Create Payment Method
Create a new payment method.
API scope required: payment-methods.create
vault.staging.crossmint.com or vault.crossmint.com), which tokenizes sensitive fields before forwarding to the API. Raw card numbers, CVCs, and bank account numbers never reach api.crossmint.com directly.Authorizations
Server-side API key from the Crossmint dashboard.
Body
Create request. Provide the sub-object that matches the chosen type.
Payment method type. Determines which sub-object (card or bankAccount) must be provided.
card, bank-account-us, bank-account-mx-clabe, bank-account-co, bank-account-sepa-iban Identifies the target user. Format: <type>:<value> (e.g., email:alice@example.com, userId:abc123). Required when authenticating with a server API key; ignored with JWT (the JWT subject is used instead).
Card details. Required when type is card. All card data is tokenized by the PCI vault before it reaches Crossmint servers.
Bank account details. Required when type is a bank type. The exact fields depend on the country-specific type. Account numbers and IBANs are tokenized by the vault.
Response
Payment method created successfully. Returns the full PaymentMethod object including the derived displayName and the type-specific sub-object (card or bankAccount).
- Option 1
- Option 2
A saved payment method. Sensitive fields (full PAN, CVC, full account numbers) are never included in responses.
Unique identifier (UUID v4), assigned by the server on creation.
Whether this is the user's default payment method. Only one per user can be the default; setting a new default automatically unsets the previous one.
Human-readable label derived by the server (e.g., "Visa ••1111", "SEPA Account ••6789"). Not settable by the client.
Payment method type. Determines which sub-object (card or bankAccount) is present.
card Card details. Present when type is card.

