> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fyatu.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List Cards

> List all issued virtual and prepaid cards with pagination — filter by status, cardholder, or product. GET /cards.

## Overview

Retrieve a paginated list of all virtual cards issued under your application. You can filter by cardholder ID, card status, or search by card name.

## Query Parameters

| Parameter      | Type    | Description                                                     |
| -------------- | ------- | --------------------------------------------------------------- |
| `cardholderId` | string  | Filter cards by cardholder ID                                   |
| `status`       | string  | Filter by status: `ACTIVE`, `FROZEN`, `SUSPENDED`, `TERMINATED` |
| `scheme`       | string  | Filter by card scheme: `VISA`, `MASTERCARD`                     |
| `search`       | string  | Search by card name, last 4 digits, or card ID                  |
| `page`         | integer | Page number (default: 1)                                        |
| `limit`        | integer | Items per page (default: 20, max: 100)                          |

## Example Usage

<CodeGroup>
  ```php PHP theme={null}
  <?php
  $queryParams = http_build_query([
      'status' => 'ACTIVE',
      'scheme' => 'MASTERCARD',
      'page' => 1,
      'limit' => 20
  ]);

  $response = file_get_contents(
      'https://api.fyatu.com/api/v3/cards?' . $queryParams,
      false,
      stream_context_create([
          'http' => [
              'method' => 'GET',
              'header' => 'Authorization: Bearer ' . $accessToken
          ]
      ])
  );

  $result = json_decode($response, true);
  foreach ($result['data']['cards'] as $card) {
      echo $card['name'] . ' - ****' . $card['last4'] . ' - ' . $card['status'] . "\n";
  }
  ```

  ```javascript Node.js theme={null}
  const params = new URLSearchParams({
    status: 'ACTIVE',
    scheme: 'MASTERCARD',
    page: '1',
    limit: '20'
  });

  const response = await fetch(`https://api.fyatu.com/api/v3/cards?${params}`, {
    method: 'GET',
    headers: {
      'Authorization': `Bearer ${accessToken}`
    }
  });

  const result = await response.json();
  result.data.cards.forEach(card => {
    console.log(`${card.name} - ****${card.last4} - ${card.status}`);
  });
  ```
</CodeGroup>

## Response Fields

| Field          | Type    | Description                                                |
| -------------- | ------- | ---------------------------------------------------------- |
| `id`           | string  | Unique card identifier                                     |
| `cardholderId` | string  | The cardholder this card belongs to                        |
| `name`         | string  | Name printed on the card                                   |
| `last4`        | string  | Last 4 digits of the card number                           |
| `maskedNumber` | string  | Masked card number (e.g., `****4829`)                      |
| `expiryDate`   | string  | Card expiration date (MM/YYYY format)                      |
| `brand`        | string  | Card brand: `MASTERCARD` or `VISA`                         |
| `status`       | string  | Card status: `ACTIVE`, `FROZEN`, `SUSPENDED`, `TERMINATED` |
| `isReloadable` | boolean | Whether the card can be funded                             |
| `createdAt`    | string  | Card creation timestamp                                    |

<Tip>
  Use the `cardholderId` filter to get all cards belonging to a specific cardholder. Use the `search` parameter to find cards by name or last 4 digits.
</Tip>


## OpenAPI

````yaml v3/openapi.json GET /cards
openapi: 3.1.0
info:
  title: FYATU API v3
  description: >-
    FYATU API v3 with JWT authentication for Collections, Payouts, and Card
    Issuing.
  version: 3.0.0
  contact:
    name: FYATU Support
    url: https://fyatu.com
    email: support@fyatu.com
servers:
  - url: https://api.fyatu.com/api/v3
    description: Production
security: []
tags:
  - name: Authentication
    description: JWT token management endpoints
  - name: Account
    description: Business account, wallet, and address management
  - name: Collections
    description: Accept payments from customers via checkout sessions
  - name: Refunds
    description: Issue refunds for completed collections
  - name: Payouts
    description: Send money to Fyatu account holders
  - name: Cardholders
    description: Cardholder management for card issuing programs
  - name: Cards
    description: Issue, fund, freeze, and manage virtual cards
  - name: Webhooks
    description: Webhook configuration and management
paths:
  /cards:
    get:
      tags:
        - Cards
      summary: List Cards
      description: >-
        Retrieve a paginated list of all virtual cards issued under your
        application.
      operationId: listCards
      parameters:
        - name: cardholderId
          in: query
          description: Filter cards by cardholder ID
          schema:
            type: string
        - name: status
          in: query
          description: Filter by card status
          schema:
            type: string
            enum:
              - ACTIVE
              - PROCESSING
              - FROZEN
              - SUSPENDED
              - TERMINATED
              - FAILED
        - name: search
          in: query
          description: Search by card name, last 4 digits, or card ID
          schema:
            type: string
        - name: scheme
          in: query
          description: Filter by card scheme
          schema:
            type: string
            enum:
              - VISA
              - MASTERCARD
        - name: page
          in: query
          description: Page number
          schema:
            type: integer
            default: 1
        - name: limit
          in: query
          description: Items per page (max 100)
          schema:
            type: integer
            default: 20
            maximum: 100
      responses:
        '200':
          description: Cards retrieved successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CardsListResponse'
              example:
                success: true
                status: 200
                message: Cards retrieved successfully
                data:
                  cards:
                    - id: crd_8f3a2b1c4d5e6f7890abcdef12345678
                      cardholderId: ch_1a2b3c4d5e6f7890abcdef1234567890
                      name: JAMES WILSON
                      last4: '4829'
                      maskedNumber: '****4829'
                      expiryDate: 09/2028
                      brand: MASTERCARD
                      status: ACTIVE
                      isReloadable: true
                      createdAt: '2026-01-10 14:30:00'
                    - id: crd_7e2d1c0b9a8f7654321fedcba09876543
                      cardholderId: ch_9f8e7d6c5b4a3210fedcba9876543210
                      name: SARAH JOHNSON
                      last4: '7156'
                      maskedNumber: '****7156'
                      expiryDate: 03/2029
                      brand: MASTERCARD
                      status: FROZEN
                      isReloadable: true
                      createdAt: '2026-01-05 09:15:00'
                  pagination:
                    currentPage: 1
                    totalPages: 5
                    totalItems: 48
                    itemsPerPage: 20
                meta:
                  requestId: req_a1b2c3d4e5f6
                  timestamp: '2026-01-17T10:00:00+00:00'
        '401':
          $ref: '#/components/responses/Unauthorized'
      security:
        - BearerAuth: []
components:
  schemas:
    CardsListResponse:
      type: object
      properties:
        success:
          type: boolean
          example: true
        status:
          type: integer
          example: 200
        message:
          type: string
        data:
          type: object
          properties:
            cards:
              type: array
              items:
                $ref: '#/components/schemas/Card'
            pagination:
              $ref: '#/components/schemas/PaginationAlt'
        meta:
          $ref: '#/components/schemas/Meta'
    Card:
      type: object
      properties:
        id:
          type: string
          description: Unique card identifier
        cardholderId:
          type: string
          description: Associated cardholder ID
        name:
          type: string
          description: Name on card
        last4:
          type: string
          nullable: true
          description: Last 4 digits of card number. Null when status is PROCESSING
        maskedNumber:
          type: string
          nullable: true
          description: >-
            Masked card number (e.g., 5234********1234). Null when status is
            PROCESSING
        expiryDate:
          type: string
          nullable: true
          description: Expiry date (MM/YYYY). Null when status is PROCESSING
        brand:
          type: string
          enum:
            - MASTERCARD
            - VISA
          description: Card network brand
        type:
          type: string
          enum:
            - VIRTUAL
            - PHYSICAL
            - METAL
          description: Card form factor
        status:
          type: string
          enum:
            - ACTIVE
            - PROCESSING
            - FROZEN
            - SUSPENDED
            - TERMINATED
            - FAILED
        isReloadable:
          type: boolean
          description: Whether card can be funded
        createdAt:
          type: string
          format: date-time
    PaginationAlt:
      type: object
      properties:
        currentPage:
          type: integer
        itemsPerPage:
          type: integer
        totalItems:
          type: integer
        totalPages:
          type: integer
    Meta:
      type: object
      properties:
        requestId:
          type: string
          description: Unique request ID for tracking
          example: req_abc123def456
        timestamp:
          type: string
          format: date-time
          description: ISO 8601 timestamp of the response
    ErrorResponse:
      type: object
      properties:
        success:
          type: boolean
          example: false
        status:
          type: integer
          example: 401
        message:
          type: string
          example: Invalid credentials
        error:
          $ref: '#/components/schemas/Error'
        meta:
          $ref: '#/components/schemas/Meta'
    Error:
      type: object
      properties:
        code:
          type: string
          description: Error code for programmatic handling
          example: AUTH_INVALID_CREDENTIALS
        details:
          type: array
          items:
            $ref: '#/components/schemas/ValidationError'
          description: Validation error details (for VALIDATION_ERROR)
    ValidationError:
      type: object
      properties:
        field:
          type: string
          description: Field that failed validation
          example: appId
        message:
          type: string
          description: Validation error message
          example: AppId is required
  responses:
    Unauthorized:
      description: Authentication required or token invalid
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          example:
            success: false
            status: 401
            message: Unable to identify business
            error:
              code: AUTH_TOKEN_INVALID
            meta:
              requestId: req_abc123
              timestamp: '2026-01-05T10:30:00+00:00'
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: JWT access token obtained from /auth/token

````