Now that we have the basics completed. Let's get started with enabling MLE.
Start by logging in to your Dashboard and go to your project. It's important that we enable MLE for the APIs that need it. If you see "Enforced" under MLE Verification, this means it needs to be active on your project. You do this by toggling the button for which MLE needs to be enforced, see below.
Next, you will need to get Credentials for MLE. Click on the credentials button from the navigation button. Once there click on Generate Key-ID button.
You will then get a Key-ID. Copy it and paste somewhere for your reference. Notice, the status will say PENDING. You will have to ADD CSR to activate this. Click on the ADD CSR link. You'll get the option to Generate a CSR for me (default) or submit my own CSR. Let's chose the default and press confirm. Remember to save your certificate Private Key - you can only do this one time.
After you've downloaded confirm and click continue. You'll see the status has changed and is ACTIVE. Next to REVOKE click on the info button "i" to download your certificates.
Configure SOAPUI and Test MLE
Time to test our connection!
Download SOAPUI 5.4 from SoapUI. Once installed, open SOAPUI and go to File > Preferences as show below
Select the SSL Settings Tab, browse to your KeyStore file (either JKS or P12 file) that was created during Pre-Requisites steps at the beginning of this guide. Provide the Keystore password and make sure to check the "Requires Client Authentication" checkbox.
Remember, to generate a P12 file run this command (this is example only):
Select the Authentication tab to add HTTP basic authorization
Provide Username and Password availability from VDP for your project for the Preemptive Auth option select Authenticate preemptively
Navigate to Request Execution test step (3-TestMLE- Request) and do the below mentioned changes:
Make sure to add keyId as one of the headers along with other required headers. The value of header keyId will be the MLE key ID of your VDP project.
Input your plain request payload that needs to be encrypted in a file toEncrypt.json which was created as a mentioned in Pre-Requisites.
For this guide, we will test Create Alias API. You can find the request payload to test from the Create Alias API documentation here. We’ve also copied the Sample payload below.
To give some introduction, Create Alias is basically a short linkage of the Primary account number say my PAN can be mapped to email address or phone number as an alias. This linkage will be stored in Alias Directory Service which will be further used in doing financial transactions.
Execute the test step "Groovy Script-EncryptRequest" which will internally encrypt your plain payload that was saved in toEncrypt.json.
Then, execute the API via Step 3-TestMLE- Request. The API will be executed, and encrypted response will be shown as you see below.
Next, take the encrypted response and copy in toDecrypt.json file.
Execute test step "4-Groovy Script-DecryptResponse"
This will give you the decrypted response as shown in above screen shot.
There you have it! Hope you find this guide helpful 😀. Please make sure to save this and refer to this guide when testing MLE using SoapUI and if you have any questions comment below, ask in our forums or email us at firstname.lastname@example.org - we're here to help.