# Integration with Vault API

This section describes a new approach that enhances your security posture, reduces PCI compliance requirements, and achieves a Zero Data outcome by using the VGS Collect SDK. This solution can be used as a preferred alternative to traditional methods of collecting sensitive data.

VGS provides two APIs for creating aliases (tokenizing data).

* With [Vault API v1](https://docs.verygoodsecurity.com/vault/developer-tools/apis/vault-api-v1), you simply configure your UI and call `VGSCollect.tokenize()`.
* Integration with [Vault API v2](https://docs.verygoodsecurity.com/vault/developer-tools/apis/vault-api) requires authentication in order to create aliases in your Vault.

## Integrate Collect SDK into Your Android Project

To learn how to integrate the VGS Collect SDK and start using it, refer to the [How to Integrate the SDK](https://docs.verygoodsecurity.com/vault/developer-tools/vgs-collect/android-sdk/integration) section.

## Create an Inbound route

To use the Vault API with the VGS Collect SDK, you must first establish an [inbound connection](https://docs.verygoodsecurity.com/vault/http-proxy/inbound-connection). Go to the Dashboard and create a new Inbound Route, where the Upstream Host should point to the VGS tokenization service:

* API V1: `api.sandbox.verygoodvault.com`
* API V2:
  * Sandbox: `https://<your-vault-id>.sandbox.vault-api.verygoodvault.com`
  * Live: `https://<your-vault-id>.live.vault-api.verygoodvault.com`

## Configuring UI Elements

> Tokenization cannot be disabled for card-number and card-security-code fields.

{% tabs %}
{% tab title="XML" %}

<pre class="language-xml"><code class="lang-xml"><strong>&#x3C;com.verygoodsecurity.vgscollect.widget.VGSCardNumberEditText
</strong>    android:id="@+id/cardNumberField"
    android:layout_width="match_parent"
    android:layout_height="wrap_content"
    app:fieldName="cardNumber"
    app:aliasFormat="FPE_SIX_T_FOUR"/>

</code></pre>

{% endtab %}

{% tab title="Kotlin" %}

```kotlin
val cardNumberField = findViewById<VGSCardNumberEditText>(R.id.cardNumberField)
cardNumberField.setVaultAliasFormat(VGSVaultAliasFormat.FPE_SIX_T_FOUR)
    
```

{% endtab %}

{% tab title="Java" %}

```java
VGSCardNumberEditText cardNumberField = findViewById(R.id.cardNumberField);
cardNumberField.setVaultAliasFormat(VGSVaultAliasFormat.FPE_SIX_T_FOUR);

```

{% endtab %}
{% endtabs %}

### Tokenization storage

VGS Collect SDK supports `PERSISTENT` | `VOLATILE` storages.

| Field Type             | Default Storage |
| ---------------------- | --------------- |
| `card-number`          | `PERSISTENT`    |
| `card-security-code`   | `VOLATILE`      |
| `card-expiration-date` | `PERSISTENT`    |
| `card-holder-name`     | `PERSISTENT`    |
| `ssn`                  | `PERSISTENT`    |
| `text`                 | `PERSISTENT`    |
| `date-range`           | `PERSISTENT`    |

Change storage using the `app:storageType` attribute in XML or programmatically via `setVaultStorageType(storage: VGSVaultStorageType)`.

{% tabs %}
{% tab title="XML" %}

```xml
<com.verygoodsecurity.vgscollect.widget.VGSCardNumberEditText
    android:id="@+id/cardNumberField"
    android:layout_width="match_parent"
    android:layout_height="wrap_content"
    app:fieldName="cardNumber"
    app:storageType="PERSISTENT"/>

```

{% endtab %}

{% tab title="Kotlin" %}

```kotlin
val cardNumberField = findViewById<VGSCardNumberEditText>(R.id.cardNumberField)
cardNumberField.setVaultStorageType(VGSVaultStorageType.PERSISTENT)
    
```

{% endtab %}

{% tab title="Java" %}

```java
VGSCardNumberEditText cardNumberField = findViewById(R.id.cardNumberField);
cardNumberField.setVaultStorageType(VGSVaultStorageType.PERSISTENT);

```

{% endtab %}
{% endtabs %}

## Submit Information

* **Vault API v1**: Use `tokenize()`. VGSCollect collects sensitive data from the input fields and stores it in your organization's Vault. See the [API v1](https://docs.verygoodsecurity.com/vault/developer-tools/vgs-collect/android-sdk/collect-tokenization-api) documentation for more details.
* **Vault API v2**: Use `createAliases()`. This collects the data and stores it in the Vault using Vault API v2. You must also pass an [Authorization Token](https://app.gitbook.com/s/zbOVGj5YTirkppRKlOP9/access-management/identity-and-access-management-iam#service-accounts) in the request headers. See the [API v2](https://docs.verygoodsecurity.com/vault/developer-tools/apis/vault-api) documentation for more details.

{% tabs %}
{% tab title="Vault API v2" %}

```api
import com.verygoodsecurity.vgscollect.core.Environment
import com.verygoodsecurity.vgscollect.core.VGSCollect
import com.verygoodsecurity.vgscollect.widget.VGSCardNumberEditText
class MainActivity : AppCompatActivity() {
    private lateinit var vgsForm:VGSCollect
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        setContentView(R.layout.activity_main)
        // Init collect object
        vgsForm = VGSCollect(this, "<VAULT_ID>", Environment.<SANDBOX>)
        // Setup authorization header
        vgsForm.setCustomHeaders(mapOf("Authorization" to "Bearer <TOKEN>"))
        val submitBtn = findViewById<Button>(R.id.submitBtn)
        submitBtn?.setOnClickListener {
            // Make request
            vgsForm.createAliases()
        }
        val cardNumberField = findViewById<VGSCardNumberEditText>(R.id.cardNumberField)
        vgsForm.bindView(cardNumberField)
    }
    override fun onDestroy() {
        vgsForm.onDestroy()
        super.onDestroy()
    }
}
```

{% endtab %}

{% tab title="Vault API v1" %}

```api
import com.verygoodsecurity.vgscollect.core.Environment
      import com.verygoodsecurity.vgscollect.core.VGSCollect
      import com.verygoodsecurity.vgscollect.widget.VGSCardNumberEditText
      class MainActivity : AppCompatActivity() {
          private lateinit var vgsForm:VGSCollect
          override fun onCreate(savedInstanceState: Bundle?) {
              super.onCreate(savedInstanceState)
              setContentView(R.layout.activity_main)
              // Init collect object
              vgsForm = VGSCollect(this, "<VAULT_ID>", Environment.<SANDBOX>)
              val submitBtn = findViewById<Button>(R.id.submitBtn)
              submitBtn?.setOnClickListener {
                  // Make request
                  vgsForm.tokenize()
              }\n
              val cardNumberField = findViewById<VGSCardNumberEditText>(R.id.cardNumberField)
              vgsForm.bindView(cardNumberField)
          }
          override fun onDestroy() {
              vgsForm.onDestroy()
              super.onDestroy()
          }
      }
```

{% endtab %}
{% endtabs %}

### Handling Responses

To handle responses or errors, implement `VgsCollectResponseListener`:

{% tabs %}
{% tab title="Kotlin" %}

```kotlin

vgsForm.addOnResponseListeners(object : VgsCollectResponseListener {
    override fun onResponse(response: VGSResponse?) {
        val code = response.code
        val body = response.body
    }
})

```

{% endtab %}

{% tab title="Java" %}

```java

vgsForm.addOnResponseListeners(new VgsCollectResponseListener() {
    @Override
    public void onResponse(VGSResponse response) {
        int code = response.getCode();
        String body = response.getBody();
    }
});

```

{% endtab %}
{% endtabs %}

## Migrating from Vault API v1 to v2

To migrate from [Vault API v1](https://github.com/verygoodsecurity/docs-content-vault/blob/update-content/api/vault/v1/README.md) to [v2](https://docs.verygoodsecurity.com/vault/developer-tools/apis/vault-api), follow these steps:

* Update your Vault Route to use the new Upstream Host:
  * Sandbox: `https://<your-vault-id>.sandbox.vault-api.verygoodvault.com`
  * Live: `https://<your-vault-id>.live.vault-api.verygoodvault.com`.
* Obtain a tokenization [authToken](https://docs.verygoodsecurity.com/vault/developer-tools/apis/vault-api/authentication-and-authorization) from your backend and set it in the VGSCollect headers:

{% tabs %}
{% tab title="Kotlin" %}

```kotlin

vgsCollect.setCustomHeaders(mapOf("Authorization" to "Bearer <TOKEN>"))

```

{% endtab %}

{% tab title="Java" %}

```java

HashMap headers = new HashMap<String, String>();
headers.put("Authorization", "Bearer <TOKEN>");
vgsCollect.setCustomHeaders(headers);

```

{% endtab %}
{% endtabs %}

* Replace `tokenize()` with `createAliases()` to create aliases.

## More Information

You may also want to review the following topics:

* [Tracking Changes](https://docs.verygoodsecurity.com/vault/developer-tools/vgs-collect/submit-data#fields-state-tracking)
* [UI Components](https://docs.verygoodsecurity.com/vault/developer-tools/vgs-collect/android-sdk/ui-components)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.verygoodsecurity.com/vault/developer-tools/vgs-collect/android-sdk/collect-tokenization-api.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.