Skip to main content
POST
/
api
/
v1
/
cards
/
afrigo
/
activate
Activate Afrigo Card
curl --request POST \
  --url https://waas-card-middleware-api-staging.embedly.ng/api/v1/cards/afrigo/activate \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: <api-key>' \
  --data '{
  "accountNumber": "<string>",
  "cardNumber": "<string>",
  "pin": "<string>"
}'
When activating cards on behalf of your customers, you must follow the rules below to ensure data security and compliance.Card Number Format
  • Always pass the card number in a partially masked format: First 6 digits + 8 asterisks (**) + last 4 digits Example: 123456********7890
Encryption Standard
  • Algorithm: RSA
  • Key: Contact the admin to obtain the RSA public key for production use
  • Padding: PKCS#1 v1.5
  • Encoding: UTF-8 for input, Base64 for output
Important Notes
  • Only send the masked card number — never transmit the full card number.
  • The PIN must always be encrypted using the platform’s RSA public key before sending via API.
  • Do not attempt to decrypt the PIN — decryption is performed only by the platform using its private key.
  • Always ensure you are using the latest RSA public key provided by the platform.
PIN Encryption Example
public static string Encrypt(string userPin, string publicKeyContent)
{
	using var rsa = RSA.Create();

	// Try PEM format first, then raw base64
	try
	{
		rsa.ImportFromPem(publicKeyContent);
	}
	catch
	{
		// Handle raw base64 key
		var keyBytes = Convert.FromBase64String(publicKeyContent);
		rsa.ImportRSAPublicKey(keyBytes, out _);
	}

	var dataBytes = Encoding.UTF8.GetBytes(userPin);
	var encrypted = rsa.Encrypt(dataBytes, RSAEncryptionPadding.Pkcs1);
	return Convert.ToBase64String(encrypted);
}
accountNumber
string
required
This is the account number mapped to a customer’s embedly wallet. Example: `1234561234
cardNumber
string
required
This is the card number issued to the customer and mapped to the account number above. Example: 123456********7890
pin
string
required
This is the random pin choosen by the customer. Example: encrypted string