shihaam/thijooree
1
0
Fork 1
Code Issues 12 Pull Requests 2 Actions Packages Projects Releases 20 Wiki Activity
Files
e9979690706bdccd2c9afa7bac3e80ffc2d32922
thijooree/docs/bmlapi/15-card-freeze.md
T
shihaam a8cd22cbe1
Auto Tag on Version Change / check-version (push) Failing after 13m32s
Details
update docs
2026-06-13 21:30:12 +05:00

2.9 KiB
Raw Blame History

Card Freeze / Unfreeze

Lock or unlock a BML card to block / allow new authorisations. The same endpoint handles both actions, distinguished by the action field.

Endpoint

POST https://www.bankofmaldives.com.mv/internetbanking/api/mobile/services/card/freeze

Prerequisites

  • Valid access_token from OAuth Token Exchange
  • cardId is the internal card UUID (BankAccount.internalId, sourced from the id field of a Card entry in the dashboard response) — NOT the displayed 16-digit card number

Request

Body

Content-Type: application/json

{
  "card": "<internalId>",
  "action": "freeze"
}
Field Type Notes
card string Internal card UUID — the id from the dashboard Card object
action string "freeze" to lock the card; "unfreeze" to unlock

Headers

Header Value
Authorization Bearer <access_token>
User-Agent bml-mobile-banking/348 ({manufacturer}; Android {version}; {model})
x-app-version 2.1.44.348
accept application/json
Content-Type application/json 
curl --request POST \
  --url 'https://www.bankofmaldives.com.mv/internetbanking/api/mobile/services/card/freeze' \
  --header 'Authorization: Bearer <access_token>' \
  --header 'User-Agent: bml-mobile-banking/348 ({manufacturer}; Android {version}; {model})' \
  --header 'x-app-version: 2.1.44.348' \
  --header 'accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '{"card":"abc-123-def-456","action":"freeze"}'

Response

{
  "success": true,
  "code": 0,
  "payload": "Card frozen successfully",
  "message": ""
}

Fields

Field Type Description
success bool true on success
code int 0 on success; non-zero indicates an error
payload string Human-readable confirmation text (may be blank)
message string Fallback error/info text

Success is determined by both success == true AND code == 0 (BmlCardClient.kt:46). Either condition alone is not enough.

Display Message

The client prefers payload for the confirmation text and falls back to message when payload is blank (BmlCardClient.kt:49):

payload (if non-blank) → fallback message

Failure

{
  "success": false,
  "code": 1,
  "payload": "",
  "message": "Card cannot be frozen at this time"
}

Returned with HTTP 200 for application-level errors. The message (or payload) field contains the reason.

Server / Auth Errors

HTTP Code Behaviour
401 / 419 Throws AuthExpiredException — refresh the token or re-login
5xx Throws BankServerException("BML") — server-side failure, retry

 

← Notifications

Reference in New Issue View Git Blame Copy Permalink