POST /v1/users/inquiryUserCardList returns user bank card list based on scopes granted through my.getAuthCode. Pass the accessToken issued by applyToken; the response includes the list of bank cards associated with the user when authorized.
CARD_LIST scope when calling my.getAuthCode to obtain the authorization code.| Method | Path |
|---|---|
POST | /v1/users/inquiryUserCardList |
A message consists of a header and body. The following sections are focused on the body structure. For the header structure, see: OpenAPIs Overview.
| Field | Type | Required | Description | Example |
|---|---|---|---|---|
accessToken | string | Yes | Access token for querying user bank card list (max 128 characters; disallow @, #, ?). Obtain via applyToken. | "281010033AB2F588D14B43238637264FCA5AAF35xxxx" |
{
"accessToken": "281010033AB2F588D14B43238637264FCA5AAF35xxxx"
}
| Field | Type | Required | Description |
|---|---|---|---|
result | object | Yes | Outcome metadata containing status and error codes. |
cardList | array<CardInfo> | No | User bank card list queried by the merchant. Must be returned when result.resultStatus is S. Returns empty array [] when user has not bound any bank card. |
| Property | Type | Required | Description |
|---|---|---|---|
accountNumber | string | Yes | Account number (max 32 characters). |
maskedCardNo | string | Yes | Masked card number (max 32 characters). |
{
"result": {
"resultCode": "SUCCESS",
"resultStatus": "S",
"resultMessage": "Success"
},
"cardList": [
{
"maskedCardNo": "123*****789",
"accountNumber": "123456789"
},
{
"maskedCardNo": "987*****321",
"accountNumber": "987654321"
}
]
}
| Status | Description |
|---|---|
S | Inquiry succeeded. Use accessToken to access user information within the corresponding scope. |
U | Result unknown (resultCode: UNKNOWN_EXCEPTION, resultMessage: "An API calling is failed, which is caused by unknown reasons."). Retry or review Common error codes. |
F | Inquiry failed. Inspect resultCode and see Error codes. |
| Error Code | Result Status | Message | Next Step |
|---|---|---|---|
INVALID_ACCESS_TOKEN | F | The access token is not valid. | Obtain a new authorization code via my.getAuthCode, then exchange using applyToken. |
ACCESS_TOKEN_NOT_COVER_THE_SCOPE | F | The access token permission scope does not contain specified scope. | Check the permission for the access token and try again. |