For security, this API is not directly accessible from the client (as you will need to use your elements API key to authenticate the request). Instead, your server provides the SDK with a publishable client token—a short-lived API key with restricted access to the tokenization API. You can think of a publishable client token as a session, authorizing the SDK to retrieve and update a specific customer's information for the duration of the session. Server-side To provide a publishable client token to the SDK, you’ll need to expose a new API endpoint on your backend. This endpoint should create a publishable client token for the current customer, and return the key’s unmodified response as JSON. As mentioned before, whenever you experienced problems generating a publishable client token, simply pass an empty string and our SDKs will trigger failover to your default PSP automatically. Client-side please see details in


POSTv1/authentication/client_tokencreate client token