Skip to main content
The Apocor Cards API is the integration surface for launching a card program. Authenticate with your Apocor API key, onboard applicants, run KYC, and issue virtual or physical cards. Portal setup (organizations, programs, billing) is handled in the dashboard — this documentation covers the card integration flow only.

Apocor keys only

Exchange a client_id + client_secret for a short-lived bearer token. That’s the only credential your services ever hold.

Fully white-labeled

Responses expose Apocor resources only — no upstream provider names, ids, or keys ever leak to your app.

Consistent envelopes

Every resource response is wrapped in { "data": … }; every error is { "error": { "code", "message" } }.

Interactive reference

Try any endpoint from the browser against your sandbox with your bearer token.

How it fits together

Base URLs

EnvironmentBase URL
Sandboxhttps://sandbox.apocor.ai
Productionhttps://api.apocor.com (coming soon)
Localhttp://localhost:4000
Every path in this documentation is relative to one of these hosts. All examples target the sandbox — a live, fully functional environment with no real money movement — so you can copy, paste, and run them as-is.

Documentation map

SectionPurpose
QuickstartAuthenticate and issue your first card
AuthenticationAPI keys and bearer tokens
KYC integrationHosted verification, BYOK share tokens, issuer readiness
Applicants & CardsCore objects in the card flow
Responses & ErrorsEnvelope shapes and error codes
API ReferenceCard integration endpoints with a live playground