On This Page {#jumplink-list} [Markdown](/docs/vas/en-us/tms/developer/ctv/rest/tms/tms-cust-tkn/tms-manage-cust-tkn/tms-cust-tkn-retrieve-default-pay-unmasked-intro.md) Filter FILTER BY TAG Retrieve a Customer's Default Payment with an Unmasked Card Number {#tms-cust-tkn-retrieve-default-pay-unmasked-intro} ====================================================================================================================== This section describes how to retrieve a customer's default payment with an unmasked card number. > IMPORTANT > To retrieve unmasked payment details, you must ensure that your MLE key pair and your token vault are configured correctly. For more information on MLE keys, see [Message-Level Encryption Keys](/docs/vas/en-us/tms/developer/ctv/rest/tms/tms-onboarding/tms-mle-setup.md ""). For more information on token vaults, see [Token Vault Management](/docs/vas/en-us/tms/developer/ctv/rest/tms/tms-onboarding/tms-vault-hierarchy.md ""). If necessary, contact your ` Visa Acceptance Solutions ` account manager or customer support. > The response is BASE 64-encoded JSON web encryption (JWE) token. The decoded JWE has these elements: ``` { "alg": "RSA-OAEP-256", //The algorithm used to encrypt the CEK "cty": "json", //The content type "typ": "JWT", //The token type "enc": "A256GCM", //The algorithm that is used to encrypt the message "kid": "keyId" //The serial number of shared public cert for encryption of CEK } <Encrypted Data> //The encrypted payload that matches the JSON response normally returned by the TMS API, except with an unmasked payment details ``` Header Configuration -------------------- You must pass this request header to retrieve unmasked payment details: `Accept: application/jose`. The term `application/jose` refers to Javascript Object Signing and Encryption (JOSE). JOSE is a framework that provides end-to-end security to JavaScript Object Notation (JSON)-based data structures. JOSE achieves this by offering a collection of specifications to encrypt and digitally sign JSON payloads. In this case, the response is message-level encrypted using a JSON Web Token (JWT). Endpoint -------- **Test:** `GET ``https://apitest.visaacceptance.com``/tms/v2/customers/`*{customerTokenId}*` `{#tms-cust-tkn-retrieve-default-pay-unmasked-intro_restcust-test} **Production:** `GET ``https://api.visaacceptance.com``/tms/v2/customers/`*{customerTokenId}*` ` The *`{customerTokenId}`* is the customer token ID returned in the id field when you created the customer token. For more information, see [Create a Customer](/docs/vas/en-us/tms/developer/ctv/rest/tms/tms-cust-tkn/tms-manage-cust-tkn/tms-cust-tkn-create-intro.md ""). RELATED TO THIS PAGE