Business API
Retrieve card details
api
get
/cards/{card_id}

Retrieve card details

Get the details of a specific card, based on its ID.

note

This feature is available in the UK, US, the EEA, and SG.

This feature is not available in Sandbox.

To use the Cards API, please contact Revolut API Support.

For more information, see the guides: Manage cards.

Access Token

Each Business API request must contain an authorization header in the following format to make a call: Bearer <your_access_token>.

The access token will be obtained the first time you set up your application and has an expiration of 40 minutes. During setup, a refresh_token will also be obtained which allows to obtain a new access_token.

danger

Never share your client-assertion JWT (JSON web token), access_token and refresh_token with anyone, as these can be used to access your banking data and initiate transactions.

Access tokens can be issued with four security scopes and require a JWT (JSON Web Token) signature to be obtained:

  • READ: Permissions for GET operations.

  • WRITE: Permissions to update counterparties, webhooks, and issue payment drafts.

  • PAY: Permissions to initiate or cancel transactions and currency exchanges.

  • READ_SENSITIVE_CARD_DATA: Permissions to retrieve sensitive card details.

    caution

    If you enable the READ_SENSITIVE_CARD_DATA scope for your access token, you must set up IP whitelisting. Failing to do so will prevent you from accessing any Business API endpoint.

    IP whitelisting means that you must specify an IP or a set of IPs which will be the only IPs from which requests to the API will be accepted. To do so:

    1. Go to the Revolut Business web app settingsAPIsBusiness API.
    2. Select the corresponding API certificate.
    3. In Production IP whitelist, provide the IP(s) which should be whitelisted, and save.

To configure your JWT and obtain the refresh and first access tokens, complete the following steps:

  1. Sign up for a Revolut Business account
  2. Prepare your Sandbox environment
  3. Make your first API request

Request

Path Parameters
Path Parameters

The ID of the card.

Response

Information about the card

Response body
Body object 

The ID of the card.

The ID of the team member who is the holder of the card. If the card belongs to the business, this will be empty.

For more information, see the guides: Manage Cards - Create a virtual card.

Possible number of items: non-empty and <= 5 items, unique

The list of contacts for a company card.

The date and time the card was created in ISO 8601 format.

The date and time the card was last updated in ISO 8601 format.

The card product offered by the card provider for this card. In other words, the program that the card was issued under.

note

This property is only available to travel intermediaries using our travel solution. To use it, please contact Revolut API Support.

The code of the card product.

Specifies whether the card is virtual (true) or physical (false).

Pattern: Value must match regular expression ^[0-9]{4}$

The last 4 digits of the card's PAN.

Pattern: Value must match regular expression ^[0-9]{2}/[0-9]{4}$

The card expiration date.

The label of the card.

Possible number of items: non-empty and <= 5 items, unique
Example: [{"name":"PNR","value":"RT12345"},{"name":"Traveller","value":"John Smith"}]

References for the card. Up to 5 name-value pairs assigned to the card for tracking.

info

Each time the card is used, the references are recorded in the transaction details (card.references), helping track transactions made with this card.

The names must be unique. The references can be amended up to 10 times.

References are only supported for cards owned by the business (i.e. company or auto-issued cards). They are not supported for team member cards (i.e. with holder_id present).

note

The references recorded on a transaction are those assigned to the card at the time the transaction took place. If the references are amended, they will only be applied to future transactions. Existing transaction are not affected.

Possible length: non-empty and <= 30 characters

The name of the card reference. Must be unique.

Possible length: non-empty and <= 30 characters

The value for this reference.

Possible values: [created, pending, active, frozen, locked]

The state that the card is in.

Possible values:

  • active: The card is available for spending. Newly created cards typically go into active unless subject to certain conditions, for example, spending period starting in the future.
  • frozen: The card has been frozen and is temporarily unavailable for spending.
  • locked: The card is locked, typically due to an admin lock or spending period settings, i.e. when its spending_period.start_date is in the future or spending_period.end_date is in the past. A locked card is unavailable for spending until it's unlocked and active.
    tip

    To see if the card can be unlocked, check the can_be_unlocked parameter. Note that you'll still need the necessary scope or permission to unlock it.

  • created: The card has been created but is not yet active. Used only for a specific type of cards.
  • pending: This status is currently not in use.

Returned for locked cards (state=locked). Indicates whether the card can be unlocked manually (via API or in-app). If true, you'll still need the necessary scope or permission to unlock the card.

info

Cards can be locked for various reasons. For example, a card can be locked by the user, due to spending period settings, or automatically by the system. Only certain types of lock can be lifted manually.

The spend program assigned to the card.

note

To use this property, please contact Revolut API Support.

Possible length: <= 30 characters

The name of the spend program.

Example: {"single":{"amount":200.22,"currency":"GBP"},"week":{"amount":200.44,"currency":"GBP"}}

All spending limits set for the card.

The limit for a single transaction.

The value of the spending limit.

Pattern: Value must match regular expression ^[A-Z]{3}$

The currency of the spending limit, provided as ISO 4217 code in upper case.

The daily limit for transactions.

The value of the spending limit.

Pattern: Value must match regular expression ^[A-Z]{3}$

The currency of the spending limit, provided as ISO 4217 code in upper case.

The weekly limit for transactions.

The value of the spending limit.

Pattern: Value must match regular expression ^[A-Z]{3}$

The currency of the spending limit, provided as ISO 4217 code in upper case.

The monthly limit for transactions.

The value of the spending limit.

Pattern: Value must match regular expression ^[A-Z]{3}$

The currency of the spending limit, provided as ISO 4217 code in upper case.

The quarterly limit for transactions.

The value of the spending limit.

Pattern: Value must match regular expression ^[A-Z]{3}$

The currency of the spending limit, provided as ISO 4217 code in upper case.

The yearly limit for transactions.

The value of the spending limit.

Pattern: Value must match regular expression ^[A-Z]{3}$

The currency of the spending limit, provided as ISO 4217 code in upper case.

The all-time limit for transactions.

The value of the spending limit.

Pattern: Value must match regular expression ^[A-Z]{3}$

The currency of the spending limit, provided as ISO 4217 code in upper case.

The controls for the card's spending period.

They specify the dates when the card becomes available or unavailable for spending, and define what happens after the end date.

Example: "2025-09-26"

The start date (inclusive) of the spending period, in ISO 8601 format (YYYY-MM-DD). Uses the timezone set by the business, or defaults to Europe/London.

Example: "2030-12-31"

The end date (inclusive) of the spending period, in ISO 8601 format (YYYY-MM-DD). Uses the timezone set by the business, or defaults to Europe/London.

Possible values: [lock, terminate]

The action to take after the end date of the spending period.

Possible values: [health, general, services, airlines, transport, accommodation, utilities, shopping, financial, furniture, hardware, groceries, fuel, entertainment, software, restaurants, advertising, cash, education, government]

The list of merchant categories that are available for card spending. If not specified, categories are not restricted.

The merchant-level controls for card spending.

They block or allow the card to only transact with specific merchants:

  • allow: permits only the specified merchants (cannot be used if the categories parameter is set)
  • block: blocks the specified merchants (can be used with or without categories)

Possible values: [block, allow]

The type of control to apply.

Possible number of items: non-empty and <= 20 items

The list of IDs of merchants to which the control applies.

tip

To find merchant IDs, check transaction details (→ merchant.id). You can fetch transaction details for a specific transaction or for all transactions.

Pattern: Value must match regular expression ^[A-Z]{2}$
Example: "GB"

The list of countries where the card can be used, specified as 2-letter ISO 3166 codes.

The list of linked accounts.

Was this page helpful?
Loading...