Customer Card

Calls mentioned would require client_access_token in the Request header alongside the nonce from the previous step.

If the user has a valid card, a call to endpoint

POST /api/1/card/add?locale={{locale}} 

can be made using the payload.

{
    "auth_nonce": "<NONCE>",
    "identifier": "<CARD_NUMBER>"
}

If the user prefers to skip this part, a call to the endpoint

GET /api/1/user/complete-step?locale=locale&auth_nonce=<NONCE>&skip[]=<STEP_NUMBER> 

would skip this step and determine the next step for the client