> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lite.sa/llms.txt
> Use this file to discover all available pages before exploring further.

# Get a single instrument by ID

> Retrieves a specific instrument by its ID with full details including
status and display information.



## OpenAPI

````yaml /openapi/payment-instruments.json get /instruments/{instrument_id}
openapi: 3.1.0
info:
  title: lite - Payment Instruments
  version: 1.0.0
servers:
  - url: https://api.lite.sa/v1
    description: Production
  - url: https://sandbox.lite.sa/v1
    description: Sandbox
  - url: https://dev.lite.sa/v1
    description: Development
security:
  - ApiKeyAuth: []
  - BearerAuth: []
tags:
  - name: Payment Instruments
    description: Create, manage, and perform actions on payment instruments
paths:
  /instruments/{instrument_id}:
    get:
      tags:
        - Payment Instruments
      summary: Get a single instrument by ID
      description: |-
        Retrieves a specific instrument by its ID with full details including
        status and display information.
      operationId: lite.instruments.getInstrument
      parameters:
        - $ref: '#/components/parameters/instrument_id'
        - $ref: '#/components/parameters/x-correlation-id'
      responses:
        '200':
          $ref: '#/components/responses/InstrumentDetails'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          $ref: '#/components/responses/NotFound'
components:
  parameters:
    instrument_id:
      name: instrument_id
      in: path
      required: true
      description: Unique identifier of the instrument
      schema:
        type: string
        format: uuid
        example: 550e8400-e29b-41d4-a716-446655440000
    x-correlation-id:
      name: x-correlation-id
      in: header
      required: false
      description: >-
        Unique identifier for request tracing. Generated by the client or server
        if not provided.
      schema:
        type: string
        format: uuid
        example: 550e8400-e29b-41d4-a716-446655440000
  responses:
    InstrumentDetails:
      description: Instrument retrieved successfully.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/InstrumentDetailsResponse'
    Unauthorized:
      description: |
        Authentication failed — missing or invalid token.

        Returned when:
        - The JWT bearer token is missing, expired, or has an invalid signature
        - The API key is missing or invalid
        - The authenticated session token is invalid
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
    Forbidden:
      description: >
        Request blocked by security policy.


        Returned when:

        - A security threat is detected (SQL injection, XSS, NoSQL injection,
        LDAP injection, path traversal)

        - Header injection or suspicious headers are detected

        - The request payload exceeds the maximum allowed size

        - Geo-region validation fails (user country does not match client
        region)
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
    NotFound:
      description: |
        The requested resource was not found.

        Returned when:
        - The specified resource ID does not exist
        - The path does not match any known endpoint
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
  schemas:
    InstrumentDetailsResponse:
      type: object
      description: Instrument details response
      required:
        - success
        - instrument
      properties:
        success:
          type: boolean
          description: Whether the operation was successful
          example: true
        instrument:
          $ref: '#/components/schemas/InstrumentResponse'
    ErrorResponse:
      type: object
      required:
        - error
      properties:
        error:
          type: object
          required:
            - code
            - message
            - timestamp
          properties:
            code:
              type: string
              description: Error code identifying the type of error
              example: PAYMENT_DETAILS_MISMATCH
            message:
              type: string
              description: Human-readable error description
              example: The request was invalid or malformed
            details:
              type: object
              description: Additional error details
            correlationId:
              type: string
              format: uuid
              description: Correlation ID for tracking the request
              example: 550e8400-e29b-41d4-a716-446655440000
            timestamp:
              type: string
              format: date-time
              description: Timestamp when the error occurred
              example: '2024-12-16T10:30:00.000Z'
    InstrumentResponse:
      type: object
      description: Full instrument details
      required:
        - id
        - merchant_id
        - holder_id
        - payment_method
        - holder_type
        - status
        - created_at
        - updated_at
      properties:
        id:
          type: string
          format: uuid
          description: Unique instrument identifier
          example: 550e8400-e29b-41d4-a716-446655440000
        merchant_id:
          type: string
          description: Merchant that owns the instrument
          example: merch_123456789
        holder_id:
          type: string
          description: Holder ID associated with the instrument
          example: holder_123456789
        payment_method:
          type: string
          description: Payment method type
          example: card
          oneOf:
            - title: Card
              const: card
              description: Credit or debit card
            - title: Iban
              const: iban
              description: IBAN bank account
            - title: Apple Pay
              const: applePay
              description: Apple Pay digital wallet
            - title: Samsung Pay
              const: samsungPay
              description: Samsung Pay digital wallet
            - title: Google Pay
              const: googlePay
              description: Google Pay digital wallet
        holder_type:
          type: string
          description: Holder type
          example: CUSTOMER
          oneOf:
            - title: Customer
              const: CUSTOMER
              description: End customer
            - title: Beneficiary
              const: BENEFICIARY
              description: Payout beneficiary
        status:
          type: string
          description: Current status of the instrument
          example: ACTIVE
          oneOf:
            - title: Created
              const: CREATED
              description: Instrument has been created but not yet activated
            - title: Active
              const: ACTIVE
              description: Instrument is active and ready for use
            - title: Expired
              const: EXPIRED
              description: Instrument has expired
            - title: Blocked
              const: BLOCKED
              description: Instrument has been blocked
            - title: Deleted
              const: DELETED
              description: Instrument has been deleted
        created_at:
          type: string
          format: date-time
          description: Timestamp when the instrument was created
          example: '2024-01-01T00:00:00.000Z'
        updated_at:
          type: string
          format: date-time
          description: Timestamp of the last update to the instrument
          example: '2024-01-01T00:00:00.000Z'
        display:
          $ref: '#/components/schemas/InstrumentDisplay'
    InstrumentDisplay:
      type: object
      description: Masked display information for card instruments
      properties:
        expiry_year:
          type: string
          description: Card expiry year (YY)
          pattern: ^\d{2}$
          example: '30'
        expiry_month:
          type: string
          description: Card expiry month (MM)
          pattern: ^(0[1-9]|1[0-2])$
          example: '12'
        scheme:
          type: string
          description: Card scheme (e.g. Visa, Mastercard)
          example: Visa
        last_4:
          type: string
          description: Last four digits of the card number
          pattern: ^\d{4}$
          example: '0018'
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: x-api-key
      description: API key for service-to-service or merchant authentication.
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: >-
        JWT Bearer token obtained from user authentication. Passed as
        Authorization: Bearer <token>.

````