Passing payment ID to card's source ID causing INVALID_CARD_DATA

As of recently I noticed our system for creating reusable card payments through Square is broken. This feature was working fine as of two weeks ago when I last worked with it. My basic square payment flow is as follows:

  1. Take the card details on the frontend with web payments sdk, tokenize and send to backend
  2. Use card details to place a payment via the payments api
  3. Pass this payment id as the source_id for the cards api alongside the original card details.

As of now I get a 400 error code response with reason being INVALID_CARD_DATA, and the field specified being “source_id”

Does anyone know, has square modified something regarding this. I’ve been trying to find a blog post or anything related specifying this change in behavior? It feels odd that something previously working is no longer functioning. Behavior seems to be replicable in both sandbox and prod

What’s your application ID and do you have some payment_ids that this happened with? :slightly_smiling_face:

Application ID: sandbox-sq0idb-j6U0SMfEc8kVom5S3A7PZw
Here’s an example of the body parameter passed to cardsApi.createCard on the server:

    "sourceId": "jzhmzGdbbQpyc3ey1vgWqtSErqNZY",
            "addressLine1": "643 S Clinton St",
            "addressLine2": "",
            "locality": "Iowa City",
            "administrativeDistrictLevel1": "IA",
            "postalCode": "52240",
            "country": "US"
        "customerId": "AKKCJBVNXAWQJZWTK627MQM04R"

In this case source_id would be the payment ID created from the tokenized card.

I am having this same issue creating a card on file using a payment id as the source_id for the createCardRequest as shown below(createCardRes->isSuccess() is false). For reference, I am using the PHP SDK here.

    $card = new \Square\Models\Card();
    $card->setCardholderName($_REQUEST['firstName'].' '.$_REQUEST['lastName']);

    $createCardReq = new \Square\Models\CreateCardRequest(

    $createCardRes = $client->getCardsApi()->createCard($createCardReq);

    if ($createCardRes->isSuccess()) {
        $card = $createCardRes->getResult();

My application id is sandbox-sq0idb-UGQmnALynusAQq30iGglNg

My payment id is bzHwDmwryyJGR1mEPVk9oWjbseHZY

If you use the test value cnon:card-nonce-ok does it work as expected? I believe this is because the payment was completed with one to the test cards. :slightly_smiling_face:

Aha, thank you, seems like a silly mistake on my part!
I was using test card (VISA) 4111 1111 1111 1111, CVV - 111
I just tried (Mastercard) 5105 1051 0510 5100 CVV - 111 and now saving the customer is working fine!

Glad to hear its working as expected. :slightly_smiling_face:

Ah, my issue here was the zip code I had saved on file varied from the one I was using in the client-side component :person_facepalming:. All is well :slight_smile:

Glad to hear you figured it out! This has also happened to me so many times. lol :slightly_smiling_face: