Network Tokens Testing
Basis Theory provides a Network Tokens sandbox environment that provides stubbed responses without forwarding your requests to the card networks.
Once the feature is enabled, test tenants will be configured to use the Network Tokens sandbox, and you can use the test cards defined below to simulate various scenarios.
Test Cards
The following test cards can be used to test different error and success scenarios when creating network tokens.
| PAN | Card Brand | Response | Error Title |
|---|---|---|---|
4000000000000002 | Visa | Success | [Not Applicable] |
4000000000000085 | Visa | Success | [Not Applicable] |
4000000000000093 | Visa | Success | [Not Applicable] |
5100000000000008 | Mastercard | Success | [Not Applicable] |
5100000000000065 | Mastercard | Success | [Not Applicable] |
5100000000000073 | Mastercard | Success | [Not Applicable] |
6011000000000004 | Discover | Success | [Not Applicable] |
370000000000002 | American Express | Success | [Not Applicable] |
370000000000069 | American Express | Success | [Not Applicable] |
370000000000077 | American Express | Success | [Not Applicable] |
4012888888881881 | Visa | Provision Data Expired | PROVISION_DATA_EXPIRED |
5105105105105100 | Mastercard | Provision Data Expired | PROVISION_DATA_EXPIRED |
6011601160116611 | Discover | Provision Data Expired | PROVISION_DATA_EXPIRED |
371449635398431 | American Express | Provision Data Expired | PROVISION_DATA_EXPIRED |
4330251207506660 | Visa | Card Verification Failed | CARD_VERIFICATION_FAILED |
5461310156953048 | Mastercard | Card Verification Failed | CARD_VERIFICATION_FAILED |
6011168802268945 | Discover | Card Verification Failed | CARD_VERIFICATION_FAILED |
370488998077498 | American Express | Card Verification Failed | CARD_VERIFICATION_FAILED |
4539097887163333 | Visa | Card Not Eligible | CARD_NOT_ELIGIBLE |
5325191087030619 | Mastercard | Card Not Eligible | CARD_NOT_ELIGIBLE |
6011690151507086 | Discover | Card Not Eligible | CARD_NOT_ELIGIBLE |
373555735376156 | American Express | Card Not Eligible | CARD_NOT_ELIGIBLE |
4929980395567582 | Visa | Card Not Allowed | CARD_NOT_ALLOWED |
5580422612666704 | Mastercard | Card Not Allowed | CARD_NOT_ALLOWED |
6011444770992901 | Discover | Card Not Allowed | CARD_NOT_ALLOWED |
378025849667382 | American Express | Card Not Allowed | CARD_NOT_ALLOWED |
4929544240318920 | Visa | Card Declined | CARD_DECLINED |
5157204564548129 | Mastercard | Card Declined | CARD_DECLINED |
6011760519541711 | Discover | Card Declined | CARD_DECLINED |
348322853530243 | American Express | Card Declined | CARD_DECLINED |
4916725297925395 | Visa | Provision Not Allowed | PROVISION_NOT_ALLOWED |
5336475987107024 | Mastercard | Provision Not Allowed | PROVISION_NOT_ALLOWED |
6011490740263725 | Discover | Provision Not Allowed | PROVISION_NOT_ALLOWED |
375155165213132 | American Express | Provision Not Allowed | PROVISION_NOT_ALLOWED |
4711358892785746 | Visa | Card Eligibility Error | CARD_ELIGIBILITY_ERROR |
5233580618829955 | Mastercard | Card Eligibility Error | CARD_ELIGIBILITY_ERROR |
6011000990139424 | Discover | Card Eligibility Error | CARD_ELIGIBILITY_ERROR |
348835199015504 | American Express | Card Eligibility Error | CARD_ELIGIBILITY_ERROR |
5555555555554444 | Mastercard | Issuer Declined | ISSUER_DECLINED |
Deduplication
When the same PAN is provisioned more than once within a sandbox tenant, the API returns the existing Network Token with _extras.deduplicated: true. You can use this to validate your integration's handling of idempotent provisioning before going live. In production, deduplication behavior varies by network — see Deduplication for details.
Card Art
In the sandbox, the Get a Network Token Account endpoint returns Basis Theory-hosted placeholder images for logo and card_image in place of network-provided assets. The image dimensions, descriptions, and background_color are returned as-is, so you can build and verify your card art rendering before going live. In production, these fields are populated with the card art the network returns for the provisioned card.
logo, card_image, or background_color are null.Recommended Error Handling
Depending on the error you receive, you should take different actions. This table provides guidance on handling each error type:
| Error Title | Recommended Action | Retryable |
|---|---|---|
| PROVISION_DATA_EXPIRED | Request updated card details from the user. | ✅ Yes |
| CARD_VERIFICATION_FAILED | Prompt user to re-enter CVV or use another card. | ✅ Yes |
| CARD_NOT_ELIGIBLE | Advise user to use a different card. | ❌ No |
| CARD_NOT_ALLOWED | Advise user to use a different card. | ❌ No |
| CARD_DECLINED | Suggest user contact issuer or try another card. | ❌ No |
| ISSUER_DECLINED | Suggest user contact their issuing bank or try another card. | ❌ No |
| PROVISION_NOT_ALLOWED | Advise user to contact issuer or use another card. | ❌ No |
| CARD_NUMBER_LENGTH_INVALID | Verify the card number length is between 13 and 16 digits inclusive. | ❌ No |
| CARD_DATA_MISSING | Ensure at least card number, expiration year, and expiration month are provided in the entity. | ❌ No |
| CARD_ELIGIBILITY_ERROR | Retry once; if unsuccessful, use a different card. | ⚠️ Once |
Not all errors can be safely retried without user interaction. The retry statuses are defined as:
- ✅ Yes: You can safely retry the request after collecting updated or corrected user information.
- ⚠️ Once: Attempt one retry; further retries might not resolve the issue.
- ❌ No: Do not retry automatically. The user must provide alternative card information or contact the issuer.