Skip to main content
POST
/
programs
/
{id}
/
products
Create a product
curl --request POST \
  --url https://api.fyatu.com/api/v3.20/programs/{id}/products \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "Prepaid VISA Consumer 12m",
  "scheme": "VISA",
  "cardType": "CONSUMER",
  "features": {
    "has3DS": true,
    "hasApplePay": true,
    "hasGooglePay": true,
    "hasJIT": false,
    "hasSpendControl": false,
    "hasMccControl": false
  },
  "controls": {
    "isReloadable": false,
    "isOneTimeUse": false,
    "cardTTLMonths": 12,
    "maxCardsPerCardholder": 5,
    "spendingLimit": 1000,
    "spendingPeriod": "TRANSACTION"
  }
}
'
{
  "success": true,
  "status": 201,
  "message": "Product created",
  "data": {
    "productId": "prd_01HXYZ1111ABCDEF0002",
    "programId": "prg_01HXYZ9876ABCDEF0000",
    "name": "Prepaid VISA Consumer 12m",
    "scheme": "VISA",
    "cardType": "CONSUMER",
    "features": {
      "has3DS": true,
      "hasApplePay": true,
      "hasGooglePay": true,
      "hasJIT": false,
      "hasSpendControl": false,
      "hasMccControl": false
    },
    "controls": {
      "isReloadable": false,
      "isOneTimeUse": false,
      "cardTTLMonths": 12,
      "maxCardsPerCardholder": 1
    },
    "status": "ACTIVE",
    "createdAt": "2026-05-26T11:00:00Z"
  },
  "meta": {
    "requestId": "req_a1b2c3d4e5f6a7b8c9d0e1f2",
    "platform": "Fyatu CaaS",
    "timestamp": "2026-05-26T11:00:00Z"
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.fyatu.com/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Creates a new card product under an existing program. A Card Product defines the scheme (VISA or Mastercard), card type (Consumer or Corporate), the feature set (3DS, Apple Pay, JIT), and the lifecycle controls (reloadability, one-time use, TTL, spend limits, cardholder card limits). Once created, the product productId is passed to POST /cards to issue cards under that configuration.
Products are shared resources — always written to the LIVE database regardless of whether your API key is LIVE or SANDBOX.

Path Parameters

ParameterTypeDescription
programIdstringThe program to create the product under (prefix prg_)

Request Body

Required

FieldTypeDescription
namestringHuman-readable product name (e.g. "Standard VISA Consumer")
schemestringCard network — VISA or MASTERCARD. Must match a scheme enabled on your program

Optional — Card Type

FieldTypeDefaultDescription
cardTypestringCONSUMERCONSUMER or CORPORATE

Optional — features Object

Features are validated against what your program catalog allows. Requesting a feature not enabled on your program returns 422 FEATURE_NOT_ALLOWED.
FieldTypeDefaultDescription
features.has3DSbooleanfalseEnable 3D Secure authentication
features.hasApplePaybooleanfalseEnable Apple Pay tokenisation
features.hasGooglePaybooleanfalseEnable Google Pay tokenisation
features.hasJITbooleanfalseEnable Just-In-Time funding
features.hasSpendControlbooleanfalseEnable per-card spend limits
features.hasMccControlbooleanfalseEnable MCC (merchant category) allow/block rules

Optional — controls Object

Controls govern card lifecycle rules and are enforced at issuance and funding time.
FieldTypeDefaultDescription
controls.isReloadablebooleantrueWhen false, POST /cards/{id}/fund is rejected for every card under this product. Set to false for one-load prepaid or gift-card style products
controls.isOneTimeUsebooleanfalseWhen true, a card is automatically terminated after its first settled transaction. Ideal for single-purchase virtual cards
controls.cardTTLMonthsinteger | null36Cap on card validity in months from issuance. If the card scheme grants a longer expiry, it is capped at this value
controls.maxCardsPerCardholderinteger | null5Maximum simultaneously active (non-TERMINATED) cards a cardholder may hold under this product. Attempting to issue a card beyond this limit returns 409 CARDHOLDER_CARD_LIMIT_EXCEEDED
controls.spendingLimitnumber1000Maximum spend amount per spendingPeriod. Expressed in the program’s currency (USD)
controls.spendingPeriodstringTRANSAMOUNTThe period over which spendingLimit is enforced — TRANSAMOUNT, DAILY, WEEKLY, MONTHLY, QUARTERLY, YEARLY, or LIFETIME

Example

curl -X POST https://api.fyatu.com/api/v3.20/programs/prg_01HXYZ9876ABCDEF0000/products \
  -H "Authorization: Bearer $FYATU_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name":     "Prepaid VISA Consumer 12m",
    "scheme":   "VISA",
    "cardType": "CONSUMER",
    "features": {
      "has3DS":          true,
      "hasApplePay":     true,
      "hasGooglePay":    true,
      "hasJIT":          false,
      "hasSpendControl": false,
      "hasMccControl":   false
    },
    "controls": {
      "isReloadable":          false,
      "isOneTimeUse":          false,
      "cardTTLMonths":         12,
      "maxCardsPerCardholder": 5,
      "spendingLimit":         1000,
      "spendingPeriod":        "TRANSAMOUNT"
    }
  }'

Success Response (201)

{
  "success": true,
  "status":  201,
  "message": "Product created",
  "data": {
    "productId": "prd_01HXYZ1111ABCDEF0002",
    "programId": "prg_01HXYZ9876ABCDEF0000",
    "name":      "Prepaid VISA Consumer 12m",
    "scheme":    "VISA",
    "cardType":  "CONSUMER",
    "features": {
      "has3DS":          true,
      "hasApplePay":     true,
      "hasGooglePay":    true,
      "hasJIT":          false,
      "hasSpendControl": false,
      "hasMccControl":   false
    },
    "controls": {
      "isReloadable":          false,
      "isOneTimeUse":          false,
      "cardTTLMonths":         12,
      "maxCardsPerCardholder": 5,
      "spendingLimit":         1000,
      "spendingPeriod":        "TRANSAMOUNT"
    },
    "status":    "ACTIVE",
    "createdAt": "2026-05-26T11:00:00Z"
  },
  "meta": {
    "requestId": "req_01HXY123456ABCDEF",
    "platform":  "Fyatu CaaS",
    "timestamp": "2026-05-26T11:00:00Z"
  }
}

Product Controls in Practice

Non-reloadable (controls.isReloadable: false)

Use this for prepaid, gift-card, or expense-allowance products where the cardholder receives a fixed balance at issuance and cannot add more funds. Any call to POST /cards/{id}/fund will be rejected with 422 CARD_NOT_RELOADABLE.

One-time use (controls.isOneTimeUse: true)

Cards are automatically terminated after their first settled transaction. Best for single-purchase virtual cards where you want strong controls on card reuse. The card remains ACTIVE until the first settlement clears.

TTL cap (controls.cardTTLMonths)

The card provider normally sets card expiry based on the scheme default (often 3–5 years). Setting cardTTLMonths caps that to a shorter window — for example, 12 ensures cards expire within one year of issuance even if the provider would have granted longer. Defaults to 36 months when not provided.

Per-cardholder card limit (controls.maxCardsPerCardholder)

Enforced at issuance time. The limit counts all non-TERMINATED cards under this product for the same cardholder. Issuing a card that would breach the limit returns 409 CARDHOLDER_CARD_LIMIT_EXCEEDED. Defaults to 5 when not provided.

Spending limit (controls.spendingLimit + controls.spendingPeriod)

Sets a maximum spend cap on every card issued under this product. spendingLimit is expressed in the program currency (USD). spendingPeriod sets the window:
PeriodDescription
TRANSAMOUNTCap applied per individual transaction
DAILYCap resets at midnight UTC each day
WEEKLYCap resets each Monday at midnight UTC
MONTHLYCap resets on the 1st of each month at midnight UTC
QUARTERLYCap resets every three months
YEARLYCap resets on the 1st of January at midnight UTC
LIFETIMECap applies for the entire lifetime of the card
Both default to 1000 / TRANSAMOUNT when not provided.

Error Codes

CodeHTTPCause
MISSING_FIELD400name or scheme not provided
INVALID_REQUEST400Request body is not valid JSON
SCHEME_NOT_ALLOWED422The requested scheme is not enabled for your program
FEATURE_NOT_ALLOWED422A requested feature flag is not available under your program catalog
PROGRAM_NOT_FOUND404Program does not exist or belongs to another business
INVALID_STATUS409Program is closed or not in a state that allows new products
INSUFFICIENT_SCOPE403Key lacks accounts:write scope
INTERNAL_ERROR500Server error

Authorizations

Authorization
string
header
required

API key from the FYATU CaaS portal. Pass as Authorization: Bearer <key>.

Path Parameters

id
string
required

Program ID (prefix prg_)

Body

application/json
name
string
required

Human-readable product name

Example:

"Prepaid VISA Consumer 12m"

scheme
enum<string>
required

Card network. Must match a scheme enabled on your program.

Available options:
VISA,
MASTERCARD
Example:

"VISA"

cardType
enum<string>
default:CONSUMER
Available options:
CONSUMER,
CORPORATE
Example:

"CONSUMER"

features
object

Feature flags validated against your program catalog.

controls
object

Card lifecycle and spend controls.

Response

Product created

success
boolean
Example:

true

status
integer
Example:

200

message
string
Example:

"Product retrieved"

data
object
meta
object