For PCI-DSS compliant systems
If your system is PCI-DSS compliant, all requests from tokenization to charges and refunds can be sent to API.
If your system is PCI-DSS compliant, all requests from tokenization to charges and refunds can be sent to API.