Get cards
curl --request GET \
--url https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards")
.header("Authorization", "Bearer <token>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"success": true,
"data": [
{
"id": "crd_9f2a1c4b",
"status": "ACTIVE",
"cardType": "VIRTUAL",
"maskedPan": "•••• •••• •••• 4242",
"cardScheme": "VISA",
"cvv": "***",
"expiryDate": "12/29",
"currency": "GBP",
"nickName": "Online subscriptions",
"limitGroupId": "lg_2b4d6f8a",
"accountType": "CONSUMER",
"createdAt": "2026-06-18T10:32:00Z"
},
{
"id": "crd_4d7e2a9f",
"status": "BLOCKED",
"cardType": "PHYSICAL",
"maskedPan": "•••• •••• •••• 1881",
"cardScheme": "VISA",
"cvv": "***",
"expiryDate": "08/28",
"currency": "GBP",
"nickName": "Everyday spend",
"accountType": "CONSUMER",
"createdAt": "2026-02-04T09:14:00Z"
}
]
}{
"success": false,
"code": "UNAUTHORIZED",
"message": "Unauthorized"
}{
"success": false,
"code": "CARD_NOT_FOUND",
"message": "Card not found"
}Cards
Get cards
List the cards on an account.
GET
/
v1
/
customers
/
{customerId}
/
accounts
/
{accountId}
/
cards
Get cards
curl --request GET \
--url https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards")
.header("Authorization", "Bearer <token>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.next.orenda.finance/v1/customers/{customerId}/accounts/{accountId}/cards")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"success": true,
"data": [
{
"id": "crd_9f2a1c4b",
"status": "ACTIVE",
"cardType": "VIRTUAL",
"maskedPan": "•••• •••• •••• 4242",
"cardScheme": "VISA",
"cvv": "***",
"expiryDate": "12/29",
"currency": "GBP",
"nickName": "Online subscriptions",
"limitGroupId": "lg_2b4d6f8a",
"accountType": "CONSUMER",
"createdAt": "2026-06-18T10:32:00Z"
},
{
"id": "crd_4d7e2a9f",
"status": "BLOCKED",
"cardType": "PHYSICAL",
"maskedPan": "•••• •••• •••• 1881",
"cardScheme": "VISA",
"cvv": "***",
"expiryDate": "08/28",
"currency": "GBP",
"nickName": "Everyday spend",
"accountType": "CONSUMER",
"createdAt": "2026-02-04T09:14:00Z"
}
]
}{
"success": false,
"code": "UNAUTHORIZED",
"message": "Unauthorized"
}{
"success": false,
"code": "CARD_NOT_FOUND",
"message": "Card not found"
}Lists the account’s cards. The PAN is masked and the CVV is hidden; use secure
details to show the real values.
Authorizations
The user's access token. The program and environment come from the token.
Path Parameters
The customer's id.
The account the card belongs to. A customer can have several accounts; cards are issued against one.
⌘I