Documentation Index
Fetch the complete documentation index at: https://mintlify.com/mercadopago/sdk-java/llms.txt
Use this file to discover all available pages before exploring further.
CardTokenClient provides PCI-compliant card tokenization for the Mercado Pago Java SDK. A card token is a short-lived, single-use identifier that represents sensitive card data (card number, CVV, expiry) without exposing it to your server. Tokens are created in the frontend using the MercadoPago.js SDK or Checkout Bricks and are then sent to your backend where they are used to create a payment. Card tokens cannot be reused across payment attempts — if a payment fails, a new token must be generated. For recurring payment scenarios where you want to save a card permanently, tokenize the card and then attach it to a customer using CustomerCardClient.
CardTokenClient
Package:com.mercadopago.client.cardtoken
Constructors
Methods
create
Creates a new card token from a saved customer card. This is the server-side tokenization path used when re-charging a card that has already been saved to a Customer — you supply the cardId and customerId, along with the CVV to generate a fresh single-use token.
Card token request parameters. See CardTokenRequest fields.
Optional per-request overrides for access token, headers, or timeouts. Pass
null to use defaults.CardToken — the created token. Use cardToken.getId() as the token field when creating a payment.
get
Retrieves a card token by its unique identifier. Useful for inspecting token metadata (e.g., masked card number, expiration) without re-sending card data.
Unique identifier of the card token to retrieve.
Optional per-request overrides.
CardToken
CardTokenRequest fields
CardTokenRequest is a Lombok @Builder class with the following fields:
Unique identifier of a saved card associated with a customer. Required when re-tokenizing a stored card for a repeat charge.
Unique identifier of the customer who owns the saved card. Required alongside
cardId for stored-card tokenization.CVV/CVC printed on the card. Required when creating a token from a saved card to meet issuer security requirements.
When tokenizing a new card on the frontend (first-time checkout), use the MercadoPago.js SDK or Checkout Bricks — these tools send card data directly to Mercado Pago’s servers and return a token without the raw card data ever touching your backend. The
CardTokenClient.create method is used in backend flows for re-charging previously saved cards.Code Example
Card tokens are single-use and expire after a short period (typically 7 days). Do not store the raw token for later reuse — generate a new one for each payment attempt. To save a card for repeated charges, use
CustomerCardClient.create after a successful first payment, then use CardTokenClient.create with the saved cardId and customerId for subsequent charges.