Skip to main content

Will Be Deprecated April 1, 2026

PCI Fields

When retrieving a card, or listing all cards, you may have noticed that the pan and cvv fields within the Card object returned by the Treasury Prime API are null, unless the respective show_pan and show_cvv query parameters were set to a truthy value. To set these parameters to true, though, requires PCI compliance on your end.

The Marqeta Client Access Token

Every time you wish to use Marqeta.js to retrieve a Marqeta-issued, virtual card’s sensitive info, you must request a new client access token from the Marqeta platform. Each token expires after five minutes. See the API for this here.