; // String | Sender organization id
-var vCPermissions = "vCPermissions_example"; // String | Encoded user permissions returned by the CGK, for the entity user who initiated the boarding
 var opts = {
   'vCCorrelationId': "vCCorrelationId_example", // String | A globally unique id associated with your request
+  'vCSenderOrganizationId': "vCSenderOrganizationId_example", // String | Sender organization id
+  'vCPermissions': "vCPermissions_example", // String | Encoded user permissions returned by the CGK, for the entity user who initiated the boarding
   'saveSymEgressKey': new CyberSource.SaveSymEgressKey() // SaveSymEgressKey | Provide egress Symmetric key information to save (create or store or refresh)
 };
@@ -132,16 +130,16 @@ var callback = function(error, data, response) {
     console.log('API called successfully. Returned data: ' + data);
   }
 };
-apiInstance.saveSymEgressKey(vCSenderOrganizationId, vCPermissions, opts, callback);
+apiInstance.saveSymEgressKey(opts, callback);
 ```
 ### Parameters
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **vCSenderOrganizationId** | **String**| Sender organization id |
- **vCPermissions** | **String**| Encoded user permissions returned by the CGK, for the entity user who initiated the boarding |
  **vCCorrelationId** | **String**| A globally unique id associated with your request | [optional]
+ **vCSenderOrganizationId** | **String**| Sender organization id | [optional]
+ **vCPermissions** | **String**| Encoded user permissions returned by the CGK, for the entity user who initiated the boarding | [optional]
  **saveSymEgressKey** | [**SaveSymEgressKey**](SaveSymEgressKey.md)| Provide egress Symmetric key information to save (create or store or refresh) | [optional]
 ### Return type

package/docs/CreateSubscriptionRequest.md CHANGED Viewed

@@ -8,6 +8,6 @@ Name | Type | Description | Notes
 **planInformation** | [**Rbsv1subscriptionsPlanInformation**](Rbsv1subscriptionsPlanInformation.md) |  | [optional]
 **subscriptionInformation** | [**Rbsv1subscriptionsSubscriptionInformation**](Rbsv1subscriptionsSubscriptionInformation.md) |  | [optional]
 **paymentInformation** | [**Rbsv1subscriptionsPaymentInformation**](Rbsv1subscriptionsPaymentInformation.md) |  | [optional]
-**orderInformation** | [**GetAllPlansResponseOrderInformation**](GetAllPlansResponseOrderInformation.md) |  | [optional]
+**orderInformation** | [**Rbsv1subscriptionsOrderInformation**](Rbsv1subscriptionsOrderInformation.md) |  | [optional]

package/docs/CreateSubscriptionRequest1.md CHANGED Viewed

@@ -7,6 +7,6 @@ Name | Type | Description | Notes
 **processingInformation** | [**Rbsv1subscriptionsProcessingInformation**](Rbsv1subscriptionsProcessingInformation.md) |  | [optional]
 **planInformation** | [**Rbsv1subscriptionsPlanInformation**](Rbsv1subscriptionsPlanInformation.md) |  | [optional]
 **subscriptionInformation** | [**Rbsv1subscriptionsSubscriptionInformation**](Rbsv1subscriptionsSubscriptionInformation.md) |  | [optional]
-**orderInformation** | [**GetAllPlansResponseOrderInformation**](GetAllPlansResponseOrderInformation.md) |  | [optional]
+**orderInformation** | [**Rbsv1subscriptionsOrderInformation**](Rbsv1subscriptionsOrderInformation.md) |  | [optional]

package/docs/CredentialsApi.md ADDED Viewed

@@ -0,0 +1,55 @@
+# CyberSource.CredentialsApi
+All URIs are relative to *https://apitest.cybersource.com*
+Method | HTTP request | Description
+------------- | ------------- | -------------
+[**provisionMppCredentials**](CredentialsApi.md#provisionMppCredentials) | **POST** /acp/v1/mpp/credentials | Provision MPP credentials
+<a name="provisionMppCredentials"></a>
+# **provisionMppCredentials**
+> MppCredentialsResponse200 provisionMppCredentials(mppCredentialsRequest)
+Provision MPP credentials
+Provisions an encrypted MPP credential for use as the credential payload in an Authorization: Payment header (MPP spec Section 8.2). The caller provides an instrument identifier (referencing a stored card in TMS) and the challenge context from the merchant's 402 response, including the merchant's RSA public encryption key. This service:   1. Calls TMS to retrieve the network token and cryptogram for the instrument.   2. Builds the token plaintext (MPP spec Section 8.3, type: network_token).   3. Encrypts the plaintext using RSA-OAEP with SHA-256 and the merchant's public key.   4. Returns the MPP credential payload fields (MPP spec Section 8.2, Table 4).
+### Example
+```javascript
+var CyberSource = require('CyberSource');
+var apiInstance = new CyberSource.CredentialsApi();
+var mppCredentialsRequest = new CyberSource.MppCredentialsRequest(); // MppCredentialsRequest |
+var callback = function(error, data, response) {
+  if (error) {
+    console.error(error);
+  } else {
+    console.log('API called successfully. Returned data: ' + data);
+  }
+};
+apiInstance.provisionMppCredentials(mppCredentialsRequest, callback);
+```
+### Parameters
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **mppCredentialsRequest** | [**MppCredentialsRequest**](MppCredentialsRequest.md)|  |
+### Return type
+[**MppCredentialsResponse200**](MppCredentialsResponse200.md)
+### Authorization
+No authorization required
+### HTTP request headers
+ - **Content-Type**: application/json;charset=utf-8
+ - **Accept**: application/hal+json;charset=utf-8

package/docs/CustomerPaymentInstrumentApi.md CHANGED Viewed

@@ -119,7 +119,7 @@ No authorization required
 <a name="getCustomerPaymentInstrumentsList"></a>
 # **getCustomerPaymentInstrumentsList**
-> PaymentInstrumentList getCustomerPaymentInstrumentsList(customerId, opts)
+> PaymentInstrumentList1 getCustomerPaymentInstrumentsList(customerId, opts)
 List Payment Instruments for a Customer
@@ -160,7 +160,7 @@ Name | Type | Description  | Notes
 ### Return type
-[**PaymentInstrumentList**](PaymentInstrumentList.md)
+[**PaymentInstrumentList1**](PaymentInstrumentList1.md)
 ### Authorization

package/docs/EnrollmentApi.md CHANGED Viewed

@@ -13,7 +13,7 @@ Method | HTTP request | Description
 Enroll a card
-Enroll a card for tokenization during the customer's account registration or when the customer starts a new purchase intent.
+Enroll a payment card for agentic or e-commerce transactions. This is typically the first step in the Intelligent Commerce payment lifecycle — the agent calls this endpoint to register a consumer's card, creating a tokenized reference that can be used in subsequent purchase instructions and payment credential retrieval. Requires device information, consumer identity, billing details, and payment instrument references. Returns a status of ACTIVE (HTTP 200) if enrollment completes immediately, or PENDING (HTTP 202) with pendingEvents if cardholder authentication is required. Call this endpoint when a consumer wants to add a new payment card or when setting up a card for agentic payment flows.
 ### Example
 ```javascript

package/docs/FraudMarkingActionRequest.md CHANGED Viewed

@@ -4,6 +4,6 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **riskInformation** | [**Riskv1decisionsidmarkingRiskInformation**](Riskv1decisionsidmarkingRiskInformation.md) |  |
-**clientReferenceInformation** | [**Riskv1liststypeentriesClientReferenceInformation**](Riskv1liststypeentriesClientReferenceInformation.md) |  | [optional]
+**clientReferenceInformation** | [**RiskV1DecisionsPost201ResponseClientReferenceInformation**](RiskV1DecisionsPost201ResponseClientReferenceInformation.md) |  | [optional]