Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Gianluca-X/DigitalMoney/llms.txt

Use this file to discover all available pages before exploring further.

Link a new debit or credit card to a digital-money account. The service authenticates the request by reading the JWT from the Authorization header, resolves the account from the token’s email claim, and verifies that the resolved account matches the accountId path parameter. If a card with the same number already exists anywhere in the system, the operation is rejected with 409 Conflict.

Endpoint

POST /accounts/{accountId}/cards
Base URL: http://localhost:8085

Authentication

A valid Bearer JWT is required in the Authorization header. The service extracts the authenticated user’s email from the security context to validate account ownership before creating the card.

Path Parameters

accountId
long
required
The numeric ID of the account to link the card to.

Request Body

Send a JSON object with the following fields (mapped to CreateCardEntryDTO):
number
string
required
The full card number (e.g. "4111111111111111"). Must not be blank. The service checks uniqueness globally across all accounts — a duplicate number triggers a 409.
name
string
required
Card holder name exactly as it appears on the card (e.g. "Jane Doe").
expiry
string
required
Card expiration date in MM/YY format (e.g. "09/27").
cvc
string
required
The 3- or 4-digit card security code (CVV/CVC).

Response

On success, returns 201 Created with the newly created CardOutDTO.

Response Fields

id
long
Auto-generated ID assigned to the new card record.
number
string
Card number as stored.
name
string
Card holder name.
expiry
string
Expiration date of the card.
cvc
string
Security code of the card.
accountId
long
The account the card was linked to.

Example Request

curl -X POST "http://localhost:8085/accounts/42/cards" \
  -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d '{
    "number": "4111111111111111",
    "name": "Jane Doe",
    "expiry": "09/27",
    "cvc": "123"
  }'

Example Response

{
  "id": 7,
  "number": "4111111111111111",
  "name": "Jane Doe",
  "expiry": "09/27",
  "cvc": "123",
  "accountId": 42
}

Error Responses

StatusExceptionCondition
400 Bad RequestBadRequestExceptionRequest body is malformed or number is blank.
401 UnauthorizedAuthorization header is missing or does not start with Bearer .
404 Not FoundResourceNotFoundExceptionNo account found for the email in the token, or the resolved account does not match accountId.
409 ConflictCardAlreadyExistsExceptionA card with the same number already exists anywhere in the system.
500 Internal Server ErrorUnexpected server-side error.
Card numbers are validated for uniqueness globally, not just per account. If the same physical card number has been added to any account, subsequent attempts return 409 Conflict.
The accountId in the path must correspond to the account that owns the JWT. Attempting to create a card for another account will result in a 404 (account mismatch during ownership validation).

Build docs developers (and LLMs) love