cybersource-rest-client 0.0.77 → 0.0.79

package/MLE.md

@@ -11,6 +11,17 @@ MLE supports both **Request Encryption** (encrypting outgoing request payloads)
 - **Request MLE**: Only supported with `JWT (JSON Web Token)` authentication type
 - **Response MLE**: Only supported with `JWT (JSON Web Token)` authentication type
 
+### MLE with JWT Key Types
+
+MLE works with both JWT key types:
+
+| JWT Key Type | MLE Support | Request MLE Certificate Source |
+|---|---|---|
+| `P12` (default) | Supported | Auto-extracted from the P12 file (using `requestMleKeyAlias`), or from a separate file via `mleForRequestPublicCertPath` |
+| `SHARED_SECRET` | Supported | **Must** be provided via `mleForRequestPublicCertPath` (since there is no P12 file to extract from) |
+
+> **Important:** When using `jwtKeyType=SHARED_SECRET` with MLE, the `mleForRequestPublicCertPath` property is **required** for request MLE. The SDK cannot auto-extract the MLE certificate from a P12 file because shared secret authentication does not use one. The request MLE public certificate can be downloaded from the CyberSource Business Center ([Test](https://businesscentertest.cybersource.com/ebc2) | [Production](https://businesscenter.cybersource.com/ebc2)).
+
 <br/>
 
 ## Configuration
@@ -292,6 +303,58 @@ var merchantConfig = {
 };
 ```
 
+### (ix) Request MLE with Shared Secret (JWT Symmetric Key) Authentication
+
+```javascript
+// MLE with JWT SHARED_SECRET authentication — requires mleForRequestPublicCertPath
+var merchantConfig = {
+  // JWT authentication with SHARED_SECRET key type
+  authenticationType: 'jwt',
+  jwtKeyType: 'SHARED_SECRET',
+  merchantID: 'your_merchant_id',
+  runEnvironment: 'apitest.cybersource.com',
+  merchantKeyId: 'your_key_id',
+  merchantsecretKey: 'your_base64_encoded_shared_secret',
+
+  // Request MLE settings
+  enableRequestMLEForOptionalApisGlobally: true,
+  // mleForRequestPublicCertPath is REQUIRED for SHARED_SECRET since there is no P12 file
+  mleForRequestPublicCertPath: '/path/to/mle/public/cert.pem',
+  requestMleKeyAlias: 'CyberSource_SJC_US'  // Optional, defaults to CyberSource_SJC_US
+};
+```
+
+> **Note:** When using `jwtKeyType=SHARED_SECRET`, the MLE certificate cannot be auto-extracted from a P12 file. You **must** provide the certificate via `mleForRequestPublicCertPath`. The request MLE public certificate can be downloaded from the CyberSource Business Center ([Test](https://businesscentertest.cybersource.com/ebc2) | [Production](https://businesscenter.cybersource.com/ebc2)).
+
+### (x) Response MLE with MetaKey
+
+When using MetaKey (`useMetaKey: true`) with Response MLE, the response MLE private key and KID must belong to the **portfolio (parent account)**, not the transacting merchant.
+
+```javascript
+// MetaKey + Response MLE — portfolio's response MLE key is required
+var merchantConfig = {
+  // JWT authentication with MetaKey
+  authenticationType: 'jwt',
+  jwtKeyType: 'SHARED_SECRET',
+  merchantID: 'your_transacting_merchant_id',
+  merchantKeyId: 'your_metakey_portfolio_KeyId',
+  merchantsecretKey: 'your_metakey_portfolio_shared_secret_key',
+  portfolioID: 'your_portfolio_id',
+  useMetaKey: true,
+  runEnvironment: 'apitest.cybersource.com',
+
+  // Response MLE — use the portfolio's response MLE key, not the transacting merchant's
+  enableResponseMleGlobally: true,
+  responseMlePrivateKeyFilePath: '/path/to/portfolio/response/mle/private/key.p12',
+  responseMlePrivateKeyFilePassword: 'portfolio_private_key_password'
+  // responseMleKID is optional when using a CyberSource-generated P12 file (auto-fetched from P12)
+  // Required when using PEM files or responseMlePrivateKey object
+  // responseMleKID: 'your_portfolio_response_mle_kid'
+};
+```
+
+> **Important:** In MetaKey mode, the portfolio is the transaction submitter. The response is encrypted using the portfolio's MLE certificate, so the decryption key must also be the portfolio's.
+
 <br/>
 
 ## 5. Common Pitfalls
@@ -612,7 +675,8 @@ For Response MLE private key files, the following formats are supported:
 - If `enableRequestMLEForOptionalApisGlobally` is set to `true`, it enables request MLE for all APIs that have optional MLE support
 - APIs with mandatory MLE requirements are enabled by default unless `disableRequestMLEForMandatoryApisGlobally` is set to `true`
 - If `mapToControlMLEonAPI` doesn't contain a specific API, the global setting applies
-- For HTTP Signature authentication, request MLE will fall back to non-encrypted requests with a warning
+- When using `jwtKeyType=SHARED_SECRET`, the `mleForRequestPublicCertPath` parameter is **required** because the SDK cannot auto-extract the MLE certificate from a P12 file. See [Example (ix)](#ix-request-mle-with-shared-secret-jwt-symmetric-key-authentication) for a complete configuration.
+- For HTTP Signature authentication, request MLE will fall back to non-encrypted requests with a warning. **Note:** HTTP Signature is being deprecated — migrate to JWT with Shared Secret (`jwtKeyType=SHARED_SECRET`) to enable full MLE support using the same credentials. See [Example (ix)](#ix-request-mle-with-shared-secret-jwt-symmetric-key-authentication) for details.
 
 ### (ii) Response MLE
 - Response MLE requires either `responseMlePrivateKey` object OR `responseMlePrivateKeyFilePath` (not both)
@@ -622,6 +686,7 @@ For Response MLE private key files, the following formats are supported:
   - **Required** when using PEM format files (`.pem`, `.key`, `.p8`)
   - **Required** when using `responseMlePrivateKey` object directly
   - When both auto-fetched and user-provided values exist, the user-provided value takes precedence
+- **MetaKey (`useMetaKey=true`):** When Response MLE is used with MetaKey, the `responseMlePrivateKeyFilePath` (or `responseMlePrivateKey` object) and `responseMleKID` must belong to the **portfolio (parent account)** — not the transacting merchant. This is because in MetaKey mode the portfolio is the transaction submitter, and the response is encrypted using the portfolio's MLE certificate.
 - If an API expects a mandatory MLE response but the map specifies non-MLE response, the API might return an error
 - Both the private key object and file path approaches are mutually exclusive
 

package/README.md

@@ -25,6 +25,130 @@ Follow the first step mentioned in [Getting Started with CyberSource REST SDKs](
 
 Follow the second step mentioned in [Getting Started with CyberSource REST SDKs](https://developer.cybersource.com/hello-world/rest-api-sdks.html#gettingstarted) to configure the SDK by inputting your credentials.
 
+> **⚠️ HTTP Signature Deprecation Notice:** HTTP Signature authentication is being deprecated. **JWT with Shared Secret** is the recommended migration path — it uses the same `merchantKeyId` and `merchantsecretKey` credentials, requires only two property changes, and enables MLE (Message Level Encryption) support that HTTP Signature does not provide.
+
+## Authentication Configuration
+
+To set your API credentials for an API request, configure the following information in your configuration object:
+
+### For HTTP Signature authentication (⚠️ Deprecated — migrate to JWT with Shared Secret)
+
+```javascript
+var merchantConfig = {
+    authenticationType: 'http_signature',
+    merchantID: 'testrest',
+    runEnvironment: 'apitest.cybersource.com',
+    merchantKeyId: 'your_merchant_key_id',
+    merchantsecretKey: 'your_merchant_secret_key',
+    enableLog: true,
+    logDirectory: './log',
+    logFilename: 'cybs'
+};
+```
+
+### For JWT authentication (with P12 certificate)
+
+```javascript
+var merchantConfig = {
+    authenticationType: 'jwt',
+    merchantID: 'testrest',
+    runEnvironment: 'apitest.cybersource.com',
+    keyAlias: 'testrest',
+    keyPass: 'testrest',
+    keyFileName: 'testrest',
+    keysDirectory: './resource',
+    enableLog: true,
+    logDirectory: './log',
+    logFilename: 'cybs'
+};
+```
+
+### For JWT authentication with Shared Secret (Recommended migration from HTTP Signature)
+
+Uses the **same** `merchantKeyId` and `merchantsecretKey` credentials as HTTP Signature. Only two properties change:
+
+```javascript
+var merchantConfig = {
+    authenticationType: 'jwt',
+    jwtKeyType: 'SHARED_SECRET',
+    merchantID: 'testrest',
+    runEnvironment: 'apitest.cybersource.com',
+    merchantKeyId: 'your_merchant_key_id',
+    merchantsecretKey: 'your_merchant_secret_key',
+    enableLog: true,
+    logDirectory: './log',
+    logFilename: 'cybs'
+};
+```
+
+### For using MetaKey
+
+MetaKey can be used for HTTP Signature, JWT (P12), and JWT with Shared Secret authentication.
+
+#### For HTTP Signature Authentication (⚠️ Deprecated)
+
+```javascript
+var merchantConfig = {
+    authenticationType: 'http_signature',
+    merchantID: '<transacting merchantID>',
+    merchantKeyId: '<MetaKey Portfolio KeyId>',
+    merchantsecretKey: '<MetaKey Portfolio Shared Secret Key>',
+    useMetaKey: true,
+    portfolioID: '<Portfolio ID>'
+};
+```
+
+#### For JWT Authentication (P12)
+
+```javascript
+var merchantConfig = {
+    authenticationType: 'jwt',
+    merchantID: '<transacting merchantID>',
+    keyAlias: '<Portfolio ID>',
+    keyPass: '<MetaKey Portfolio P12 File Password>',
+    keyFileName: '<MetaKey Portfolio P12 File Name>',
+    keysDirectory: '<keysDirectory>',
+    useMetaKey: true
+};
+```
+
+#### For JWT Authentication with Shared Secret (Recommended)
+
+```javascript
+var merchantConfig = {
+    authenticationType: 'jwt',
+    jwtKeyType: 'SHARED_SECRET',
+    merchantID: '<transacting merchantID>',
+    merchantKeyId: '<MetaKey Portfolio KeyId>',
+    merchantsecretKey: '<MetaKey Portfolio Shared Secret Key>',
+    useMetaKey: true,
+    portfolioID: '<Portfolio ID>'
+};
+```
+
+#### Response MLE with MetaKey
+
+When Response MLE is enabled (`enableResponseMleGlobally: true`) and MetaKey is in use (`useMetaKey: true`), the Response MLE configuration must use the **portfolio's** response MLE key — not the transacting merchant's. Specifically:
+
+- `responseMlePrivateKeyFilePath` (or the `responseMlePrivateKey` object) must point to the **portfolio's** response MLE private key.
+- `responseMleKID` — the KID value associated with the **portfolio's** response MLE certificate.
+  - **Optional** when `responseMlePrivateKeyFilePath` points to a CyberSource-generated P12 file (SDK auto-fetches from P12).
+  - **Required** when using PEM format files (`.pem`, `.key`, `.p8`) or when providing `responseMlePrivateKey` object directly.
+
+```javascript
+var merchantConfig = {
+    // ... other MetaKey configuration ...
+    enableResponseMleGlobally: true,
+    responseMlePrivateKeyFilePath: '/path/to/portfolio/response/mle/private/key.p12',
+    responseMlePrivateKeyFilePassword: 'portfolio_private_key_password'
+    // responseMleKID is optional when using a CyberSource-generated P12 file (auto-fetched from P12)
+    // Required when using PEM files or responseMlePrivateKey object
+    // responseMleKID: '<Portfolio Response MLE KID>'
+};
+```
+
+> **Important:** The response MLE private key (and KID, if applicable) must belong to the portfolio (parent account), since in MetaKey mode the portfolio is the transaction submitter and the response is encrypted using the portfolio's MLE certificate.
+
 ## How to Use
 
 To get started using this SDK, it's highly recommended to download our sample code repository:

package/docs/AccountValidationsRequest.md

@@ -6,5 +6,6 @@ Name | Type | Description | Notes
 **clientReferenceInformation** | [**Bavsv1accountvalidationsClientReferenceInformation**](Bavsv1accountvalidationsClientReferenceInformation.md) |  | [optional] 
 **processingInformation** | [**Bavsv1accountvalidationsProcessingInformation**](Bavsv1accountvalidationsProcessingInformation.md) |  | 
 **paymentInformation** | [**Bavsv1accountvalidationsPaymentInformation**](Bavsv1accountvalidationsPaymentInformation.md) |  | 
+**tokenInformation** | [**Bavsv1accountvalidationsTokenInformation**](Bavsv1accountvalidationsTokenInformation.md) |  | [optional] 
 
 

package/docs/Acpv1mppcredentialsChallenge.md

@@ -0,0 +1,15 @@
+# CyberSource.Acpv1mppcredentialsChallenge
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Unique challenge identifier issued by the merchant server. | 
+**realm** | **String** | Merchant realm (typically the API domain). | 
+**amount** | **String** | Amount in the smallest currency unit (e.g., '4999' = $49.99). | 
+**currency** | **String** | Three-letter ISO 4217 currency code, lowercase (e.g., 'usd'). | 
+**acceptedNetworks** | **[String]** | Card networks accepted by the merchant (e.g., ['visa', 'mastercard']). | 
+**merchantId** | **String** | Merchant identifier (maps to 'recipient' in MPP spec request object). | 
+**merchantName** | **String** | Human-readable merchant name. | 
+**encryptionJwk** | [**Acpv1mppcredentialsChallengeEncryptionJwk**](Acpv1mppcredentialsChallengeEncryptionJwk.md) |  | 
+
+

package/docs/Acpv1mppcredentialsChallengeEncryptionJwk.md

@@ -0,0 +1,13 @@
+# CyberSource.Acpv1mppcredentialsChallengeEncryptionJwk
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**kty** | **String** | Key type. MUST be 'RSA'. | 
+**kid** | **String** | Key ID. Identifies the key within a JWKS. | 
+**use** | **String** | Public key use. MUST be 'enc'. | 
+**alg** | **String** | Algorithm. MUST be 'RSA-OAEP-256'. | 
+**n** | **String** | RSA modulus (Base64urlUInt-encoded per RFC 7518 Section 6.3.1.1). | 
+**e** | **String** | RSA public exponent (Base64urlUInt-encoded per RFC 7518 Section 6.3.1.2). | 
+
+

package/docs/Acpv1tokensAssuranceData.md

@@ -3,12 +3,12 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**verificationType** | **String** | Type of the verification data.   Possible values:   - `CARDHOLDER` (Default)   - `DEVICE`  | [optional] 
-**verificationEntity** | **String** | Entity performing the verification.   Possible value:     - `10` - VISA (Default)  | [optional] 
-**verificationEvents** | **[String]** | Event where the verification occurred.   Possible values:     - `01` - Payment transaction   - `02` - Add card/Card enrollment   - `03` - Profile access   - `04` - Account verification  | [optional] 
-**verificationMethod** | **String** | Method of the verification.   Possible values:     - `02` - App-based authentication   - `04` - One-time passcode   - `21` - Visa Token Service step-up: Device binding   - `22` - Visa Token Service step-up: Cardholder verification   - `23` - FIDO2  | 
-**verificationResults** | **String** | Result of the verification.   Possible values:     - `01` - Verified   - `02` - Not Verified   - `03` - Not performed   - `04` - Not required   - `21` - Not allowed  | 
-**verificationTimestamp** | **String** | Date and time the verification occurred. UTC time in Unix epoch format. | 
+**verificationType** | **String** | Optional. Type of the verification data.   Possible values:   - `CARDHOLDER` (Default)   - `DEVICE`  | [optional] 
+**verificationEntity** | **String** | Optional. Entity performing the verification.   Possible value:     - `10` - VISA (Default)  | [optional] 
+**verificationEvents** | **[String]** | Optional. Event where the verification occurred.   Possible values:     - `01` - Payment transaction   - `02` - Add card/Card enrollment   - `03` - Profile access   - `04` - Account verification  | [optional] 
+**verificationMethod** | **String** | Required. Method of the verification.   Possible values:     - `02` - App-based authentication   - `04` - One-time passcode   - `21` - Visa Token Service step-up: Device binding   - `22` - Visa Token Service step-up: Cardholder verification   - `23` - FIDO2  | 
+**verificationResults** | **String** | Required. Result of the verification.   Possible values:     - `01` - Verified   - `02` - Not Verified   - `03` - Not performed   - `04` - Not required   - `21` - Not allowed  | 
+**verificationTimestamp** | **String** | Required. Date and time the verification occurred. UTC time in Unix epoch format. | 
 **authenticationContext** | [**Acpv1tokensAuthenticationContext**](Acpv1tokensAuthenticationContext.md) |  | [optional] 
 **authenticatedIdentities** | [**Acpv1tokensAuthenticatedIdentities**](Acpv1tokensAuthenticatedIdentities.md) |  | [optional] 
 **additionalData** | **String** | Additional data related to assurance. | [optional] 

package/docs/AuthReversalRequest.md

@@ -9,6 +9,7 @@ Name | Type | Description | Notes
 **orderInformation** | [**Ptsv2paymentsidreversalsOrderInformation**](Ptsv2paymentsidreversalsOrderInformation.md) |  | [optional] 
 **pointOfSaleInformation** | [**Ptsv2paymentsidreversalsPointOfSaleInformation**](Ptsv2paymentsidreversalsPointOfSaleInformation.md) |  | [optional] 
 **paymentInformation** | [**Ptsv2paymentsidreversalsPaymentInformation**](Ptsv2paymentsidreversalsPaymentInformation.md) |  | [optional] 
+**deviceInformation** | [**Ptsv2paymentsidreversalsDeviceInformation**](Ptsv2paymentsidreversalsDeviceInformation.md) |  | [optional] 
 **processorInformation** | [**Ptsv2paymentsProcessorInformationReversal**](Ptsv2paymentsProcessorInformationReversal.md) |  | [optional] 
 
 

package/docs/BatchesApi.md

@@ -153,7 +153,7 @@ No authorization required
 ### HTTP request headers
 
  - **Content-Type**: application/json;charset=utf-8
- - **Accept**: application/json;charset=utf-8
+ - **Accept**: application/json, application/json;charset=utf-8
 
 <a name="postBatch"></a>
 # **postBatch**

package/docs/Bavsv1accountvalidationsPaymentInformation.md

@@ -3,6 +3,9 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**bank** | [**Bavsv1accountvalidationsPaymentInformationBank**](Bavsv1accountvalidationsPaymentInformationBank.md) |  | 
+**customer** | [**Bavsv1accountvalidationsPaymentInformationCustomer**](Bavsv1accountvalidationsPaymentInformationCustomer.md) |  | [optional] 
+**paymentInstrument** | [**Bavsv1accountvalidationsPaymentInformationPaymentInstrument**](Bavsv1accountvalidationsPaymentInformationPaymentInstrument.md) |  | [optional] 
+**instrumentIdentifier** | [**Bavsv1accountvalidationsPaymentInformationInstrumentIdentifier**](Bavsv1accountvalidationsPaymentInformationInstrumentIdentifier.md) |  | [optional] 
+**bank** | [**Bavsv1accountvalidationsPaymentInformationBank**](Bavsv1accountvalidationsPaymentInformationBank.md) |  | [optional] 
 
 

package/docs/Bavsv1accountvalidationsPaymentInformationBank.md

@@ -3,7 +3,7 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**routingNumber** | **String** | Bank routing number. This is also called the transit number.  Non-Negative Integer  | 
+**routingNumber** | **String** | Bank routing number. This is also called the transit number.  Non-Negative String, containing only digits.  | 
 **account** | [**Bavsv1accountvalidationsPaymentInformationBankAccount**](Bavsv1accountvalidationsPaymentInformationBankAccount.md) |  | 
 
 

package/docs/Bavsv1accountvalidationsPaymentInformationBankAccount.md

@@ -3,6 +3,6 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**_number** | **String** | Account Number.  Non-Negative Integer. example: 12345678901234577  | 
+**_number** | **String** | Account Number.  Non-Negative String, containing only digits.  | 
 
 

package/docs/Bavsv1accountvalidationsPaymentInformationCustomer.md

@@ -0,0 +1,8 @@
+# CyberSource.Bavsv1accountvalidationsPaymentInformationCustomer
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Unique identifier for the Customer token. When this value is included in your request, the bank object becomes optional. | [optional] 
+
+

package/docs/Bavsv1accountvalidationsPaymentInformationInstrumentIdentifier.md

@@ -0,0 +1,8 @@
+# CyberSource.Bavsv1accountvalidationsPaymentInformationInstrumentIdentifier
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Unique identifier for the Instrument Identifier token. When this value is included in your request, the bank object becomes optional. | [optional] 
+
+

package/docs/Bavsv1accountvalidationsPaymentInformationPaymentInstrument.md

@@ -0,0 +1,8 @@
+# CyberSource.Bavsv1accountvalidationsPaymentInformationPaymentInstrument
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Unique identifier for the Payment Instrument token. When this value is included in your request, the bank object becomes optional. | [optional] 
+
+

package/docs/Bavsv1accountvalidationsTokenInformation.md

@@ -0,0 +1,9 @@
+# CyberSource.Bavsv1accountvalidationsTokenInformation
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**jti** | **String** | TMS Transient Token for BAVS detokenization. A 64 hexadecimal character identifier representing captured payment credentials. | [optional] 
+**transientTokenJwt** | **String** | Flex API Transient Token encoded as JWT for BAVS detokenization. Contains encrypted bank account information from Flex microform or Unified Payment checkout. | [optional] 
+
+

package/docs/CardProcessingConfigCommonProcessors.md

@@ -48,6 +48,10 @@ Name | Type | Description | Notes
 **enableLeastCostRouting** | **Boolean** | Indicates whether Least Cost Routing is enabled. Applicable for EFTPOS and CUP processors. | [optional] 
 **enableCVVResponseIndicator** | **Boolean** | This field denotes EFTPOS Merchant's choice of receiving CVV Processing Response in return. Applicable for EFTPOS processors. | [optional] 
 **enableMultiCurrencyProcessing** | **String** | Applicable for Barclays (barclays2) processor.  Validation details (for selected processors)...  <table> <thead><tr><th>Processor</th><th>Acceptance Type</th><th>Required</th><th>Default Value</th></tr></thead> <tr><td>Barclays</td><td>cnp, cp, hybrid</td><td>No</td><td>Yes</td></tr> </table>  | [optional] 
+**transactionTypeIdentifier** | **String** | Transaction Type Identifier (TTI) field for Mastercard AFT transactions. Maps to ISO field F104.65.32. Used to ensure compliance with Mastercard's requirements for money send transactions when wallet classifications differ between Visa and Mastercard schemes. Takes priority over BAI values for Mastercard AFT transactions when present. | [optional] 
+**subMerchantId** | **String** | The Sub merchant ID, sometimes referred to as the 'Seller ID' is generally used and *required for Aggregators and OptBlue participants. The 'Sub Merchant' is the Merchant whose transactions are submitted by a payment aggregator. | [optional] 
+**subMerchantEmail** | **String** | Sub Merchant Email of the Payment Facilitator's, OptBlue Participant | [optional] 
+**subMerchantPhoneNumber** | **String** | Sub Merchant Phone Number of the Payment Facilitator's, OptBlue Participant's | [optional] 
 **enablePosNetworkSwitching** | **Boolean** | 'POS Network Switching' or 'Alternate Routing' means merchant can process PIN Debit transactions without a PIN. Set the value to 'Yes' if it is supported. Applicable for FDI Global (fdiglobal) processor. | [optional] 
 **enableDynamicCurrencyConversion** | **Boolean** | Enable dynamic currency conversion for a merchant. | [optional] 
 **merchantTier** | **String** | Merchant Tier defines the type of merchant, the numeric Merchant Tier value is allocated by EFTPOS. Applicable for EFTPOS processors. | [optional] 

package/docs/CommerceSolutionsProducts.md

@@ -6,5 +6,6 @@ Name | Type | Description | Notes
 **tokenManagement** | [**CommerceSolutionsProductsTokenManagement**](CommerceSolutionsProductsTokenManagement.md) |  | [optional] 
 **accountUpdater** | [**CommerceSolutionsProductsAccountUpdater**](CommerceSolutionsProductsAccountUpdater.md) |  | [optional] 
 **binLookup** | [**CommerceSolutionsProductsBinLookup**](CommerceSolutionsProductsBinLookup.md) |  | [optional] 
+**agenticCommerce** | [**PaymentsProductsTax**](PaymentsProductsTax.md) |  | [optional] 
 
 

package/docs/CreateCreditRequest.md

@@ -20,5 +20,6 @@ Name | Type | Description | Notes
 **senderInformation** | [**Ptsv2creditsSenderInformation**](Ptsv2creditsSenderInformation.md) |  | [optional] 
 **promotionInformation** | [**Ptsv2paymentsPromotionInformation**](Ptsv2paymentsPromotionInformation.md) |  | [optional] 
 **processorInformation** | [**Ptsv2reversalsProcessorInformation**](Ptsv2reversalsProcessorInformation.md) |  | [optional] 
+**tokenInformation** | [**Ptsv2creditsTokenInformation**](Ptsv2creditsTokenInformation.md) |  | [optional] 
 
 

package/docs/CreateNewWebhooksApi.md

@@ -100,11 +100,11 @@ No authorization required
 ### HTTP request headers
 
  - **Content-Type**: application/json;charset=utf-8
- - **Accept**: application/hal+json;charset=utf-8
+ - **Accept**: application/json;charset=utf-8
 
 <a name="saveSymEgressKey"></a>
 # **saveSymEgressKey**
-> InlineResponse2015 saveSymEgressKey(vCSenderOrganizationId, vCPermissions, opts)
+> InlineResponse2015 saveSymEgressKey(opts)
 
 Create Webhook Security Keys
 
@@ -116,12 +116,10 @@ var CyberSource = require('CyberSource');
 
 var apiInstance = new CyberSource.CreateNewWebhooksApi();
 
-var vCSenderOrganizationId = "vCSenderOrganizationId_example"; // String | Sender organization id
-
-var vCPermissions = "vCPermissions_example"; // String | Encoded user permissions returned by the CGK, for the entity user who initiated the boarding
-
 var opts = { 
   'vCCorrelationId': "vCCorrelationId_example", // String | A globally unique id associated with your request
+  'vCSenderOrganizationId': "vCSenderOrganizationId_example", // String | Sender organization id
+  'vCPermissions': "vCPermissions_example", // String | Encoded user permissions returned by the CGK, for the entity user who initiated the boarding
   'saveSymEgressKey': new CyberSource.SaveSymEgressKey() // SaveSymEgressKey | Provide egress Symmetric key information to save (create or store or refresh)
 };
 
@@ -132,16 +130,16 @@ var callback = function(error, data, response) {
     console.log('API called successfully. Returned data: ' + data);
   }
 };
-apiInstance.saveSymEgressKey(vCSenderOrganizationId, vCPermissions, opts, callback);
+apiInstance.saveSymEgressKey(opts, callback);
 ```
 
 ### Parameters
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **vCSenderOrganizationId** | **String**| Sender organization id | 
- **vCPermissions** | **String**| Encoded user permissions returned by the CGK, for the entity user who initiated the boarding | 
  **vCCorrelationId** | **String**| A globally unique id associated with your request | [optional] 
+ **vCSenderOrganizationId** | **String**| Sender organization id | [optional] 
+ **vCPermissions** | **String**| Encoded user permissions returned by the CGK, for the entity user who initiated the boarding | [optional] 
  **saveSymEgressKey** | [**SaveSymEgressKey**](SaveSymEgressKey.md)| Provide egress Symmetric key information to save (create or store or refresh) | [optional] 
 
 ### Return type

package/docs/CredentialsApi.md

@@ -0,0 +1,55 @@
+# CyberSource.CredentialsApi
+
+All URIs are relative to *https://apitest.cybersource.com*
+
+Method | HTTP request | Description
+------------- | ------------- | -------------
+[**provisionMppCredentials**](CredentialsApi.md#provisionMppCredentials) | **POST** /acp/v1/mpp/credentials | Provision MPP credentials
+
+
+<a name="provisionMppCredentials"></a>
+# **provisionMppCredentials**
+> MppCredentialsResponse200 provisionMppCredentials(mppCredentialsRequest)
+
+Provision MPP credentials
+
+Provisions an encrypted MPP credential for use as the credential payload in an Authorization: Payment header (MPP spec Section 8.2). The caller provides an instrument identifier (referencing a stored card in TMS) and the challenge context from the merchant's 402 response, including the merchant's RSA public encryption key. This service:   1. Calls TMS to retrieve the network token and cryptogram for the instrument.   2. Builds the token plaintext (MPP spec Section 8.3, type: network_token).   3. Encrypts the plaintext using RSA-OAEP with SHA-256 and the merchant's public key.   4. Returns the MPP credential payload fields (MPP spec Section 8.2, Table 4). 
+
+### Example
+```javascript
+var CyberSource = require('CyberSource');
+
+var apiInstance = new CyberSource.CredentialsApi();
+
+var mppCredentialsRequest = new CyberSource.MppCredentialsRequest(); // MppCredentialsRequest | 
+
+
+var callback = function(error, data, response) {
+  if (error) {
+    console.error(error);
+  } else {
+    console.log('API called successfully. Returned data: ' + data);
+  }
+};
+apiInstance.provisionMppCredentials(mppCredentialsRequest, callback);
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **mppCredentialsRequest** | [**MppCredentialsRequest**](MppCredentialsRequest.md)|  | 
+
+### Return type
+
+[**MppCredentialsResponse200**](MppCredentialsResponse200.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json;charset=utf-8
+ - **Accept**: application/hal+json;charset=utf-8
+

package/docs/CustomerPaymentInstrumentApi.md

@@ -119,7 +119,7 @@ No authorization required
 
 <a name="getCustomerPaymentInstrumentsList"></a>
 # **getCustomerPaymentInstrumentsList**
-> PaymentInstrumentList getCustomerPaymentInstrumentsList(customerId, opts)
+> PaymentInstrumentList1 getCustomerPaymentInstrumentsList(customerId, opts)
 
 List Payment Instruments for a Customer
 
@@ -160,7 +160,7 @@ Name | Type | Description  | Notes
 
 ### Return type
 
-[**PaymentInstrumentList**](PaymentInstrumentList.md)
+[**PaymentInstrumentList1**](PaymentInstrumentList1.md)
 
 ### Authorization
 

package/docs/EnrollmentApi.md

@@ -13,7 +13,7 @@ Method | HTTP request | Description
 
 Enroll a card
 
-Enroll a card for tokenization during the customer's account registration or when the customer starts a new purchase intent.
+Enroll a payment card for agentic or e-commerce transactions. This is typically the first step in the Intelligent Commerce payment lifecycle — the agent calls this endpoint to register a consumer's card, creating a tokenized reference that can be used in subsequent purchase instructions and payment credential retrieval. Requires device information, consumer identity, billing details, and payment instrument references. Returns a status of ACTIVE (HTTP 200) if enrollment completes immediately, or PENDING (HTTP 202) with pendingEvents if cardholder authentication is required. Call this endpoint when a consumer wants to add a new payment card or when setting up a card for agentic payment flows.
 
 ### Example
 ```javascript

package/docs/GetAllSubscriptionsResponseOrderInformationAmountDetailsSurcharge.md

@@ -4,5 +4,6 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **amount** | **String** | Surcharge amount that you are charging the customer for this subscription. The surcharge amount will be added to the billing amount.  The issuer can provide information about the surcharge amount to the customer.  **NOTE**: This field is supported only for CyberSource through VisaNet (CtV) for Payouts. For CtV, the maximum string length is 8.  | [optional] 
+**description** | **String** | Description of the surcharge.  | [optional] 
 
 

package/docs/GetSubscriptionsPaymentsResponse.md

@@ -0,0 +1,13 @@
+# CyberSource.GetSubscriptionsPaymentsResponse
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**links** | [**GetSubscriptionsPaymentsResponseLinks**](GetSubscriptionsPaymentsResponseLinks.md) |  | [optional] 
+**submitTimeUtc** | **String** | Time of request in UTC. Format: `YYYY-MM-DDThh:mm:ssZ` **Example** `2016-08-11T22:47:57Z` equals August 11, 2016, at 22:47:57 (10:47:57 p.m.). The `T` separates the date and the time. The `Z` indicates UTC.  Returned by Cybersource for all services.  | [optional] 
+**totalCount** | **Number** | Total number of payments returned for the subscription, including both past payments and those specified in scheduledPaymentsCount. | [optional] 
+**cyclesCompletedCount** | [**GetSubscriptionsPaymentsResponseCyclesCompletedCount**](GetSubscriptionsPaymentsResponseCyclesCompletedCount.md) |  | [optional] 
+**billingCyclesToSkip** | **[Number]** | A list of billing cycles that are marked to be skipped. | [optional] 
+**subscriptionPayment** | [**[GetSubscriptionsPaymentsResponseSubscriptionPayment]**](GetSubscriptionsPaymentsResponseSubscriptionPayment.md) | The list of subscription payment details. | [optional] 
+
+

package/docs/GetSubscriptionsPaymentsResponse1.md

@@ -0,0 +1,11 @@
+# CyberSource.GetSubscriptionsPaymentsResponse1
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**links** | [**GetSubscriptionsPaymentsResponse1Links**](GetSubscriptionsPaymentsResponse1Links.md) |  | [optional] 
+**submitTimeUtc** | **String** | Time of request in UTC. Format: `YYYY-MM-DDThh:mm:ssZ` **Example** `2016-08-11T22:47:57Z` equals August 11, 2016, at 22:47:57 (10:47:57 p.m.). The `T` separates the date and the time. The `Z` indicates UTC.  Returned by Cybersource for all services.  | [optional] 
+**status** | **String** | The status of the submitted transaction.  Possible values:  - COMPLETED  - PENDING_REVIEW  - DECLINED  - INVALID_REQUEST  | [optional] 
+**billingCyclesToSkip** | **[Number]** | A list of billing cycles that are marked to be skipped. | [optional] 
+
+

package/docs/{PblPaymentLinksPost201ResponseLinks.md → GetSubscriptionsPaymentsResponse1Links.md}

@@ -1,4 +1,4 @@
-# CyberSource.PblPaymentLinksPost201ResponseLinks
+# CyberSource.GetSubscriptionsPaymentsResponse1Links
 
 ## Properties
 Name | Type | Description | Notes

package/docs/GetSubscriptionsPaymentsResponseCyclesCompletedCount.md

@@ -0,0 +1,8 @@
+# CyberSource.GetSubscriptionsPaymentsResponseCyclesCompletedCount
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**paid** | **Number** | The number of payment cycles that have status PAID. | [optional] 
+
+

package/docs/GetSubscriptionsPaymentsResponseLinks.md

@@ -0,0 +1,10 @@
+# CyberSource.GetSubscriptionsPaymentsResponseLinks
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**self** | [**PtsV2PaymentsPost201ResponseLinksSelf**](PtsV2PaymentsPost201ResponseLinksSelf.md) |  | [optional] 
+**next** | [**PtsV2PaymentsPost201ResponseLinksSelf**](PtsV2PaymentsPost201ResponseLinksSelf.md) |  | [optional] 
+**prev** | [**PtsV2PaymentsPost201ResponseLinksSelf**](PtsV2PaymentsPost201ResponseLinksSelf.md) |  | [optional] 
+
+

package/docs/GetSubscriptionsPaymentsResponseSubscriptionPayment.md

@@ -0,0 +1,22 @@
+# CyberSource.GetSubscriptionsPaymentsResponseSubscriptionPayment
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **String** | Identifier assigned by Recurring Billing to uniquely reference this billing cycle's payment, distinct from the Cybersource transactionID. | [optional] 
+**status** | **String** | The current status of the payment.  Possible values:    - SCHEDULED    - PAID   - FAILED   - SKIPPED   - SCHEDULED_SKIPPED  | [optional] 
+**paymentType** | **String** | The type of payment. Possible values: - STANDARD - RETRY  | [optional] 
+**transactionID** | **String** | An unique identification number generated by Cybersource to identify the submitted request. Returned by all services. It is also appended to the endpoint of the resource. On incremental authorizations, this value with be the same as the identification number returned in the original authorization response.  | [optional] 
+**_date** | **Date** | The date and time of the payment processing. | [optional] 
+**currency** | **String** | Currency used for the order. Use the three-character [ISO Standard Currency Codes.](http://apps.cybersource.com/library/documentation/sbc/quickref/currencies.pdf)  #### Used by **Authorization** Required field.  **Authorization Reversal** For an authorization reversal (`reversalInformation`) or a capture (`processingOptions.capture` is set to `true`), you must use the same currency that you used in your payment authorization request.  #### PIN Debit Currency for the amount you requested for the PIN debit purchase. This value is returned for partial authorizations. The issuing bank can approve a partial amount if the balance on the debit card is less than the requested transaction amount. For the possible values, see the [ISO Standard Currency Codes](https://developer.cybersource.com/library/documentation/sbc/quickref/currencies.pdf). Returned by PIN debit purchase.  For PIN debit reversal requests, you must use the same currency that was used for the PIN debit purchase or PIN debit credit that you are reversing. For the possible values, see the [ISO Standard Currency Codes](https://developer.cybersource.com/library/documentation/sbc/quickref/currencies.pdf).  Required field for PIN Debit purchase and PIN Debit credit requests. Optional field for PIN Debit reversal requests.  #### GPX This field is optional for reversing an authorization or credit.  #### DCC for First Data Your local currency.  #### Tax Calculation Required for international tax and value added tax only. Optional for U.S. and Canadian taxes. Your local currency.  | [optional] 
+**billingStartDate** | **Date** | The start date of the billing cycle for this payment. | [optional] 
+**billingEndDate** | **Date** | The end date of the billing cycle for this payment. | [optional] 
+**billingCycle** | **String** | The billing cycle number. | [optional] 
+**paymentNumber** | **String** | The sequential number of the payment in the subscription. | [optional] 
+**billingAmount** | **String** | The amount billed for this payment. | [optional] 
+**setupFee** | **String** | The setup fee associated with the payment. | [optional] 
+**surchargeAmount** | **String** | The surcharge amount, if any. | [optional] 
+**surchargeDescription** | **String** | The description for the surcharge. | [optional] 
+**modifiable** | **Boolean** | Indicates if the payment is modifiable, meaning it can be skipped or restored. | [optional] 
+
+