> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fyatu.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Product

> Retrieve full details of a card product by ID. GET /products/{id}. Requires accounts:read scope.

## Overview

Returns the full details of a single card product — scheme, card type, feature flags, and card lifecycle controls. Products are **shared resources** — always read from the LIVE database regardless of whether your API key is LIVE or SANDBOX.

## Path Parameters

| Parameter | Type   | Description                    |
| --------- | ------ | ------------------------------ |
| `id`      | string | The product ID (prefix `prd_`) |

## Example

<CodeGroup>
  ```bash cURL theme={null}
  curl https://api.fyatu.com/api/v3.20/products/prd_01HXYZ1111ABCDEF0001 \
    -H "Authorization: Bearer $FYATU_API_KEY"
  ```

  ```javascript Node.js theme={null}
  const resp = await fetch(
    'https://api.fyatu.com/api/v3.20/products/prd_01HXYZ1111ABCDEF0001',
    { headers: { 'Authorization': `Bearer ${process.env.FYATU_API_KEY}` } }
  );
  const { data: product } = await resp.json();
  console.log(product.name, product.scheme, product.controls.isReloadable);
  ```

  ```python Python theme={null}
  import os, requests

  resp = requests.get(
      'https://api.fyatu.com/api/v3.20/products/prd_01HXYZ1111ABCDEF0001',
      headers={'Authorization': f'Bearer {os.environ["FYATU_API_KEY"]}'}
  )
  product = resp.json()['data']
  print(product['name'], product['controls']['isReloadable'])
  ```
</CodeGroup>

## Success Response (200)

```json theme={null}
{
  "success": true,
  "status":  200,
  "message": "Product retrieved",
  "data": {
    "productId": "prd_01HXYZ1111ABCDEF0001",
    "programId": "prg_01HXYZ9876ABCDEF0000",
    "name":      "Premium VISA Consumer 36m",
    "scheme":    "VISA",
    "cardType":  "CONSUMER",
    "features": {
      "has3DS":          true,
      "hasApplePay":     true,
      "hasGooglePay":    true,
      "hasJIT":          false,
      "hasSpendControl": true,
      "hasMccControl":   false
    },
    "controls": {
      "isReloadable":          true,
      "isOneTimeUse":          false,
      "cardTTLMonths":         36,
      "maxCardsPerCardholder": 5,
      "spendingLimit":         1000,
      "spendingPeriod":        "TRANSAMOUNT"
    },
    "status":    "ACTIVE",
    "createdAt": "2026-01-10T09:00:00Z"
  },
  "meta": {
    "requestId": "req_01HXY123456ABCDEF",
    "platform":  "Fyatu CaaS",
    "timestamp": "2026-05-25T10:00:00Z"
  }
}
```

## Field Reference

### Core Fields

| Field       | Description                               |
| ----------- | ----------------------------------------- |
| `productId` | Unique product identifier (prefix `prd_`) |
| `programId` | The program this product belongs to       |
| `name`      | Human-readable product name               |
| `scheme`    | Card network — `VISA` or `MASTERCARD`     |
| `cardType`  | `CONSUMER` or `CORPORATE`                 |
| `status`    | `ACTIVE` or `ARCHIVED`                    |
| `createdAt` | ISO 8601 creation timestamp               |

### `features` Object

| Field             | Type    | Description                                                           |
| ----------------- | ------- | --------------------------------------------------------------------- |
| `has3DS`          | boolean | 3D Secure authentication enabled                                      |
| `hasApplePay`     | boolean | Apple Pay tokenisation enabled                                        |
| `hasGooglePay`    | boolean | Google Pay tokenisation enabled                                       |
| `hasJIT`          | boolean | Just-In-Time funding — your system authorises each spend in real time |
| `hasSpendControl` | boolean | Per-card spend limits are configured                                  |
| `hasMccControl`   | boolean | MCC (merchant category) allow/block rules are configured              |

### `controls` Object

| Field                   | Type            | Description                                                                                                              |
| ----------------------- | --------------- | ------------------------------------------------------------------------------------------------------------------------ |
| `isReloadable`          | boolean         | When `false`, `POST /cards/{id}/fund` is rejected for all cards under this product                                       |
| `isOneTimeUse`          | boolean         | When `true`, a card is automatically terminated after its first settled transaction                                      |
| `cardTTLMonths`         | integer \| null | Maximum card validity in months from issuance                                                                            |
| `maxCardsPerCardholder` | integer \| null | Maximum number of simultaneously active (non-TERMINATED) cards a cardholder may hold under this product                  |
| `spendingLimit`         | number          | Maximum spend per `spendingPeriod` in the program currency (USD)                                                         |
| `spendingPeriod`        | string          | Period window for the spending limit — `TRANSAMOUNT`, `DAILY`, `WEEKLY`, `MONTHLY`, `QUARTERLY`, `YEARLY`, or `LIFETIME` |

## Error Codes

| Code                 | HTTP | Cause                                                 |
| -------------------- | ---- | ----------------------------------------------------- |
| `PRODUCT_NOT_FOUND`  | 404  | Product does not exist or belongs to another business |
| `INSUFFICIENT_SCOPE` | 403  | Key lacks `accounts:read` scope                       |


## OpenAPI

````yaml v3.20/openapi.json GET /products/{id}
openapi: 3.1.0
info:
  title: FYATU CaaS API v3.20
  description: >-
    FYATU Cards-as-a-Service API â€” API key authentication, Cardholder
    lifecycle, Card issuance, Transactions, Webhooks, and Programs.
  version: 3.20.0
  contact:
    name: FYATU Support
    url: https://fyatu.com
    email: support@fyatu.com
servers:
  - url: https://api.fyatu.com/api/v3.20
    description: >-
      FYATU CaaS API â€” the environment (LIVE or SANDBOX) is determined by the
      API key, not the URL
security:
  - BearerAuth: []
tags:
  - name: Meta
    description: Liveness, account info, and supported event types
  - name: Account
    description: Account-level balance and funding status
  - name: Programs
    description: Read card program configuration
  - name: Cardholders
    description: Create and manage cardholder profiles
  - name: Cards
    description: Issue, fund, freeze, and terminate virtual cards
  - name: Transactions
    description: Read-only card transaction history
  - name: Webhooks
    description: Manage webhook endpoints for real-time event delivery
  - name: Products
    description: Read card product configurations
paths:
  /products/{id}:
    parameters:
      - name: id
        in: path
        required: true
        schema:
          type: string
        description: Product ID (prefix `prd_`)
        example: prd_01HXYZ1111ABCDEF0001
    get:
      tags:
        - Products
      summary: Get a product
      description: >-
        Retrieve full details of a single card product. Products are shared
        resources â€” always read from the LIVE database regardless of the API
        key environment.
      operationId: getProduct
      responses:
        '200':
          description: Product retrieved
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ProductResponse'
              example:
                success: true
                status: 200
                message: Product retrieved
                data:
                  productId: prd_01HXYZ1111ABCDEF0001
                  programId: prg_01HXYZ9876ABCDEF0000
                  name: Standard VISA Consumer
                  scheme: VISA
                  cardType: CONSUMER
                  features:
                    has3DS: true
                    hasApplePay: true
                    hasGooglePay: true
                    hasJIT: false
                    hasSpendControl: false
                    hasMccControl: false
                  status: ACTIVE
                  createdAt: '2026-01-10T09:00:00Z'
                meta:
                  requestId: req_a1b2c3d4e5f6a7b8c9d0e1f2
                  platform: Fyatu CaaS
                  timestamp: '2026-05-25T10:00:00Z'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          description: Product not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
              example:
                success: false
                status: 404
                message: Product not found
                error:
                  code: PRODUCT_NOT_FOUND
                  detail: Product not found
                meta:
                  requestId: req_a1b2c3d4e5f6a7b8c9d0e1f2
                  platform: Fyatu CaaS
                  timestamp: '2026-05-25T10:00:00Z'
        '429':
          $ref: '#/components/responses/RateLimitExceeded'
        '500':
          $ref: '#/components/responses/InternalError'
components:
  schemas:
    ProductResponse:
      type: object
      properties:
        success:
          type: boolean
          example: true
        status:
          type: integer
          example: 200
        message:
          type: string
          example: Product retrieved
        data:
          $ref: '#/components/schemas/Product'
        meta:
          $ref: '#/components/schemas/Meta'
    Error:
      type: object
      properties:
        success:
          type: boolean
          example: false
        status:
          type: integer
          example: 422
        message:
          type: string
          example: Human readable message
        error:
          $ref: '#/components/schemas/ErrorBody'
        meta:
          $ref: '#/components/schemas/Meta'
    Product:
      type: object
      properties:
        productId:
          type: string
          example: prd_01HXYZ1111ABCDEF0001
        programId:
          type: string
          example: prg_01HXYZ9876ABCDEF0000
        name:
          type: string
          example: Standard VISA Consumer
        scheme:
          type: string
          enum:
            - VISA
            - MASTERCARD
          example: VISA
        cardType:
          type: string
          enum:
            - CONSUMER
            - CORPORATE
          example: CONSUMER
        features:
          type: object
          properties:
            has3DS:
              type: boolean
              example: true
            hasApplePay:
              type: boolean
              example: true
            hasGooglePay:
              type: boolean
              example: true
            hasJIT:
              type: boolean
              example: false
            hasSpendControl:
              type: boolean
              example: false
            hasMccControl:
              type: boolean
              example: false
        controls:
          type: object
          properties:
            isReloadable:
              type: boolean
              example: true
            isOneTimeUse:
              type: boolean
              example: false
            cardTTLMonths:
              type: integer
              nullable: true
              example: null
            maxCardsPerCardholder:
              type: integer
              nullable: true
              example: null
            spendingLimit:
              type: number
              format: float
              description: Maximum spend amount per spendingPeriod. Defaults to 1000.
              example: 1000
            spendingPeriod:
              type: string
              enum:
                - TRANSAMOUNT
                - DAILY
                - WEEKLY
                - MONTHLY
                - QUARTERLY
                - YEARLY
                - LIFETIME
              description: The period over which spendingLimit is enforced.
              example: TRANSACTION
        status:
          type: string
          enum:
            - ACTIVE
            - ARCHIVED
          example: ACTIVE
        createdAt:
          type: string
          format: date-time
          example: '2026-01-10T09:00:00Z'
    Meta:
      type: object
      properties:
        requestId:
          type: string
          example: req_a1b2c3d4e5f6a7b8c9d0e1f2
        platform:
          type: string
          example: Fyatu CaaS
        timestamp:
          type: string
          format: date-time
          example: '2026-05-22T15:00:00Z'
    ErrorBody:
      type: object
      properties:
        code:
          type: string
          example: VALIDATION_ERROR
        detail:
          type: string
          example: dateOfBirth must be in YYYY-MM-DD format
  responses:
    Unauthorized:
      description: Missing or invalid API key
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          examples:
            missing:
              summary: API key missing
              value:
                success: false
                status: 401
                message: API key is required
                error:
                  code: AUTH_TOKEN_MISSING
                  detail: API key is required
                meta:
                  requestId: req_a1b2c3d4e5f6a7b8c9d0e1f2
                  platform: Fyatu CaaS
                  timestamp: '2026-05-22T15:00:00Z'
            invalid:
              summary: API key invalid
              value:
                success: false
                status: 401
                message: Invalid API key
                error:
                  code: AUTH_TOKEN_INVALID
                  detail: Invalid API key
                meta:
                  requestId: req_a1b2c3d4e5f6a7b8c9d0e1f2
                  platform: Fyatu CaaS
                  timestamp: '2026-05-22T15:00:00Z'
    Forbidden:
      description: Scope denied or business suspended
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            success: false
            status: 403
            message: Scope denied
            error:
              code: INSUFFICIENT_SCOPE
              detail: This endpoint requires the cards:write scope
            meta:
              requestId: req_a1b2c3d4e5f6a7b8c9d0e1f2
              platform: Fyatu CaaS
              timestamp: '2026-05-22T15:00:00Z'
    RateLimitExceeded:
      description: Rate limit exceeded
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            success: false
            status: 429
            message: Rate limit exceeded
            error:
              code: RATE_LIMIT_EXCEEDED
              detail: Too many requests
            meta:
              requestId: req_a1b2c3d4e5f6a7b8c9d0e1f2
              platform: Fyatu CaaS
              timestamp: '2026-05-22T15:00:00Z'
    InternalError:
      description: Unexpected server error
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            success: false
            status: 500
            message: Internal error
            error:
              code: INTERNAL_ERROR
              detail: An unexpected error occurred
            meta:
              requestId: req_a1b2c3d4e5f6a7b8c9d0e1f2
              platform: Fyatu CaaS
              timestamp: '2026-05-22T15:00:00Z'
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      description: >-
        API key from the FYATU CaaS portal. Pass as `Authorization: Bearer
        <key>`.

````