# Versioning and change log

This log details any breaking and non-breaking API changes we have released for our Verified Tokens service.

Prerequisite
Make yourself familiar with our [API principles](/access/products/reference/api-principles) to ensure a resilient integration.

## Versioning log

#### Version 3 (18 August 2020)

details
summary
Additional card data
Version 3 was introduced to include card data in the [Verified Tokens response](/access/products/verified-tokens/create-verified-token).

#### Version 2 (12 May 2020)

details
summary
Downstream cross service integration
- no changes to our Verified Tokens API


## Change log (non-breaking changes)

details
summary
2024
#### New oneTime endpoint (all versions) (28 February 2024)

details
summary
More details
We have added a new [`oneTime` endpoint](/access/products/verified-tokens/create-verified-token).  You can use this endpoint if PSD2 regulations apply to you (primarily if you are located in the UK, EEA, and Gibraltar).
If you intend to keep the token for future payments, proceed to a `challengeMandated` 3DS flow to remain SCA compliant, before taking a payment.

You can also use this, if you want to take a one-off payment. You must delete the token afterwards.

details
summary
2023
#### Extended expiry for tokens (all versions) (31 January 2023)

details
summary
More details
The default expiry date/time of a token is 7 days in Try and 4 years in the Live environment. This expiry is extended by 7 days or 4 years after any use of the token, if under half of the time remains on the token.

details
summary
2022
#### Additional elements for Not Verified Token response (all versions) (08 March 2022)

details
summary
More details
- In version 3, we're now creating unverified token in case of account verification failure and return `code` and `description` as part of the [Not Verified Token response](/access/products/verified-tokens/create-verified-token).
- In version 2, we're now creating unverified token `href` in case of account verification failure and return `code` and `description` as part of the [Not Verified Token response](/access/products/verified-tokens/v2/create-verified-token).
- In version 1, we're now creating unverified token `href` in case of account verification failure as part of the [Not Verified Token response](/access/products/verified-tokens/v1/create-verified-token).


details
summary
2021
#### Optional narrative field in request (19 March 2021)

details
summary
More details
You can now optionally send `narrative` as part of the Verified Tokens request.