Update a spending card

Update a Moov issued card.

To access this endpoint using an access token you'll need to specify the /accounts/{accountID}/issued-cards.write scope.

PATCH

/issuing/{accountID}/cards/{issuedCardID}

curl -X PATCH "https://api.moov.io/issuing/{accountID}/cards/{issuedCardID}" \
  -H "Authorization: Bearer {token}" \
  -H "X-Moov-Version: v2026.04.00"

import { Moov } from "@moovio/sdk";

const moov = new Moov({
  security: {
    username: "",
    password: "",
  },
});

async function run() {
  const result = await moov.cardIssuing.update({
    accountID: "44db31bc-2813-424b-9b8c-2d3f5f1300e3",
    issuedCardID: "69ca2a7e-7bbc-4176-9d0c-2a1aa7143006",
    updateIssuedCard: {
      metadata: {
        "optional": "metadata",
      },
      billingAddress: {
        addressLine1: "123 Main Street",
        addressLine2: "Apt 302",
        city: "Boulder",
        stateOrProvince: "CO",
        postalCode: "80301",
        country: "US",
      },
    },
  });

  console.log(result);
}

run();

declare(strict_types=1);

require 'vendor/autoload.php';

use Moov\MoovPhp;
use Moov\MoovPhp\Models\Components;

$sdk = MoovPhp\Moov::builder()
    ->setSecurity(
        new Components\Security(
            username: '',
            password: '',
        )
    )
    ->build();

$updateIssuedCard = new Components\UpdateIssuedCard(
    metadata: [
        'optional' => 'metadata',
    ],
    billingAddress: new Components\BillingAddress(
        addressLine1: '123 Main Street',
        addressLine2: 'Apt 302',
        city: 'Boulder',
        stateOrProvince: 'CO',
        postalCode: '80301',
        country: 'US',
    ),
);

$response = $sdk->cardIssuing->update(
    accountID: '44db31bc-2813-424b-9b8c-2d3f5f1300e3',
    issuedCardID: '69ca2a7e-7bbc-4176-9d0c-2a1aa7143006',
    updateIssuedCard: $updateIssuedCard

);

if ($response->issuedCard !== null) {
    // handle response
}

package hello.world;

import io.moov.sdk.Moov;
import io.moov.sdk.models.components.*;
import io.moov.sdk.models.errors.GenericError;
import io.moov.sdk.models.errors.UpdateIssuedCardError;
import io.moov.sdk.models.operations.UpdateIssuedCardResponse;
import java.lang.Exception;
import java.util.Map;

public class Application {

    public static void main(String[] args) throws GenericError, UpdateIssuedCardError, Exception {

        Moov sdk = Moov.builder()
                .security(Security.builder()
                    .username("")
                    .password("")
                    .build())
            .build();

        UpdateIssuedCardResponse res = sdk.cardIssuing().update()
                .accountID("44db31bc-2813-424b-9b8c-2d3f5f1300e3")
                .issuedCardID("69ca2a7e-7bbc-4176-9d0c-2a1aa7143006")
                .updateIssuedCard(UpdateIssuedCard.builder()
                    .metadata(Map.ofEntries(
                        Map.entry("optional", "metadata")))
                    .billingAddress(BillingAddress.builder()
                        .addressLine1("123 Main Street")
                        .addressLine2("Apt 302")
                        .city("Boulder")
                        .stateOrProvince("CO")
                        .postalCode("80301")
                        .country("US")
                        .build())
                    .build())
                .call();

        if (res.issuedCard().isPresent()) {
            System.out.println(res.issuedCard().get());
        }
    }
}

from moovio_sdk import Moov
from moovio_sdk.models import components


with Moov(
    security=components.Security(
        username="",
        password="",
    ),
) as moov:

    res = moov.card_issuing.update(account_id="44db31bc-2813-424b-9b8c-2d3f5f1300e3", issued_card_id="69ca2a7e-7bbc-4176-9d0c-2a1aa7143006", metadata={
        "optional": "metadata",
    }, billing_address={
        "address_line1": "123 Main Street",
        "address_line2": "Apt 302",
        "city": "Boulder",
        "state_or_province": "CO",
        "postal_code": "80301",
        "country": "US",
    })

    # Handle response
    print(res)

require 'moov_ruby'

Models = ::Moov::Models
s = ::Moov::Client.new(
  security: Models::Components::Security.new(
    username: '',
    password: ''
  )
)
res = s.card_issuing.update(account_id: '44db31bc-2813-424b-9b8c-2d3f5f1300e3', issued_card_id: '69ca2a7e-7bbc-4176-9d0c-2a1aa7143006', update_issued_card: Models::Components::UpdateIssuedCard.new(
  metadata: {
    'optional' => 'metadata',
  },
  billing_address: Models::Components::BillingAddress.new(
    address_line1: '123 Main Street',
    address_line2: 'Apt 302',
    city: 'Boulder',
    state_or_province: 'CO',
    postal_code: '80301',
    country: 'US'
  )
))

unless res.issued_card.nil?
  # handle response
end

using Moov.Sdk;
using Moov.Sdk.Models.Components;
using System.Collections.Generic;

var sdk = new MoovClient(security: new Security() {
    Username = "",
    Password = "",
});

var res = await sdk.CardIssuing.UpdateAsync(
    accountID: "44db31bc-2813-424b-9b8c-2d3f5f1300e3",
    issuedCardID: "69ca2a7e-7bbc-4176-9d0c-2a1aa7143006",
    body: new UpdateIssuedCard() {
        Metadata = new Dictionary<string, string>() {
            { "optional", "metadata" },
        },
        BillingAddress = new BillingAddress() {
            AddressLine1 = "123 Main Street",
            AddressLine2 = "Apt 302",
            City = "Boulder",
            StateOrProvince = "CO",
            PostalCode = "80301",
            Country = "US",
        },
    }
);

// handle response

200 400 401 403 404 409 422 429 500 504

The request completed successfully.

application/json

{
  "issuedCardID": "string",
  "brand": "Visa",
  "lastFourCardNumber": "string",
  "expiration": {
    "month": "01",
    "year": "21"
  },
  "fundingWalletID": "string",
  "authorizedUserAccountID": "string",
  "nickname": "string",
  "metadata": {
    "optional": "metadata"
  },
  "billingAddress": {
    "addressLine1": "123 Main Street",
    "addressLine2": "Apt 302",
    "city": "Boulder",
    "stateOrProvince": "CO",
    "postalCode": "80301",
    "country": "US"
  },
  "state": "active",
  "formFactor": "virtual",
  "controls": {
    "singleUse": true,
    "velocityLimits": [
      {
        "amount": 10000,
        "interval": "per-transaction"
      }
    ]
  },
  "createdOn": "2019-08-24T14:15:22Z",
  "updatedOn": "2019-08-24T14:15:22Z"
}

x-request-id


      
      string

required

A unique identifier used to trace requests.

The server could not understand the request due to invalid syntax.

application/json

{
  "error": "string"
}

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request contained missing or expired authentication.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The user is not authorized to make the request.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The requested resource was not found.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request conflicted with the current state of the target resource.

application/json

{
  "error": "string"
}

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request was well-formed, but the contents failed validation. Check the request for missing or invalid fields.

application/json

{
  "state": "string",
  "nickname": "string",
  "metadata": "string",
  "billingAddress": {
    "addressLine1": "string",
    "addressLine2": "string",
    "city": "string",
    "stateOrProvince": "string",
    "postalCode": "string",
    "country": "string"
  }
}

x-request-id


      
      string

required

A unique identifier used to trace requests.

Request was refused due to rate limiting.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request failed due to an unexpected error.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request failed because a downstream service failed to respond.

x-request-id


      
      string

required

A unique identifier used to trace requests.

Headers

X-Moov-Version


      
      string

Set this header to v2026.04.00 to use the API described in this specification. When omitted, the server defaults to v2024.01.00, which may not match the behavior documented here.

Possible values: v2026.04.00

Path parameters

accountID


      
      string

required

The Moov business account for which the card was issued.

issuedCardID


      
      string

required

Body

application/json

billingAddress

object
          | null

Show child attributes

addressLine1

string

<=60 characters

addressLine2

string

<=32 characters

city

string

<=32 characters

country

string

<=2 characters

postalCode

string

<=5 characters

stateOrProvince

string

<=2 characters

metadata

object
          | null

Free-form key-value pair list. Useful for storing information that is not captured elsewhere.

nickname

string
          | null

state

string<enum>

Updates the state of a Moov issued card.

closed: The card is permanently deactivated and cannot approve authorizations. A card can be closed by request or when it expires.

Possible values: closed

Response

application/json

brand

string<enum>

required

The card brand.

Possible values: American Express, Discover, Mastercard, Visa, Unknown

createdOn

string<date-time>

required

expiration

object

required

The expiration date of the card or token.

Show child attributes

month

string

2 characters required

Two-digit month the card expires.

year

string

2 characters required

Two-digit year the card expires.

formFactor

string<enum>

required

Specifies the type of spend card to be issued. Presently supports virtual only, providing a digital number without a physical card.

Possible values: virtual

fundingWalletID

string

required

Unique identifier for the wallet funding the card.

issuedCardID

string

required

lastFourCardNumber

string

required

state

string<enum>

required

The state represents the operational status of an issued card. A card can only approve incoming authorizations if it is in an active state.

active: The card is operational and approves authorizations. Generally becomes active shortly after card creation.
inactive: The card cannot approve authorizations. This is currently a temporary state assigned post-creation during the activation process.
closed: The card is permanently deactivated and cannot approve authorizations. A card can be closed by request or when it expires.
pending-verification: Awaiting additional authorized user verification before the card can be activated.

Possible values: active, inactive, pending-verification, closed

updatedOn

string<date-time>

required

authorizedUserAccountID

string

Identifier for the account of the card's authorized user.

billingAddress


              object

Billing address associated with the card.

Show child attributes

addressLine1

string

<=60 characters required

addressLine2

string

<=32 characters

city

string

<=32 characters required

country

string

<=2 characters required

postalCode

string

<=5 characters required

stateOrProvince

string

<=2 characters required

controls

object

Show child attributes

singleUse

boolean

Indicates if the card is single-use. If true, the card closes after the first authorization.

velocityLimits

array<object>

Sets the spending limit per time interval. Only one limit per interval is supported.

Show child attributes

amount

integer<int64>

The maximum amount in cents that can be spent in a given interval.

interval

string<enum>

Specifies the time frame for the velocity limit. Currently supports only per-transaction limits.

Possible values: per-transaction

metadata

object

Free-form key-value pair list. Useful for storing information that is not captured elsewhere.

nickname

string

An optional descriptive name for the card.

curl -X PATCH "https://api.moov.io/issuing/{accountID}/cards/{issuedCardID}" \
  -H "Authorization: Bearer {token}" \
  -H "X-Moov-Version: v2026.04.00"

import { Moov } from "@moovio/sdk";

const moov = new Moov({
  security: {
    username: "",
    password: "",
  },
});

async function run() {
  const result = await moov.cardIssuing.update({
    accountID: "44db31bc-2813-424b-9b8c-2d3f5f1300e3",
    issuedCardID: "69ca2a7e-7bbc-4176-9d0c-2a1aa7143006",
    updateIssuedCard: {
      metadata: {
        "optional": "metadata",
      },
      billingAddress: {
        addressLine1: "123 Main Street",
        addressLine2: "Apt 302",
        city: "Boulder",
        stateOrProvince: "CO",
        postalCode: "80301",
        country: "US",
      },
    },
  });

  console.log(result);
}

run();

declare(strict_types=1);

require 'vendor/autoload.php';

use Moov\MoovPhp;
use Moov\MoovPhp\Models\Components;

$sdk = MoovPhp\Moov::builder()
    ->setSecurity(
        new Components\Security(
            username: '',
            password: '',
        )
    )
    ->build();

$updateIssuedCard = new Components\UpdateIssuedCard(
    metadata: [
        'optional' => 'metadata',
    ],
    billingAddress: new Components\BillingAddress(
        addressLine1: '123 Main Street',
        addressLine2: 'Apt 302',
        city: 'Boulder',
        stateOrProvince: 'CO',
        postalCode: '80301',
        country: 'US',
    ),
);

$response = $sdk->cardIssuing->update(
    accountID: '44db31bc-2813-424b-9b8c-2d3f5f1300e3',
    issuedCardID: '69ca2a7e-7bbc-4176-9d0c-2a1aa7143006',
    updateIssuedCard: $updateIssuedCard

);

if ($response->issuedCard !== null) {
    // handle response
}

package hello.world;

import io.moov.sdk.Moov;
import io.moov.sdk.models.components.*;
import io.moov.sdk.models.errors.GenericError;
import io.moov.sdk.models.errors.UpdateIssuedCardError;
import io.moov.sdk.models.operations.UpdateIssuedCardResponse;
import java.lang.Exception;
import java.util.Map;

public class Application {

    public static void main(String[] args) throws GenericError, UpdateIssuedCardError, Exception {

        Moov sdk = Moov.builder()
                .security(Security.builder()
                    .username("")
                    .password("")
                    .build())
            .build();

        UpdateIssuedCardResponse res = sdk.cardIssuing().update()
                .accountID("44db31bc-2813-424b-9b8c-2d3f5f1300e3")
                .issuedCardID("69ca2a7e-7bbc-4176-9d0c-2a1aa7143006")
                .updateIssuedCard(UpdateIssuedCard.builder()
                    .metadata(Map.ofEntries(
                        Map.entry("optional", "metadata")))
                    .billingAddress(BillingAddress.builder()
                        .addressLine1("123 Main Street")
                        .addressLine2("Apt 302")
                        .city("Boulder")
                        .stateOrProvince("CO")
                        .postalCode("80301")
                        .country("US")
                        .build())
                    .build())
                .call();

        if (res.issuedCard().isPresent()) {
            System.out.println(res.issuedCard().get());
        }
    }
}

from moovio_sdk import Moov
from moovio_sdk.models import components


with Moov(
    security=components.Security(
        username="",
        password="",
    ),
) as moov:

    res = moov.card_issuing.update(account_id="44db31bc-2813-424b-9b8c-2d3f5f1300e3", issued_card_id="69ca2a7e-7bbc-4176-9d0c-2a1aa7143006", metadata={
        "optional": "metadata",
    }, billing_address={
        "address_line1": "123 Main Street",
        "address_line2": "Apt 302",
        "city": "Boulder",
        "state_or_province": "CO",
        "postal_code": "80301",
        "country": "US",
    })

    # Handle response
    print(res)

require 'moov_ruby'

Models = ::Moov::Models
s = ::Moov::Client.new(
  security: Models::Components::Security.new(
    username: '',
    password: ''
  )
)
res = s.card_issuing.update(account_id: '44db31bc-2813-424b-9b8c-2d3f5f1300e3', issued_card_id: '69ca2a7e-7bbc-4176-9d0c-2a1aa7143006', update_issued_card: Models::Components::UpdateIssuedCard.new(
  metadata: {
    'optional' => 'metadata',
  },
  billing_address: Models::Components::BillingAddress.new(
    address_line1: '123 Main Street',
    address_line2: 'Apt 302',
    city: 'Boulder',
    state_or_province: 'CO',
    postal_code: '80301',
    country: 'US'
  )
))

unless res.issued_card.nil?
  # handle response
end

using Moov.Sdk;
using Moov.Sdk.Models.Components;
using System.Collections.Generic;

var sdk = new MoovClient(security: new Security() {
    Username = "",
    Password = "",
});

var res = await sdk.CardIssuing.UpdateAsync(
    accountID: "44db31bc-2813-424b-9b8c-2d3f5f1300e3",
    issuedCardID: "69ca2a7e-7bbc-4176-9d0c-2a1aa7143006",
    body: new UpdateIssuedCard() {
        Metadata = new Dictionary<string, string>() {
            { "optional", "metadata" },
        },
        BillingAddress = new BillingAddress() {
            AddressLine1 = "123 Main Street",
            AddressLine2 = "Apt 302",
            City = "Boulder",
            StateOrProvince = "CO",
            PostalCode = "80301",
            Country = "US",
        },
    }
);

// handle response

200 400 401 403 404 409 422 429 500 504

The request completed successfully.

application/json

{
  "issuedCardID": "string",
  "brand": "Visa",
  "lastFourCardNumber": "string",
  "expiration": {
    "month": "01",
    "year": "21"
  },
  "fundingWalletID": "string",
  "authorizedUserAccountID": "string",
  "nickname": "string",
  "metadata": {
    "optional": "metadata"
  },
  "billingAddress": {
    "addressLine1": "123 Main Street",
    "addressLine2": "Apt 302",
    "city": "Boulder",
    "stateOrProvince": "CO",
    "postalCode": "80301",
    "country": "US"
  },
  "state": "active",
  "formFactor": "virtual",
  "controls": {
    "singleUse": true,
    "velocityLimits": [
      {
        "amount": 10000,
        "interval": "per-transaction"
      }
    ]
  },
  "createdOn": "2019-08-24T14:15:22Z",
  "updatedOn": "2019-08-24T14:15:22Z"
}

x-request-id


      
      string

required

A unique identifier used to trace requests.

The server could not understand the request due to invalid syntax.

application/json

{
  "error": "string"
}

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request contained missing or expired authentication.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The user is not authorized to make the request.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The requested resource was not found.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request conflicted with the current state of the target resource.

application/json

{
  "error": "string"
}

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request was well-formed, but the contents failed validation. Check the request for missing or invalid fields.

application/json

{
  "state": "string",
  "nickname": "string",
  "metadata": "string",
  "billingAddress": {
    "addressLine1": "string",
    "addressLine2": "string",
    "city": "string",
    "stateOrProvince": "string",
    "postalCode": "string",
    "country": "string"
  }
}

x-request-id


      
      string

required

A unique identifier used to trace requests.

Request was refused due to rate limiting.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request failed due to an unexpected error.

x-request-id


      
      string

required

A unique identifier used to trace requests.

The request failed because a downstream service failed to respond.

x-request-id


      
      string

required

A unique identifier used to trace requests.

Update a spending card

Response headers

Response headers

Response headers

Response headers

Response headers

Response headers

Response headers

Response headers

Response headers

Response headers

Was this helpful?