> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fyatu.com/llms.txt
> Use this file to discover all available pages before exploring further.

# CARD_ISSUED

> Fired when a card is successfully issued to a cardholder.

Fires after a successful `POST /cards` request once the card provider confirms the card is active and ready to use.

## Event Type

```
CARD_ISSUED
```

## Payload

```json theme={null}
{
  "event":      "CARD_ISSUED",
  "eventId":    "evt_01HXY123456ABCDEF",
  "businessId": "BUS1A2B3C4D5E6F",
  "timestamp":  "2026-05-26T10:00:00Z",
  "data": {
    "cardId":         "crd_01HXYZ5555ABCDEF1111",
    "status":         "ACTIVE",
    "cardType":       "VIRTUAL",
    "cardBrand":      "VISA",
    "cardholderId":   "chl_01HXYZ1234ABCDEF5678",
    "maskedPan":      "445123******4123",
    "last4":          "4123",
    "expirationDate": "06/2030",
    "balance":        100.00,
    "currency":       "USD",
    "is3ds":          true,
    "isTokenized":    false,
    "isJitfEnabled":  false,
    "isOneTimeUse":   false
  }
}
```

## Payload Fields

| Field            | Type    | Description                                                                           |
| ---------------- | ------- | ------------------------------------------------------------------------------------- |
| `cardId`         | string  | The newly issued card ID (prefix `crd_`)                                              |
| `status`         | string  | Always `ACTIVE` at issuance                                                           |
| `cardType`       | string  | `VIRTUAL` or `PHYSICAL`                                                               |
| `cardBrand`      | string  | `VISA` or `MASTERCARD`                                                                |
| `cardholderId`   | string  | The cardholder the card belongs to                                                    |
| `isOneTimeUse`   | boolean | `true` for single-use cards that auto-terminate after their first settled transaction |
| `maskedPan`      | string  | BIN-masked PAN — first 6 digits + 6 stars + last 4 (e.g. `445123******4123`)          |
| `last4`          | string  | Last 4 digits of the PAN                                                              |
| `expirationDate` | string  | Card expiry in `MM/YYYY` format (e.g. `06/2030`)                                      |
| `balance`        | number  | Card balance in USD at issuance                                                       |
| `currency`       | string  | Card currency (always `USD`)                                                          |
| `is3ds`          | boolean | 3D Secure enabled on this card                                                        |
| `isTokenized`    | boolean | Card has been tokenised (Apple Pay / Google Pay)                                      |
| `isJitfEnabled`  | boolean | Just-In-Time funding active                                                           |

<Note>
  `cvv`, `programId`, and `environment` are intentionally excluded from webhook payloads. The CVV is only available once in the `POST /cards` issuance response.
</Note>

## Common Use Cases

* Display the new card details to the cardholder in your UI
* Record the card in your internal database linked to the cardholder
* Trigger a "Your card is ready" push notification to the cardholder

<RequestExample>
  ```json Webhook Payload theme={null}
  {
    "event":      "CARD_ISSUED",
    "eventId":    "evt_01HXY123456ABCDEF",
    "businessId": "BUS1A2B3C4D5E6F",
    "timestamp":  "2026-05-26T10:00:00Z",
    "data": {
      "cardId":         "crd_01HXYZ5555ABCDEF1111",
      "status":         "ACTIVE",
      "cardType":       "VIRTUAL",
      "cardBrand":      "VISA",
      "cardholderId":   "chl_01HXYZ1234ABCDEF5678",
      "maskedPan":      "445123******4123",
      "last4":          "4123",
      "expirationDate": "06/2030",
      "balance":        100.00,
      "currency":       "USD",
      "is3ds":          true,
      "isTokenized":    false,
      "isJitfEnabled":  false,
      "isOneTimeUse":   false
    }
  }
  ```
</RequestExample>

<ResponseExample>
  ```json 200 theme={null}
  {}
  ```
</ResponseExample>


## OpenAPI

````yaml v3.20/openapi.json webhook CARD_ISSUED
openapi: 3.1.0
info:
  title: FYATU CaaS API v3.20
  description: >-
    FYATU Cards-as-a-Service API â€” API key authentication, Cardholder
    lifecycle, Card issuance, Transactions, Webhooks, and Programs.
  version: 3.20.0
  contact:
    name: FYATU Support
    url: https://fyatu.com
    email: support@fyatu.com
servers:
  - url: https://api.fyatu.com/api/v3.20
    description: >-
      FYATU CaaS API â€” the environment (LIVE or SANDBOX) is determined by the
      API key, not the URL
security:
  - BearerAuth: []
tags:
  - name: Meta
    description: Liveness, account info, and supported event types
  - name: Account
    description: Account-level balance and funding status
  - name: Programs
    description: Read card program configuration
  - name: Cardholders
    description: Create and manage cardholder profiles
  - name: Cards
    description: Issue, fund, freeze, and terminate virtual cards
  - name: Transactions
    description: Read-only card transaction history
  - name: Webhooks
    description: Manage webhook endpoints for real-time event delivery
  - name: Products
    description: Read card product configurations
paths: {}
components:
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      description: >-
        API key from the FYATU CaaS portal. Pass as `Authorization: Bearer
        <key>`.

````