Basis Theory logo

Basis Theory

Basis Theory is a PCI Level 1 compliant tokenization and data vault platform. Its API-first product lets developers tokenize, store, and use sensitive data - cardholder data, PII, PHI, and bank account numbers - without that data ever touching their own systems, using tokens, a detokenizing Proxy, serverless Reactors, and 3D Secure authentication.

8 APIs 0 Features
TokenizationData VaultPCI CompliancePaymentsSecurity

APIs

Basis Theory Tokens API

Create, retrieve, search, update, and delete tokens that securely vault sensitive data with masking, metadata, search indexes, fingerprinting, and token intents.

Basis Theory Tokenize / Detokenize API

Batch tokenization and detokenization endpoints that vault arbitrary object graphs into tokens and resolve token identifiers back to plaintext for authorized applications.

Basis Theory Applications API

Manage Applications (API credentials) with fine-grained permissions and access rules - the public, private, management, and expiring application types that authenticate every ca...

Basis Theory Proxy API

Manage pre-configured proxies and invoke the Proxy (pre-configured or ephemeral) to detokenize data inline and forward plaintext to a trusted third-party destination over HTTP w...

Basis Theory Reactors API

Create and manage serverless Reactors - sandboxed JavaScript functions that detokenize tokens and run custom logic against third-party services - and invoke them synchronously o...

Basis Theory 3D Secure API

Create 3D Secure sessions against tokenized cards, run frictionless or challenge authentication, and retrieve authentication values, ECI, and liability-shift results for payment...

Basis Theory Tenants API

Read and manage the current tenant, retrieve monthly active token usage reports, manage the security contact, and list audit logs of platform activity.

Basis Theory Webhooks API

Register webhook URLs, subscribe to platform event types, and manage event subscriptions so downstream systems are notified of token, reactor, and other lifecycle events.

Visuals

Basis Theory screenshot

Resources

👥
GitHubOrganization
GitHubOrganization
🔗
LinkedIn
LinkedIn
🔗
Website
Website
🔗
Documentation
Documentation
🔗
Plans
Plans
🔗
RateLimits
RateLimits
🔗
FinOps
FinOps

Sources

Raw ↑ 
aid: basis-theory
url: https://raw.githubusercontent.com/api-evangelist/basis-theory/refs/heads/main/apis.yml
name: Basis Theory
kind: company
description: Basis Theory is a PCI Level 1 compliant tokenization and data vault platform.
  Its API-first product lets developers tokenize, store, and use sensitive data -
  cardholder data, PII, PHI, and bank account numbers - without that data ever touching
  their own systems, using tokens, a detokenizing Proxy, serverless Reactors, and
  3D Secure authentication.
image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
tags:
- Tokenization
- Data Vault
- PCI Compliance
- Payments
- Security
created: '2026-06-20'
modified: '2026-06-20'
specificationVersion: '0.19'
apis:
- aid: basis-theory:basis-theory-tokens-api
  name: Basis Theory Tokens API
  tags:
  - Tokens
  - Tokenization
  - Data Vault
  image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
  humanURL: https://developers.basistheory.com/docs/api/tokens
  baseURL: https://api.basistheory.com
  properties:
  - url: https://developers.basistheory.com/docs/api/tokens
    type: Documentation
  - url: https://developers.basistheory.com/docs/api/tokens/token-object
    type: APIReference
  - url: openapi/basis-theory-openapi.yml
    type: OpenAPI
  - url: collections/basis-theory.postman_collection.json
    type: PostmanCollection
  - url: collections/basis-theory.opencollection.json
    type: OpenCollection
  description: Create, retrieve, search, update, and delete tokens that securely vault
    sensitive data with masking, metadata, search indexes, fingerprinting, and token
    intents.
- aid: basis-theory:basis-theory-tokenize-detokenize-api
  name: Basis Theory Tokenize / Detokenize API
  tags:
  - Tokenize
  - Detokenize
  - Batch
  image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
  humanURL: https://developers.basistheory.com/docs/api/tokens/tokenize
  baseURL: https://api.basistheory.com
  properties:
  - url: https://developers.basistheory.com/docs/api/tokens/tokenize
    type: Documentation
  - url: https://developers.basistheory.com/docs/api/tokens/detokenize
    type: APIReference
  - url: openapi/basis-theory-openapi.yml
    type: OpenAPI
  - url: collections/basis-theory.postman_collection.json
    type: PostmanCollection
  - url: collections/basis-theory.opencollection.json
    type: OpenCollection
  description: Batch tokenization and detokenization endpoints that vault arbitrary
    object graphs into tokens and resolve token identifiers back to plaintext for
    authorized applications.
- aid: basis-theory:basis-theory-applications-api
  name: Basis Theory Applications API
  tags:
  - Applications
  - API Keys
  - Permissions
  image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
  humanURL: https://developers.basistheory.com/docs/api/applications
  baseURL: https://api.basistheory.com
  properties:
  - url: https://developers.basistheory.com/docs/api/applications
    type: Documentation
  - url: https://developers.basistheory.com/docs/api/applications/application-object
    type: APIReference
  - url: openapi/basis-theory-openapi.yml
    type: OpenAPI
  - url: collections/basis-theory.postman_collection.json
    type: PostmanCollection
  - url: collections/basis-theory.opencollection.json
    type: OpenCollection
  description: Manage Applications (API credentials) with fine-grained permissions
    and access rules - the public, private, management, and expiring application types
    that authenticate every call to the platform.
- aid: basis-theory:basis-theory-proxy-api
  name: Basis Theory Proxy API
  tags:
  - Proxy
  - Detokenize
  - Outbound
  image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
  humanURL: https://developers.basistheory.com/docs/api/proxies
  baseURL: https://api.basistheory.com
  properties:
  - url: https://developers.basistheory.com/docs/api/proxies
    type: Documentation
  - url: https://developers.basistheory.com/docs/api/proxies/pre-configured-proxies
    type: APIReference
  - url: openapi/basis-theory-openapi.yml
    type: OpenAPI
  - url: collections/basis-theory.postman_collection.json
    type: PostmanCollection
  - url: collections/basis-theory.opencollection.json
    type: OpenCollection
  description: Manage pre-configured proxies and invoke the Proxy (pre-configured or
    ephemeral) to detokenize data inline and forward plaintext to a trusted third-party
    destination over HTTP without storing it on your servers.
- aid: basis-theory:basis-theory-reactors-api
  name: Basis Theory Reactors API
  tags:
  - Reactors
  - Serverless
  - Detokenize
  image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
  humanURL: https://developers.basistheory.com/docs/api/reactors
  baseURL: https://api.basistheory.com
  properties:
  - url: https://developers.basistheory.com/docs/api/reactors
    type: Documentation
  - url: https://developers.basistheory.com/docs/api/reactors/reactor-object
    type: APIReference
  - url: openapi/basis-theory-openapi.yml
    type: OpenAPI
  - url: collections/basis-theory.postman_collection.json
    type: PostmanCollection
  - url: collections/basis-theory.opencollection.json
    type: OpenCollection
  description: Create and manage serverless Reactors - sandboxed JavaScript functions
    that detokenize tokens and run custom logic against third-party services - and
    invoke them synchronously or asynchronously.
- aid: basis-theory:basis-theory-3ds-api
  name: Basis Theory 3D Secure API
  tags:
  - 3DS
  - Authentication
  - Payments
  image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
  humanURL: https://developers.basistheory.com/docs/api/3ds
  baseURL: https://api.basistheory.com
  properties:
  - url: https://developers.basistheory.com/docs/api/3ds
    type: Documentation
  - url: https://developers.basistheory.com/docs/api/3ds/sessions
    type: APIReference
  - url: openapi/basis-theory-openapi.yml
    type: OpenAPI
  - url: collections/basis-theory.postman_collection.json
    type: PostmanCollection
  - url: collections/basis-theory.opencollection.json
    type: OpenCollection
  description: Create 3D Secure sessions against tokenized cards, run frictionless
    or challenge authentication, and retrieve authentication values, ECI, and liability-shift
    results for payment flows.
- aid: basis-theory:basis-theory-tenants-api
  name: Basis Theory Tenants API
  tags:
  - Tenants
  - Usage
  - Logs
  image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
  humanURL: https://developers.basistheory.com/docs/api/tenants
  baseURL: https://api.basistheory.com
  properties:
  - url: https://developers.basistheory.com/docs/api/tenants
    type: Documentation
  - url: https://developers.basistheory.com/docs/api/logs
    type: APIReference
  - url: openapi/basis-theory-openapi.yml
    type: OpenAPI
  - url: collections/basis-theory.postman_collection.json
    type: PostmanCollection
  - url: collections/basis-theory.opencollection.json
    type: OpenCollection
  description: Read and manage the current tenant, retrieve monthly active token usage
    reports, manage the security contact, and list audit logs of platform activity.
- aid: basis-theory:basis-theory-webhooks-api
  name: Basis Theory Webhooks API
  tags:
  - Webhooks
  - Events
  - Notifications
  image: https://kinlane-images.s3.amazonaws.com/shared/apis-json/apis-json-logo.jpg
  humanURL: https://developers.basistheory.com/docs/api/webhooks
  baseURL: https://api.basistheory.com
  properties:
  - url: https://developers.basistheory.com/docs/api/webhooks
    type: Documentation
  - url: https://developers.basistheory.com/docs/api/webhooks/api
    type: APIReference
  - url: openapi/basis-theory-openapi.yml
    type: OpenAPI
  - url: collections/basis-theory.postman_collection.json
    type: PostmanCollection
  - url: collections/basis-theory.opencollection.json
    type: OpenCollection
  description: Register webhook URLs, subscribe to platform event types, and manage
    event subscriptions so downstream systems are notified of token, reactor, and
    other lifecycle events.
common:
- type: GitHubOrganization
  url: https://github.com/Basis-Theory
- type: LinkedIn
  url: https://www.linkedin.com/company/basis-theory
- type: Website
  url: https://basistheory.com/
- type: Documentation
  url: https://developers.basistheory.com/docs
- type: Plans
  url: plans/basis-theory-plans-pricing.yml
- type: RateLimits
  url: rate-limits/basis-theory-rate-limits.yml
- type: FinOps
  url: finops/basis-theory-finops.yml
maintainers:
- FN: Kin Lane
  email: kin@apievangelist.com