# Remove card token ## OpenAPI Specification ```yaml openapi: 3.0.1 info: title: '' description: '' version: 1.0.0 paths: /api/payment-gateway/v1/cof/remove: post: summary: Remove card token deprecated: false description: >- This API allows you to **remove a customer's linked card token** from your platform. Once the token is **removed**, this action **cannot be undone**, and the token will no longer be valid for purchases. tags: - Credentials on File parameters: - name: Content-Type in: header description: '' required: true example: application/json schema: type: string requestBody: content: application/json: schema: type: object properties: merchant_id: type: string description: A unique merchant key provided by ABA Bank. maxLength: 20 ctid: type: string description: >- This value uniquely identifies your customer. Make sure each customer has a different ctid. maxLength: 250 pwt: type: string description: Token generated by the payment gateway. maxLength: 250 hash: type: string description: >- Base64-encoded HMAC-SHA512 hash of concatenated values `merchant_id`, `ctid`, and `pwt`, using `public_key`. **PHP Sample Code** ```php // public key provided by ABA Bank $api_key = "API KEY PROVIDED BY ABA BANK"; // Prepare the data to be hashed $b4hash = $merchant_id . $ctid . $pwt; // Generate the HMAC hash using SHA-512 and encode it in Base64 $hash = base64_encode(hash_hmac('sha512', $b4hash, $api_key, true)); ``` x-apidog-orders: - merchant_id - ctid - pwt - hash required: - merchant_id - ctid - pwt - hash example: merchant_id: ec000002 ctid: 522235F63E4998...ABC270FC9FE07409F6ACD716B88 pwt: 5222359B5394FF7B...259BFE3868B08461F hash: xShjXEibzGYj...u7fpx2SLfEu.HR0eyNKAbg== responses: '200': description: '' content: application/json: schema: type: object properties: status: type: object properties: code: type: string description: >- - `00` : Success - `1` : Invalid hash value - `11` : An unexpected error occurred. Please try again later or contact ABA support for assistance. - `26` : Merchant profile is invalid - `29` : Invalid `ctid` or `pwt` value message: type: string description: Please see more details on the property `code` above. x-apidog-orders: - code - message description: status required: - code - message x-apidog-orders: - status required: - status headers: {} x-apidog-name: OK security: [] x-apidog-folder: Credentials on File x-apidog-status: released x-run-in-apidog: https://app.apidog.com/web/project/831852/apis/api-14530831-run components: schemas: {} securitySchemes: {} servers: - url: https://checkout-sandbox.payway.com.kh/ description: StillZeroBug security: [] ```