My first question is about the actual API endpoint.
Documentation indicates that to tokenize CC I need to send a transaction to this endpoint:
However the Direct API (nodejs) uses this endpoint (getToken method):
What's the difference between the two?
My second question is: Does the tokenization process validate the CC? (I want to make sure that a credit card information entered is valid before I save the token)
If tokenization does not validate the CC what's the best way to do it without charging a customer anything? authorize and then void?
Finally, the /securitytokens endpoint seems to have lots of optional fields: billing address, phone, email and so on.
When would I ever need to use those fields? Do some cards require it while others don't?