# Testing and integrating with Tokenize endpoint
source: https://developer.mastercard.com/mdes-digital-enablement/documentation/tutorials/integrating/index.md
## Overview {#overview}
After you move the project to Production, you can start using Digital Enablement API services. This use case tutorial describes how you could allow a consumer to tokenize a card and associate it with their website profile for later payment use.
## APIs used in this tutorial {#apis-used-in-this-tutorial}
* MDES Digital Enablement API
## What will you learn {#what-will-you-learn}
* How to create an API Client using Open API Generator
* How to add and enable Authentication and Encryption to the API Client
* How to make an API call
## Pre-requisite: {#pre-requisite}
To complete this tutorial, you will need:
* Digital Enablement specification [YAML file](https://developer.mastercard.com/mdes-digital-enablement/documentation/api-reference/index.md)
* Access to Sandbox environment ()
* A project created with the Digital Enablement API.
* Your OAuth API signing key certificate (suffixed "p12")
* The Consumer Key identifier, Key Alias and Key Password associated with the above key
* Please [contact Support](https://developer.mastercard.com/support) who will supply encryption and decryption keys for Sandbox
Note: You will need to convert the .pem file to a .key file. Then, use the .key file to decrypt.
## Steps {#steps}
1. [Create an API client using an Open API Generator](https://developer.mastercard.com/platform/documentation/security-and-authentication/generating-and-configuring-a-mastercard-api-client/#step-3-generate-an-api-client-project) and using the Digital Enablement YAML file.
2. [Add the Mastercard Client Authentication Library to the API Client](https://github.com/Mastercard?&q=oauth1)
3. [Add the Client Encryption Library to the API Client](https://github.com/Mastercard?&q=client-encryption)
4. [Create an API Client Instance and Enable Authentication](https://developer.mastercard.com/platform/documentation/security-and-authentication/generating-and-configuring-a-mastercard-api-client/#step-6-create-an-api-client-instance-and-enable-authentication)
5. [Enable Encryption](https://developer.mastercard.com/platform/documentation/security-and-authentication/generating-and-configuring-a-mastercard-api-client/#step-7-enable-encryption)
6. Call the API Endpoint
You need to first call the Tokenize endpoint to generate the TUR, and then, use that TUR to call the Transact endpoint that will fetch the actual token, token expiry \& cryptogram. The token and cryptogram will then be used for the transaction and TUR to be associated with the consumer's merchant profile for future use.
[Call the /tokenize endpoint](https://developer.mastercard.com/platform/documentation/security-and-authentication/generating-and-configuring-a-mastercard-api-client/#step-8-call-the-service)
API Reference: `GET /digitization/static/1/0/tokenize`
The API client will take care of serializing, encrypting and signing the TokenizeRequestSchema request and will decrypt and deserialize the response into a TokenizeResponseSchema instance.
For example, use the TokenizeApi class and TransactApi class generated as part of step 1, as in the following code snippets. The Tokenize response will look like this:
TokenizeApi
createTokenize
(node:18332) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.
{
responseId: '123456',
responseHost: 'site.1.sample.service.mastercard.com',
decision: 'APPROVED',
authenticationMethods: [
{
id: 12344,
type: 'TEXT_TO_CARDHOLDER_NUMBER',
value: '12X-XXX-XX32'
},
{
id: 12345,
type: 'CARDHOLDER_TO_CALL_AUTOMATED_NUMBER',
value: '1-800-BANK-NUMBER'
}
],
tokenUniqueReference: 'DWSPMC000000000132d72d4fcb2f4136a0532d3093ff1a45',
panUniqueReference: 'FWSPMC000000000159f71f703d2141efaf04dd26803f922b',
productConfig: {
longDescription: 'Bank Rewards MasterCard with the super duper rewards program',
issuerProductConfigCode: '123456',
termsAndConditionsUrl: 'https://bank.com/termsAndConditions',
issuerMobileApp: {},
issuerName: 'Issuing Bank',
cardBackgroundCombinedAssetId: '739d27e5-629d-11e3-949a-0800200c9a66',
foregroundColor: '000000',
shortDescription: 'Bank Rewards MasterCard',
brandLogoAssetId: '800200c9-629d-11e3-949a-0739d27e5a66',
customerServiceUrl: 'https://bank.com/customerservice',
privacyPolicyUrl: 'https://bank.com/privacy'
},
tokenInfo: {
tokenPanSuffix: '1234',
accountPanSuffix: '2345',
tokenExpiry: '1024',
accountPanExpiry: '0922',
productCategory: 'CREDIT',
dsrpCapable: false,
tokenAssuranceLevel: 1
},
supportsAuthentication: false,
tokenDetail: {
encryptedData: {
tokenNumber: null,
expiryMonth: null,
expiryYear: null,
paymentAccountReference: '500181d9f8e0629211e3949a08002',
dataValidUntilTimestamp: null,
accountHolderData: null,
cardAccountData: null
}
}
}
The TUR returned in the Tokenize API response is then used to call the Transact API to fetch the actual token, token expiry \& cryptogram.
API Reference: `GET /remotetransaction/static/1/0/transact`
TokenizeApi api = new TokenizeApi(client);
Tokenize request = buildTokenizeRequestSchema();
TokenizeResults response = api.createTokenize(request);
TransactApi api2 = new TransactApi(client);
Transact request2 = buildTransactSchema(response.getTokenUniqueReference());
request2.setRequestId("123456");
.setResponseHost("site1.your-server.com");
.setUnpredictableNumber("23424563");
.setDsrpType("UCAF");
TransactResults response2 = api2.createTransactCall(request2);