403 when hitting enhanced api exchange sandbox

Regular Visitor

403 when hitting enhanced api exchange sandbox


I have access to enhanced api exchange data and can successfully hit it with postman.

When trying to do the the same via a service callout in apigee edge, I am always getting 403 returned from the API.

I have confirmed headers Accept, Content-Type, Authorization are set as per API ref docs and the base64 encoded form of username:password is identical to that generated by postman.

Just seeing if any other avenues I can explore...




Visa Dev Moderator

Re: 403 when hitting enhanced api exchange sandbox

Hey @chaenich,


The error and cause of the 403 error is the following:





The 403 (Forbidden) HTTP Status code indicates that this project does not have permission to access the requested resource. This can happen if you are trying to invoke API request for a resource that is not part of your project e.g. if you have created a project with Visa Direct Product but are trying to use the same credentials to access Visa Consumer Transaction Controls.

Check for the following:

  • You are using a project and the credential for the project which includes the API being accessed.
  • Create a project and receive sandbox credentials for the API’s being called.
  • Add the API being called (if not already included) to the project with credentials that are being used.


You can also refer to this link for support on error codes - https://developer.visa.com/pages/visa-developer-error-codes


 If the error persists, please provide the following information:

1. Endpoint
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body

Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.