Re: Token validation failed on Helloworld

Solved! Go to solution
asafa
Regular Visitor

Token validation failed on Helloworld

hi

i cannot get a 200 response on hellow world...

 

the request:

GET https://sandbox.api.visa.com/vdp/helloworld?apikey=XXXXXXXX HTTP/1.1
Accept-Encoding: gzip,deflate
Accept: application/json
x-pay-token: xv2:1537428864:16d5113156914625c0c98a9bcd02bc423cf46784648c6aefcd9efd58c1fa2771
Host: sandbox.api.visa.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

the response:

HTTP/1.1 401 Unauthorized
Server: Apache
X-SERVED-BY: l73c038
X-CORRELATION-ID: 1537429274_671_84_l73c038_VDP_ARM
X-APP-STATUS: 401
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2592000;includeSubdomains
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Content-Type: application/json;charset=UTF-8
Content-Length: 112
Date: Thu, 20 Sep 2018 07:41:14 GMT
Connection: keep-alive

{"responseStatus":{"status":401,"code":"9201","severity":"ERROR","message":"Token validation failed","info":""}}

the apikey and shared secret are from the credentials tab

i used the code and steps from the x-pay-token tutorial (https://developer.visa.com/pages/working-with-visa-apis/x-pay-token)


can someone point to the problem ?

5 REPLIES 5
API_Managers
Visa Developer Support Specialist

Re: Token validation failed on Helloworld

Hi @asafa,

 

To resolve the issue, please navigate to the Support page provided below. I've also copy/paste the resolution from the Support page in this post. 

 

Support > Frequently Asked Questions > I’m getting Error 401 – Unauthorized. What does this mean and how can I resolve this?

https://developer.visa.com/pages/support

 

The 401 (Unauthorized) status code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource (or endpoint). Visa Developer supports multiple authentication and authorization methods. The request could fail due to one of the following reasons:

X-Pay-Token

Common Root Causes:

  • Token is either not properly formatted or contains incorrect or incomplete information e.g. timestamp is not valid UTC timestamp
  • Token has expired
  • Token version is deprecated
  • The request contains multiple authentication token
  • The target resource does not support X-pay Token based authentication

Resolution:

  1. Check your Keys/API link in your VDP project to validate the Status is “Active”
  2. If “Inactive”, select the “Activate” option and confirm status is “Active”
  3. If the above is unsuccessful, try creating a new VDP project with the same API’s
  4. Verify that you have followed the required steps to generate X-Pay-Token as described in API Key - Shared Secret (X-Pay-Token) section.

Mutual SSL

Common Root Causes:

  • Missing Authorization header in the request
  • Authorization header is in invalid format e.g.  does not start with 'Basic'
  •  Authorization header has invalid credentials e.g. either username or password is blank or incorrect
  • Certificate Chain validation failed

Resolution:

  1. Check that your User Name and Password information is correct
  2. Verify that you have followed the required steps to establish Two Way SSL as described in Two-Way SSL (Mutual Authentication) section. Specifically, ensure that you have added the certificates downloaded from VDP to the keystore (for example: clientkeystore.jks) that you generated while creating the CSR.

 

 

 




Thanks,

Tee



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

asafa
Regular Visitor

Re: Token validation failed on Helloworld

hi Diana,

 

After creating a new project and using it's credentials - i have sucedded and got a 200 response.

how can i make the original project credentials work? 

 

thanks!

API_Managers
Visa Developer Support Specialist

Re: Token validation failed on Helloworld

Hi @asafa,

 

That's great to hear that you have resolved the problem! Since the new project works, is there any reason that you want to use the original project credentials instead? If the new project credentials are successfully functioning, I would recommend using the new project for your code testing.

 

Please note, that each project has its own test data and credentials so you will not be able to use a project's credentials for another project. If you mix/swap the credentials of a project with another project that you have created, then you will receive error.

 

                              




Thanks,

Tee



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

asafa
Regular Visitor

Re: Token validation failed on Helloworld

Hi,

 

On the original project we have an access to visa tokenization APIs, if i use a new project i will have to re-obtain access..

ghorvath
Helper

Re: Token validation failed on Helloworld

Hi,

 

I know that this topic already has a solution but I like to share my experiences and my solution on exactly the same problem.

 

In my case the solution was that I have to use the cert environment to get a successful response from helloworld, because my project has been promoted to Certification state and if I tried to use the API key and shared secret in sandbox I've got the 9201 Token validation failed error.

 

I hope this can help to someone.