{
  "openapi": "3.0.0",
  "info": {
    "title": "Outbound Physical Card API",
    "version": "1.0",
    "description": "Physical Card API to be supported by the Credential Management System",
    "contact": {
      "name": "Thales Support",
      "url": "https://www.thalesgroup.com/en/markets/digital-identity-and-security",
      "email": "thalessupport@thalesgroup.com"
    }
  },
  "servers": [
    {
      "url": "https://api.your-domain.com",
      "description": "Production server"
    },
    {
      "url": "https://api-stg.your-domain.com",
      "description": "Staging server"
    }
  ],
  "security": [
    {
      "bearerAuth": []
    }
  ],
  "paths": {
    "/cms/api/v1/issuers/{issuerId}/physicalCards/{cardId}/activate": {
      "parameters": [
        {
          "$ref": "#/components/parameters/issuer-id-path"
        },
        {
          "$ref": "#/components/parameters/card-id-path"
        },
        {
          "$ref": "#/components/parameters/x-correlation-id-output"
        }
      ],
      "post": {
        "summary": "Activate Card",
        "operationId": "ActivateCard",
        "responses": {
          "204": {
            "description": "Card successfully activated."
          },
          "400": {
            "$ref": "#/components/responses/BadRequestOutbound"
          },
          "401": {
            "$ref": "#/components/responses/UnauthorizedOutbound"
          },
          "403": {
            "$ref": "#/components/responses/ForbiddenForPhysicalCardOutbound"
          },
          "404": {
            "$ref": "#/components/responses/NotFoundForPhysicalCardOutbound"
          },
          "500": {
            "$ref": "#/components/responses/InternalServerErrorOutbound"
          }
        },
        "description": "This API is used by D1 to activate a physical card in the issuer backend.\n<br/><br/>\nThe operation is <b>idempotent</b>: if the card is already active, the request\ncompletes successfully and returns <code>204 No Content</code>\n<br/>\nThis operation does not require a request body.\n<br/><br/>\nSecurity for this endpoint is enforced outside of the OpenAPI contract\n(for example, via mutual TLS, private network connectivity, or IP allow‑listing).\n"
      }
    }
  },
  "components": {
    "securitySchemes": {
      "bearerAuth": {
        "type": "http",
        "description": "A JWT generated by the [Get Authorization Token API](oauth2-api).<br/>The server checks the validity of the provided token to control access to this protected resource. Please refer to [Get OAuth 2.0 access token](../../../integrate-the-d1-api/get-oauth-2.0-access-token) for more details on the flow and on how to get this JWT.",
        "scheme": "bearer",
        "bearerFormat": "JWT"
      }
    },
    "responses": {
      "BadRequestOutbound": {
        "description": "Bad Request, Invalid request URI or header, or unsupported non-standard parameter",
        "content": {
          "application/json": {
            "schema": {
              "$ref": "#/components/schemas/errorGenericOutbound"
            }
          }
        }
      },
      "UnauthorizedOutbound": {
        "description": "The provided Authorization header is missing or invalid",
        "content": {
          "application/json": {
            "schema": {
              "$ref": "#/components/schemas/errorGenericOutbound"
            }
          }
        }
      },
      "ForbiddenForPhysicalCardOutbound": {
        "description": "Forbidden action, check the state of the linked end user (consumer) or account or card",
        "content": {
          "application/json": {
            "schema": {
              "$ref": "#/components/schemas/errorGenericOutbound"
            }
          }
        }
      },
      "NotFoundForPhysicalCardOutbound": {
        "description": "Resource not found, Unknown issuerId or consumerId or accountId or card id",
        "content": {
          "application/json": {
            "schema": {
              "$ref": "#/components/schemas/errorGenericOutbound"
            }
          }
        }
      },
      "InternalServerErrorOutbound": {
        "description": "Internal Server Error",
        "content": {
          "application/json": {
            "schema": {
              "$ref": "#/components/schemas/errorGenericOutbound"
            }
          }
        }
      }
    },
    "schemas": {
      "issuerId": {
        "maxLength": 10,
        "minLength": 10,
        "type": "string"
      },
      "cardId": {
        "type": "string",
        "description": "Unique identifier of the card.",
        "minLength": 1,
        "maxLength": 48,
        "pattern": "^[A-Za-z0-9_-]{1,48}$"
      },
      "errorGenericOutbound": {
        "type": "object",
        "description": "Generic error returned by the APIs.",
        "properties": {
          "error": {
            "type": "string",
            "description": "Description of the error.",
            "example": "Card does not exist"
          }
        }
      }
    },
    "parameters": {
      "issuer-id-path": {
        "description": "The id of the issuer",
        "in": "path",
        "name": "issuerId",
        "required": true,
        "schema": {
          "$ref": "#/components/schemas/issuerId"
        }
      },
      "card-id-path": {
        "description": "The id of the card",
        "in": "path",
        "name": "cardId",
        "required": true,
        "schema": {
          "$ref": "#/components/schemas/cardId"
        }
      },
      "x-correlation-id-output": {
        "description": "Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.\n\nThere is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.",
        "in": "header",
        "name": "x-correlation-id",
        "schema": {
          "type": "string"
        }
      }
    }
  }
}