# Create Card

To create/request a physical card, you are required to create a [tier 2 (full KYC)](/subaccount/create-customer-full-kyc.md) account for your customer.

<mark style="color:green;">`POST`</mark> {{base\_url}}/business/debitcard-issuance

#### Headers

| Name                                            | Type   | Description |
| ----------------------------------------------- | ------ | ----------- |
| Authorization<mark style="color:red;">\*</mark> | String | SECRET\_KEY |

#### Request Body

| Name                                              | Type    | Description                                                                                                  |
| ------------------------------------------------- | ------- | ------------------------------------------------------------------------------------------------------------ |
| customerid<mark style="color:red;">\*</mark>      | Sting   | Tracking ID returned from the create customer endpoint                                                       |
| cardtype<mark style="color:red;">\*</mark>        | String  | Specify the type of card requesting for as **debit** or **credit**                                           |
| photocustomised<mark style="color:red;">\*</mark> | Boolean | <p>Specify if the card should be cutomize with photo or plain.<br>Required value should be true or false</p> |
| photo                                             | String  | A valid url of the customer photo. Only required if the photocustomised value above is true                  |
| nin<mark style="color:red;">\*</mark>             | String  | Customer NIN e.g 21311266613                                                                                 |

{% hint style="danger" %}
Your secret keys are to be kept confidential and stored only on your servers. Do not pass your secret key to the front-end language where it can be exploited.
{% endhint %}

Take a look at how you might do this:

{% tabs %}
{% tab title="cURL" %}

```php
curl --location '{{base_url}}/business/debitcard-issuance' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer SECRET_KEY' \
--data-raw '{
    "customerid": "891106211211"
    "cardtype": "debit",
    "nin": "21121212029",
    "photocustomised": false,
    "photo": ""
}'
```

{% endtab %}

{% tab title="NodeJs" %}

```javascript
const axios = require('axios');
let data = JSON.stringify({
  "customerid": "891106211211"
  "cardtype": "debit",
  "nin": "21121212029",
  "photocustomised": false,
  "photo": ""
});

let config = {
  method: 'post',
  maxBodyLength: Infinity,
  url: '{{base_url}}/business/debitcard-issuance',
  headers: { 
    'Content-Type': 'application/json', 
    'Authorization': 'Bearer SECRET_KEY' 
  },
  data : data
};

axios.request(config)
.then((response) => {
  console.log(JSON.stringify(response.data));
})
.catch((error) => {
  console.log(error);
});

```

{% endtab %}

{% tab title="PHP - cURL" %}

```php
$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => '{{base_url}}/business/debitcard-issuance',
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'POST',
  CURLOPT_POSTFIELDS =>'{
    "customerid": "891106211211"
    "cardtype": "debit",
    "nin": "21121212029",
    "photocustomised": false,
    "photo": ""
}',
  CURLOPT_HTTPHEADER => array(
    'Content-Type: application/json',
    'Authorization: Bearer SECRET_KEY',
  ),
));

$response = curl_exec($curl);

curl_close($curl);
echo $response;

```

{% endtab %}

{% tab title="Dart" %}

```dart
var headers = {
  'Content-Type': 'application/json',
  'Authorization': 'Bearer SECRET_KEY'
};
var request = http.Request('POST', Uri.parse('{{base_url}}/business/debitcard-issuance'));
request.body = json.encode({
  "customerid": "891106211211"
  "cardtype": "debit",
  "nin": "21121212029",
  "photocustomised": false,
  "photo": ""
});
request.headers.addAll(headers);

http.StreamedResponse response = await request.send();

if (response.statusCode == 200) {
  print(await response.stream.bytesToString());
}
else {
  print(response.reasonPhrase);
}

```

{% endtab %}
{% endtabs %}

## Sample response

{% tabs %}
{% tab title="Successful" %}

```json
{
    "status": true,
    "responsecode": "01",
    "message": "Card Request Successfully Submitted for John Doe",
    "data": {
        "requestid": "1fc0e17f-31ea-c9ea-0230-770e7c7bf876",
        "customerid": "BLD19661746"
    }
}
```

{% endtab %}

{% tab title="Failed" %}

```json
{
    "status": false,
    "responsecode": "00",
    "message": "Unable to process request. Invalid authorization key",
    "requestid": ""
}
```

{% endtab %}
{% endtabs %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.1app.online/cards-virtual-and-physical/physical-card/create-card.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.