POST
/
api
/
v1
/
cards
/
afrigo
/
activate
Activate Afrigo Card
curl --request POST \
  --url https://waas-card-middleware-api-staging.embedly.ng/api/v1/cards/afrigo/activate \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: <api-key>' \
  --data '{
  "accountNumber": "<string>",
  "cardNumber": "<string>",
  "pin": "<string>"
}'
When activating cards on behalf of your customers, ensure that the PIN chosen by the customer is encrypted before sending via API.🔐 Encryption Standard
  • Algorithm: RSA
  • Key: Contact the admin to obtain the RSA public key for production use
  • Padding: PKCS#1 v1.5
  • Encoding: UTF-8 for input, Base64 for output
⚠️ Important Notes
  • Always use the latest RSA public key shared by the platform.
  • Do not attempt to decrypt the PIN — only the platform (with its private key) can do so.
  • Use PKCS#1 v1.5 padding, not OAEP.
Example
public static string Encrypt(string userPin, string publicKeyContent)
{
	using var rsa = RSA.Create();

	// Try PEM format first, then raw base64
	try
	{
		rsa.ImportFromPem(publicKeyContent);
	}
	catch
	{
		// Handle raw base64 key
		var keyBytes = Convert.FromBase64String(publicKeyContent);
		rsa.ImportRSAPublicKey(keyBytes, out _);
	}

	var dataBytes = Encoding.UTF8.GetBytes(userPin);
	var encrypted = rsa.Encrypt(dataBytes, RSAEncryptionPadding.Pkcs1);
	return Convert.ToBase64String(encrypted);
}
accountNumber
string
required
This is the account number mapped to a customer’s embedly wallet. Example: `12345678901
cardNumber
string
required
This is the card number issued to the customer and mapped to the account number above. Example: 123456789012
pin
string
required
This is the random pin choosen by the customer. Example: encrypted string