Enkash Developer Portal
Home
Home
Login
  1. Reloadable Prepaid Cards
  • Back to home
  • APIs - Prepaid Card
  • Encryption & Decryption Guide
  • Reloadable Prepaid Cards
    • KYC Status Handling Guide
    • T&C Acceptance Flow Copy
    • Auth Token
      POST
    • Create Reloadable Prepaid Card
      POST
    • VKYC Link Generation
      GET
    • VKYC Status
      GET
    • Set Card PIN
      POST
    • Generate OTP
      POST
    • View Card Details
      POST
    • View Card CVV
      POST
    • Update Card Limits & Controls
      POST
    • Get Card Limits & Controls
      POST
    • Order Physical Card
      POST
    • Get Card Balance
      POST
    • Load Money from Balance
      POST
    • Request Card Replacement
      POST
    • Block Card
      POST
    • Get Transaction Details
      POST
    • Get All Transaction Details
      POST
  • Non Reloadable Gift Cards
    • Auth Token
    • Create Non Reloadable Gift Card
    • Set Card PIN
    • Generate OTP
    • View Card Details
    • View Card CVV
    • Order Physical Card
    • Get Card Balance
    • Get Transaction Details
    • Get All Transaction details
Home
Home
Login
  1. Reloadable Prepaid Cards

T&C Acceptance Flow Copy

This document defines the T&C (Terms & Conditions) acceptance redirect flow required for card activation, in alignment with RBI co‑branding guidelines. It is intended for backend and frontend developers integrating the card activation and T&C gating flow in both UAT and Production environments.

Purpose#

Card activation and usage are gated behind explicit user acceptance of the latest card T&C and, where applicable, minimum KYC.
A card may exist but must not be treated as active or usable until:
The user has accepted the latest T&C, and
Minimum KYC requirement is satisfied.
The system of record for T&C / KYC gating status is the EnKash Card Details API, via fields such as kycStatus and partnerTncUrl.
This specification defines:
How to detect that T&C/KYC acceptance is pending.
How to construct and send the T&C redirect.
How to handle the post‑T&C redirect back to your application.
Security, validation, and test considerations.

Preconditions#

Before implementing this flow, ensure, you have access to the EnKash Card Details API that returns:
enKashCardId
cardAccountId
kycStatus
partnerTncUrl
You can generate a current access token for the card/user context.
You can define and control a return URL (in your application) where the user will be redirected after:
T&C acceptance, or
Minimum KYC completion.

Trigger Condition#

You must initiate the T&C redirect flow when the EnKash Card Details API returns a pending KYC/T&C state, for example:
{
  "enKashCardId": "EKCWLUAADN",
  "cardAccountId": "CAC7975",
  "kycStatus": {
    "name": "NOT_UPLOADED",
    "label": "Not Uploaded"
  },
  "partnerTncUrl": "https://home.enkash.com/partner/tnc",
  ...
}

Trigger rule:#

If kycStatus.name !== "APPROVED" or the user has not yet accepted the latest T&C (as indicated by the T&C flow/flags in the EnKash Card Details API response):
The user must be redirected to the T&C URL.
If KYC/T&C are already completed as per the EnKash Card Details API:
Proceed with the normal card flow; no T&C redirect is required.

This rule must be evaluated:#

Whenever the user opens or re‑opens the card.
The user previously navigated away without completing T&C/KYC acceptance, and later returns to the card screen.

Environment‑Specific URLs#

Use the following base URLs for the T&C acceptance flow.
EnvironmentURL
Production
UAT

URL Construction (Production Example)#

Step 1: Build the payload JSON
{
  "token": "<access_token_for_user_or_card_context>",
  "enKashCardId": "EKCWLUAADN",
  "cardAccountId": "CAC7975",
  "returnUrl": "https://your-app.com/card/home"
}
Step 2: Base64 encode the JSON
eyJ0b2tlbiI6IjxhY2Nlc3NfdG9rZW4+IiwgImVuS2FzaENhcmRJZCI6IkVLQ1dMVUFBRE4iLCAiY2FyZEFjY291bnRJZCI6IkNBQzc5NzUiLCAicmV0dXJuVXJsIjoiaHR0cHM6Ly95b3VyLWFwcC5jb20vY2FyZC9ob21lIn0=
Step 3: Construct the Production URL
https://home.enkash.com/partner/tnc?WID={enKashCardId}==&at={token}&returnUrl={returnUrl}
Example (truncated for illustration):
https://invoice-uat.enkash.in/partner/tnc?WID=EKCWLUAADN==&at=<access_token_for_user_or_card_context>&returnUrl=https://your-app.com/card/home
Apply the same construction logic for the UAT base URL.
Query parameters and payload format must be consistent across UAT and Production.

Redirect Flow#

When KYC/T&C are pending as per the EnKash Card Details API (for example, kycStatus.name = "NOT_UPLOADED"):
1
Detect Pending T&C/KYC:
Call EnKash Card Details API.
Check kycStatus (and other T&C‑related flags as provided by the API).
2
T&C Redirect URL
Choose the correct base URL (UAT or Production).
Build a Base64‑encoded JSON payload containing:
Current access token
enKashCardId
cardAccountId (if required for your context)
Return URL
3
Partner App
Redirect the user to the T&C URL provided by EnKash.
4
User Completes
T&C acceptance, and
Minimum KYC verification within EnKash’s platform
5
Redirect
EnKash redirects the user back to Partner's returnUrl.
6
Recommended
Call EnKash Card Details API again to confirm that:
KYC is completed (e.g. kycStatus.name === "APPROVED"), and
T&C are accepted as per the latest configuration.
Before enabling card usage UI/features.
Modified at 2025-12-26 09:32:33
Previous
KYC Status Handling Guide
Next
Auth Token
Built with