Send Data to a 3rd Party

This guide will show you how to send data to a third-party service without touching the data.

Key concepts in this guide:

• Tokens
• Expressions
• Proxy

Getting Started

To get started, you will need a Basis Theory account.

Sign Up

Sign In

Next you will need a Private Application in order to create a new token and use the token with the Proxy.

Click here to create a Private Application or login to your Basis Theory account and create a new application with the following settings:

• Name - Send Data to Third Party Guide
• Application Type - Private
• Permissions - token:create, token:use

Save the API Key from the created Private Application as it will be used later in this guide to capture the data and send it to a third-party.

Create a Token

We will need to create a token to contain our data. Basis Theory offers several ways to capture this information from your web application or inbound to your API without touching the information, but for this guide, we will create the token directly against the Basis Theory API.

Run the following in your terminal to create a token containing a phone number:

curl "https://api.basistheory.com/tokens" \
-X "POST" \
-H "BT-API-KEY: test_1234567890" \
-H "Content-Type: application/json" \
-d '{
    "type": "token",
    "data": "(555) 687-5309"
}'

Be sure to replace test_1234567890 with the Private API Key you created in the Getting Started step.

You should see a JSON response similar to:

{
  "id": "adb7ef72-73ca-4166-bc68-b77949a55f75",
  "type": "token",
  "tenant_id": "4d228c59-13e9-4d26-9ff3-883336579d35",
  "created_by": "59929b69-1282-43e1-8b26-8cf655964f9b",
  "created_at": "2022-12-19T19:20:43.7334616+00:00",
  "fingerprint": "4CCkxuF2Gp5a5fnnc1Esxe1eANXao1g3ASMqHsTV9Adr",
  "fingerprint_expression": "{{ data | stringify }}",
  "containers": [
    "/general/high/"
  ]
}

Copy the id to use in the next step.

It is best practice to securely collect your data from a web form or API to avoid security and compliance risks associated with directly handling the sensitive data.

Send the Data

We can leverage the Basis Theory Proxy to be able to detokenize the stored data before forwarding it to a third-party. To do this, we will utilize Expressions, which is based on the Liquid template language.

curl "https://api.basistheory.com/proxy" \
-X "POST" \
-H "BT-API-KEY: test_1234567890" \
-H "BT-PROXY-URL: https://echo.basistheory.com/anything" \
-H "Content-Type: application/json" \
-d '{
      "phoneNumber": {
        "full": "+1 {{ adb7ef72-73ca-4166-bc68-b77949a55f75 }}",
        "countryCode": "+1",
        "areaCode": "{{ adb7ef72-73ca-4166-bc68-b77949a55f75 | split: \" \" | first | remove: \"(\" | remove: \")\" }}",
        "exchangeCode": "{{ adb7ef72-73ca-4166-bc68-b77949a55f75  | split: \"-\" | last }}",
        "lineNumber": "{{ adb7ef72-73ca-4166-bc68-b77949a55f75 | split: \" \" | last | split: \"-\" | first }}"
      }
    }'

Be sure to replace test_1234567890 with the Private API Key you created in the Getting Started step and replaceadb7ef72-73ca-4166-bc68-b77949a55f75 with the token id you created in the Create a Token step.

You should see a response similar to:

{
  "args": {},
  "data": "{\"phoneNumber\":{\"full\":\"+1 8675309\",\"countryCode\":\"+1\",\"areaCode\":\"8675309\",\"exchangeCode\":\"8675309\",\"lineNumber\":\"8675309\"}}",
  "files": {},
  "form": {},
  "headers": {
    "Accept": "*/*",
    "Accept-Encoding": "gzip",
    "Bt-Trace-Id": "0kr2gYwAAAACKcnGsnP/NTrEa4nIHenpYQ0hHRURHRTE1MTAAMTYzY2E1ODMtNjQ3MS00MTc3LTg0ZGItZTA4MzBlZGFiODUw",
    "Content-Length": "125",
    "Content-Type": "application/json",
    "Disguised-Host": "echo.basistheory.com",
    "Host": "echo.basistheory.com",
    "Max-Forwards": "10",
    "User-Agent": "curl/7.85.0"
  },
  "json": {
    "phoneNumber": {
      "areaCode": "8675309",
      "countryCode": "+1",
      "exchangeCode": "8675309",
      "full": "+1 8675309",
      "lineNumber": "8675309"
    }
  },
  "method": "POST",
  "url": "https://echo.basistheory.com/anything"
}

Conclusion

Basis Theory's Proxy will intercept the sent request and evaluate and detokenize the request body. Basis Theory will then forward the request onto the configured BT-PROXY-URL, in this example is https://echo.basistheory.com/anything.

Creating a pre-configured Proxy provides additional capabilities such as the ability to execute custom transforms on the request and response bodies.

You can use this guide as an example on how to easily forward any piece of information and transform the request prior to sending to the destination.

Learn More

• What are tokens?
• What is the Proxy
• Collect and process cards