Create a Moov account with the business or individual profile and the required KYC fields; poll the account requirements endpoint until all verification requirements are satisfied
Request the card-issuing capability on the account via the capabilities endpoint and poll until the capability status transitions to enabled — requirements such as bank account verification or business verification must be cleared first
Create a virtual card tied to the account specifying spend limits and the funding source (Moov wallet or linked bank account)
To retrieve full PAN and CVV, obtain a scoped access token with the card-details:read scope from Moov's OAuth endpoint; the main API token does not grant PCI-scoped card detail access
Display card details in a PCI-compliant iframe provided by Moov's card detail reveal component rather than passing raw PAN through your server
Handle card state transitions (ACTIVE, SUSPENDED, CLOSED) via Moov webhook events and update your internal card state accordingly
Known gotchas
Moov capability requirements are dynamic — a capability may unlock then re-lock if a document expires or a KYC review flags an issue; build a capability status monitor, not a one-time check
PCI card detail retrieval requires a separate short-lived scoped token; storing or logging the PAN through your backend immediately triggers PCI DSS scope expansion
Sandbox card issuance does not produce real BINs; test card numbers will not pass Luhn checks in third-party systems
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp