Hello and thanks for the support,
I am trying an in App provisioning for Google Pay in sandbox mode but I am facing an authError from endpoint sandbox.digital.visa.com/vts/panEnrollments.
Using VIAP APIs Sample Code, I have successfully enroll a visa card with my accounts APIKEY and SHARED_SECRET.
Then using /inappp/rovisioning/cardData/googlePay endpoint, I am receiving the opaquePaymentCard successfully.
Using google's sample app (Little Bear) by tapping Add To Goole pay button, the opaquePaymentCard is send to sandbox.digital.visa.com/vts/panEnrollments (token service provider).
I am getting the response Credentials API Key incorrect although the opaquePaymentCard has been created from visa's endpoint with my account's APIKEY and SHARED_SECRET.
It would very helpful for support me regarding the issue above.
Thanks in advance.
Dimitris Gavriil
Hi, @dgavriil! Thank you for reaching out. An agent is looking for a solution for you and will get back to you shortly! In the meantime, if anyone has any ideas that you feel may help, please share them here. -Jenn
Looking forward for your reply!
Thanks for the support.
Hi @dgavriil,
To continue with the investigation, please provide the following information:
1. Endpoint
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body
Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.
Hello Diana,
In the logs below I provide the required informations.
These logs are returned fromTapAndPay Google Pay service.
The endpoint sandbox.digital.visa.com/vts/panEnrollments?apiKey=8HSF700... is called with an apiKey that is not provided by me (and also the x-pay-token).
I suppose that is being added by fromTapAndPay service.
Logs:
message: "authError"
details {
type_url: "type.googleapis.com/moneta.vendorgateway.api.CardNetworkTokenStatusDetails"
value: "\022\0252\0233295769697303075304\"\024AUTHENTICATION_ERROR*\353\030\b\221\003\032\tauthError\"\036Credentials API Key incorrect.*$db1b9515-7b61-4f8d-a27f-9a026d525f6e:\024VISATOKEN_ENROLL_PANJ\341\n{\"clientAppID\":\"androidpay\",\"locale\":\"el_GR\",\"panSource\":\"ISSUER_PUSH_PROVISION\",\"encPaymentInstrument\":\"eyJhdWQiOiIxODk5NzZhNi0yZmFjLTRlZDEtOTM0ZS03MjY5NmVhMDgxMzEiLCJraWQiOiJiYmVlZTAzOC1RMkFZM1Y1RTNJQ05CVVU2NkQ4SzExaEJtenFkWFN2VGlOelotWW5wb3pXUlhUbzUwIiwiaXNzIjoiYmJlZWUwMzgtNDgzMS00MjUzLWE3MjItMHY3NWNsMTNuNzFkIiwidHlwIjoiSk9TRSIsImNoYW5uZWxTZWN1cml0eUNvbnRleHQiOiJTSEFSRURfU0VDUkVUIiwiZW5jIjoiQTI1NkdDTSIsInRhZyI6Im5sbFBJemZ3RHlSRmdTcjFFNmY4U1EiLCJpYXQiOjE2NTAzNTg0NTQsImFsZyI6IkEyNTZHQ01LVyIsIml2IjoiTHlMMTByNEg0a0NTQTEzcSJ9.dISZuZzNMoNNbH1TEGD8zwz8T239fugMuuruCdLGoBM.24uPdUqD7COS5cJ3.NdiAEyhCkcp8RzdcalAAPCOcmGdzRX5W7FmAdisRhz6idYs9_q0gVb-igYU7S_QWLz6t9qnMbLffAF85m1mfgUYDRVVmL_ZySYvxbClnrs71VtPWT6myelL4BDMWXYPMt9jicAudzjfcj1En140hNHnHWwJmPGL9wS1urxc6ekERTe5842SPH-E9ah36dEobp4O62Nke1wR74MBK0Q9O730M8m4nJFONtRYqh5LGuVM0b1aLpBvaMo0eOSqyNqzEtM2sEd-207pzz5y18V2GbVxOD7zSvifpdjdsfgCqwiFv_M5KKUkEPwV3s7TXtZw514RDNvXOr91BaiTTShjtKnJO0HlLyiHzmm7rP_8EvIpu7LpKYaFIfFcupaT3YNWp_M3p4l5QncM8Tf57u7ydIe_SmbPEgu5lSlRFva3KI-SPfV4xw1S7NX2JBoZaCS-4q8ytHnuVMCBONmqE_THgLXVwMnzZrsLklluAZdHOdJTzmIeJmVTT-ytPS-Omj630elbmJZbXg3CxbKccfDZYiPRtMDVYTfwki7SX0XyCI83MVQcWQqA3NPwDQn4ncQy8E1abCS3BCWzu4UHu96wfhhHsyt1hFeG5WwdB_5X-0-qx8QDQzebeiwqif80iNjSjEhH8kcJh89YbPqGTtzN7VcKKQw.Qr4TnujCAmCsQC7rkq5fbA\",\"clientWalletAccountID\":\"DdXw9IJWm9dgQXRwSHZoCUJB\",\"clientDeviceID\":\"eQVKCZBNJjI47n-P6qGWmrNZ\"}R`{\"errorResponse\":{\"status\":401,\"message\":\"Credentials API Key incorrect.\",\"reason\":\"authError\"}}blhttps://sandbox.digital.visa.com/vts/panEnrollments?apiKey=8HSF700JJ7X2SZK59HPC21MqL07W19lC11MKqwG8D1Pteq7bkj/\n\fContent-Type\022\037application/json; charset=utf-8j^\n\vx-pay-token\022Oxv2:1650358706:d0ede5fc7ae8ea62505eaf05fef1826461c04cbd920d09f8a78f9175ec986510j4\n\fx-request-id\022$db1b9515-7b61-4f8d-a27f-9a026d525f6er\017\n\006Server\022\005nginxr\216\003\n\030X-WebKit-CSP-Report-Only\022\361\002default-src \'self\' https://*.v.me https://*.visa.com;script-src \'self\' \'unsafe-inline\' \'unsafe-eval\' https://*.visa.com https://*.v.me;img-src \'self\' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src \'self\' \'unsafe-inline\' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;r<\n\020X-CORRELATION-ID\022(1650358706_392_1728428404_l73p041_VDP_WSr\030\n\nConnection\022\nkeep-aliver\026\n\vX-SERVED-BY\022\al73p041r\022\n\006Pragma\022\bno-cacher%\n\004Date\022\035Tue, 19 Apr 2022 08:58:26 GMTr\035\n\017X-Frame-Options\022\nSAMEORIGINr\023\n\fX-APP-STATUS\022\003401r5\n\rx-response-id\022$db1b9515-7b61-4f8d-a27f-9a026d525f6er4\n\rCache-Control\022#no-cache, no-store, must-revalidater\026\n\016X-ERROR-ORIGIN\022\0049900r\r\n\aExpires\022\002-1r\024\n\016Content-Length\022\00296r\231\003\n#Content-Security-Policy-Report-Only\022\361\002default-src \'self\' https://*.v.me https://*.visa.com;script-src \'self\' \'unsafe-inline\' \'unsafe-eval\' https://*.visa.com https://*.v.me;img-src \'self\' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src \'self\' \'unsafe-inline\' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;r.\n\fContent-Type\022\036application/json;charset=utf-8x\324\277\255\210\2040\200\001\255\302\255\210\20402\a#CoreAF"
}
Code: UNAVAILABLE
Details: debug_info {
session_id: "3295769697303075304"
}
card_network_token_error_code: "AUTHENTICATION_ERROR"
partner_debug_info {
http_response_code: 401
token_service_provider_status_code: "authError"
2022-04-19 11:58:27.374 7680-7680/? W/TapAndPay: token_service_provider_status_message: "Credentials API Key incorrect."
token_service_provider_request_id: "db1b9515-7b61-4f8d-a27f-9a026d525f6e"
token_service_provider_method_name: "VISATOKEN_ENROLL_PAN"
vendor_request_message: "{\"clientAppID\":\"androidpay\",\"locale\":\"el_GR\",\"panSource\":\"ISSUER_PUSH_PROVISION\",\"encPaymentInstrument\":\"eyJhdWQiOiIxODk5NzZhNi0yZmFjLTRlZDEtOTM0ZS03MjY5NmVhMDgxMzEiLCJraWQiOiJiYmVlZTAzOC1RMkFZM1Y1RTNJQ05CVVU2NkQ4SzExaEJtenFkWFN2VGlOelotWW5wb3pXUlhUbzUwIiwiaXNzIjoiYmJlZWUwMzgtNDgzMS00MjUzLWE3MjItMHY3NWNsMTNuNzFkIiwidHlwIjoiSk9TRSIsImNoYW5uZWxTZWN1cml0eUNvbnRleHQiOiJTSEFSRURfU0VDUkVUIiwiZW5jIjoiQTI1NkdDTSIsInRhZyI6Im5sbFBJemZ3RHlSRmdTcjFFNmY4U1EiLCJpYXQiOjE2NTAzNTg0NTQsImFsZyI6IkEyNTZHQ01LVyIsIml2IjoiTHlMMTByNEg0a0NTQTEzcSJ9.dISZuZzNMoNNbH1TEGD8zwz8T239fugMuuruCdLGoBM.24uPdUqD7COS5cJ3.NdiAEyhCkcp8RzdcalAAPCOcmGdzRX5W7FmAdisRhz6idYs9_q0gVb-igYU7S_QWLz6t9qnMbLffAF85m1mfgUYDRVVmL_ZySYvxbClnrs71VtPWT6myelL4BDMWXYPMt9jicAudzjfcj1En140hNHnHWwJmPGL9wS1urxc6ekERTe5842SPH-E9ah36dEobp4O62Nke1wR74MBK0Q9O730M8m4nJFONtRYqh5LGuVM0b1aLpBvaMo0eOSqyNqzEtM2sEd-207pzz5y18V2GbVxOD7zSvifpdjdsfgCqwiFv_M5KKUkEPwV3s7TXtZw514RDNvXOr91BaiTTShjtKnJO0HlLyiHzmm7rP_8EvIpu7LpKYaFIfFcupaT3YNWp_M3p4l5QncM8Tf57u7ydIe_SmbPEgu5lSlRFva3KI-SPfV4xw1S7NX2JBoZaCS-4q8ytHnuVMCBONmqE_THgLXVwMnzZrsLklluAZdHOdJTzmIeJmVTT-ytPS-Omj630elbmJZbXg3CxbKccfDZYiPRtMDVYTfwki7SX0XyCI83MVQcWQqA3NPwDQn4ncQy8E1abCS3BCWzu4UHu96wfhhHsyt1hFeG5WwdB_5X-0-qx8QDQzebeiwqif80iNjSjEhH8kcJh89YbPqGTtzN7VcKKQw.Qr4TnujCAmCsQC7rkq5fbA\",\"clientWalletAccountID\":\"DdXw9IJWm9dgQXRwSHZoCUJB\",\"clientDeviceID\":\"eQVKCZBNJjI47n-P6qGWmrNZ\"}"
vendor_response_message: "{\"errorResponse\":{\"status\":401,\"message\":\"Credentials API Key incorrect.\",\"reason\":\"authError\"}}"
vendor_request_url: "https://sandbox.digital.visa.com/vts/panEnrollments?apiKey=8HSF700JJ7X2SZK59HPC21MqL07W19lC11MKqwG8D..."
vendor_request_http_header {
name: "Content-Type"
value: "application/json; charset=utf-8"
}
vendor_request_http_header {
name: "x-pay-token"
value: "xv2:1650358706:d0ede5fc7ae8ea62505eaf05fef1826461c04cbd920d09f8a78f9175ec986510"
}
vendor_request_http_header {
name: "x-request-id"
value: "db1b9515-7b61-4f8d-a27f-9a026d525f6e"
}
vendor_response_http_header {
name: "Server"
value: "nginx"
}
vendor_response_http_header {
name: "X-WebKit-CSP-Report-Only"
value: "default-src \'self\' https://*.v.me https://*.visa.com;script-src \'self\' \'unsafe-inline\' \'unsafe-eval\' https://*.visa.com https://*.v.me;img-src \'self\' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src \'self\' \'unsafe-inline\' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;"
}
vendor_response_http_header {
name: "X-CORRELATION-ID"
value: "1650358706_392_1728428404_l73p041_VDP_WS"
}
vendor_response_http_header {
name: "Connection"
value: "keep-alive"
}
vendor_response_http_header {
name: "X-SERVED-BY"
value: "l73p041"
}
vendor_response_http_header {
name: "Pragma"
value: "no-cache"
}
vendor_response_http_header {
name: "Date"
value: "Tue, 19 Apr 2022 08:58:26 GMT"
}
vendor_response_http_header {
name: "X-Frame-Options"
value: "SAMEORIGIN"
}
vendor_response_http_header {
name: "X-APP-STATUS"
value: "401"
}
vendor_response_http_header {
name: "x-response-id"
value: "db1b9515-7b61-4f8d-a27f-9a026d525f6e"
}
vendor_response_http_header {
name: "Cache-Control"
value: "no-cache, no-store, must-revalidate"
}
vendor_response_http_header {
name: "X-ERROR-ORIGIN"
value: "9900"
}
vendor_response_http_header {
name: "Expires"
value: "-1"
}
vendor_response_http_header {
name: "Content-Length"
value: "96"
}
vendor_response_http_header {
name: "Content-Security-Policy-Report-Only"
2022-04-19 11:58:27.374 7680-7680/? W/TapAndPay: value: "default-src \'self\' https://*.v.me https://*.visa.com;script-src \'self\' \'unsafe-inline\' \'unsafe-eval\' https://*.visa.com https://*.v.me;img-src \'self\' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src \'self\' \'unsafe-inline\' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;"
}
vendor_response_http_header {
name: "Content-Type"
value: "application/json;charset=utf-8"
}
vendor_request_timestamp: 1650358706132
vendor_response_timestamp: 1650358706477
}
Hello Diana,
Below you can find the requested informations.
These logs are returned from TapAndPay Google Play Service.
The endpoint sandbox.digital.visa.com/vts/panEnrollments?apiKey=8HSF700JJ7... is being called with an apiKey that is not provided by me (the x-pay-token also).
I suppose that is being added by TapAndPay service and corresponds to a google's valid key.
The logs are the following:
- Endpoint: https://sandbox.digital.visa.com/vts/panEnrollments?apiKey=8HSF700JJ7X2SZK59HPC21MqL07W19lC11MKqwG8D...
- Request Header:
"Content-Type":"application/json; charset=utf-8"
"x-pay-token":"xv2:1650358706:d0ede5fc7ae8ea62505eaf05fef1826461c04cbd920d09f8a78f9175ec986510"
"x-request-id":"db1b9515-7b61-4f8d-a27f-9a026d525f6e"
- Request Body:
{"clientAppID":"androidpay","locale":"el_GR","panSource":"ISSUER_PUSH_PROVISION","encPaymentInstrument":"eyJhdWQiOiIxODk5NzZhNi0yZmFjLTRlZDEtOTM0ZS03MjY5NmVhMDgxMzEiLCJraWQiOiJiYmVlZTAzOC1RMkFZM1Y1RTNJQ05CVVU2NkQ4SzExaEJtenFkWFN2VGlOelotWW5wb3pXUlhUbzUwIiwiaXNzIjoiYmJlZWUwMzgtNDgzMS00MjUzLWE3MjItMHY3NWNsMTNuNzFkIiwidHlwIjoiSk9TRSIsImNoYW5uZWxTZWN1cml0eUNvbnRleHQiOiJTSEFSRURfU0VDUkVUIiwiZW5jIjoiQTI1NkdDTSIsInRhZyI6Im5sbFBJemZ3RHlSRmdTcjFFNmY4U1EiLCJpYXQiOjE2NTAzNTg0NTQsImFsZyI6IkEyNTZHQ01LVyIsIml2IjoiTHlMMTByNEg0a0NTQTEzcSJ9.dISZuZzNMoNNbH1TEGD8zwz8T239fugMuuruCdLGoBM.24uPdUqD7COS5cJ3.NdiAEyhCkcp8RzdcalAAPCOcmGdzRX5W7FmAdisRhz6idYs9_q0gVb-igYU7S_QWLz6t9qnMbLffAF85m1mfgUYDRVVmL_ZySYvxbClnrs71VtPWT6myelL4BDMWXYPMt9jicAudzjfcj1En140hNHnHWwJmPGL9wS1urxc6ekERTe5842SPH-E9ah36dEobp4O62Nke1wR74MBK0Q9O730M8m4nJFONtRYqh5LGuVM0b1aLpBvaMo0eOSqyNqzEtM2sEd-207pzz5y18V2GbVxOD7zSvifpdjdsfgCqwiFv_M5KKUkEPwV3s7TXtZw514RDNvXOr91BaiTTShjtKnJO0HlLyiHzmm7rP_8EvIpu7LpKYaFIfFcupaT3YNWp_M3p4l5QncM8Tf57u7ydIe_SmbPEgu5lSlRFva3KI-SPfV4xw1S7NX2JBoZaCS-4q8ytHnuVMCBONmqE_THgLXVwMnzZrsLklluAZdHOdJTzmIeJmVTT-ytPS-Omj630elbmJZbXg3CxbKccfDZYiPRtMDVYTfwki7SX0XyCI83MVQcWQqA3NPwDQn4ncQy8E1abCS3BCWzu4UHu96wfhhHsyt1hFeG5WwdB_5X-0-qx8QDQzebeiwqif80iNjSjEhH8kcJh89YbPqGTtzN7VcKKQw.Qr4TnujCAmCsQC7rkq5fbA","clientWalletAccountID":"DdXw9IJWm9dgQXRwSHZoCUJB","clientDeviceID":"eQVKCZBNJjI47n-P6qGWmrNZ"}
- Response Header:
"X-CORRELATION-ID":"1650358706_392_1728428404_l73p041_VDP_WS"
"Connection":"keep-alive"
"Server":"nginx"
"X-WebKit-CSP-Report-Only":"default-src \'self\' https://*.v.me https://*.visa.com;script-src \'self\' \'unsafe-inline\' \'unsafe-eval\' https://*.visa.com https://*.v.me;img-src \'self\' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src \'self\' \'unsafe-inline\' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;"
"X-SERVED-BY":"l73p041"
"Pragma":"no-cache"
"Date":"Tue, 19 Apr 2022 08:58:26 GMT"
"X-Frame-Options":"SAMEORIGIN"
"X-APP-STATUS":"401"
"x-response-id":"db1b9515-7b61-4f8d-a27f-9a026d525f6e"
"Cache-Control":"no-cache, no-store, must-revalidate"
"X-ERROR-ORIGIN":"9900"
"Expires":"-1"
"Content-Length":"96"
"Content-Security-Policy-Report-Only":"default-src \'self\' https://*.v.me https://*.visa.com;script-src \'self\' \'unsafe-inline\' \'unsafe-eval\' https://*.visa.com https://*.v.me;img-src \'self\' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src \'self\' \'unsafe-inline\' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;"
"Content-Type":"application/json;charset=utf-8"
- Response Body
{"errorResponse":{"status":401,"message":"Credentials API Key incorrect.","reason":"authError"}}
Thanks for the support,
Dimitris Gavriil
Hi @dgavriil,
It appears that I'm communicating with you via email about this same error and that I've already logged incident INC13409790 for our engineering team to investigate the error. I'll provide you with an update once I hear back from engineering.
Hi @dgavriil,
Please provide me with the page link of where you got the Google SDK from.
Hi @dgavriil,
Our engineering team cannot find the API key that you use inside the JWT of your SDK. I have reached out to the Google customer support team today to ask if they can assist us with this. I'm waiting to hear back from Google.
Hi @dgavriil,
It appears that we are also communicating with each other over email. Also, do you have a Visa account executive or relationship manager?
Please note, the Google sandbox is not the same as the Visa Developer Portal sandbox. If you want to conduct testing then you will need to be in our certification environment. To get into our certification environment, you will need to be in the next phase of our project flow and get an Implementation Manager assigned to you and also get contracts signed to move forward with testing the VIAP API product.