Re: Visa In-App Provisioning authError

Ayman

I am trying an in App provisioning for Samsung Pay in sandbox mode but I am facing an authError when sharing opaquePaymentCard with Samsung Pay SDK as shown below
2024-10-30 12:02:22.057 4780-3867 SpayFw_Req...ollRequest com.samsung.android.spayfw E TR Response Error: {"code":"500.1","message":"VisaTokenServiceException [vtsResponse={\"errorResponse\":{\"message\":\"Credentials API Key incorrect.\",\"reason\":\"authError\"}}, statusCode=401 UNAUTHORIZED, responseHeaders=[Server:\"nginx\", Date:\"Wed, 30 Oct 2024 09:02:22 GMT\", Content-Type:\"application/json;charset=UTF-8\", Content-Length:\"96\", Connection:\"keep-alive\", X-SERVED-BY:\"-56c7c8b4s99\", X-CORRELATION-ID:\"1730278942_463_1196505423_-56c7c8b4s99_VDP_WS\", X-ERROR-ORIGIN:\"9900\", X-APP-STATUS:\"401\", x-response-id:\"4fce7c2e-309e-49c4-9b3c-7aba2f7ed004\", X-Frame-Options:\"SAMEORIGIN\", X-XSS-Protection:\"0\", X-Content-Type-Options:\"nosniff\", Cache-Control:\"no-cache, no-store, must-revalidate\", Pragma:\"no-cache\", Expires:\"-1\", Content-Security-Policy-Report-Only:\"default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;\", X-Content-Security-Policy-Report-Only:\"default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;\", X-WebKit-CSP-Report-Only:\"default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;\", Strict-T

Using VIAP APIs Sample Code, I tried to do card provisioning using https://sandbox.api.visa.com/inapp/provisioning/cardData/samsungPay endpoint, I am receiving the opaquePaymentCard successfully.

the opaquePaymentCard is sent to the addCard interface of Samsung Pay SDK,

I am getting the response Credentials API Key incorrect although the opaquePaymentCard has been created from visa's endpoint with my account's APIKEY and SHARED_SECRET.

It would very helpful for support me regarding the issue above.

Thanks in advance.

SyedSa

Hi @Ayman, Thank you for reaching out. An agent will look into this and get back to you soon. Until then, if any community member knows a solution, feel free to reply in this thread.

API_Products

Hey @Ayman.

The authError you are encountering indicates that there is an issue with the API Key or the credentials used in your request. Here are the steps to troubleshoot and resolve this issue based on the Visa Developer documentation:

1. Verify API Key and Shared Secret:
Ensure that you are using the correct API Key and Shared Secret associated with your Visa Developer project. Double-check that there are no typos or errors in these credentials.

2. Check Credentials Configuration:
Confirm that the API Key and Shared Secret are correctly configured in your application and in the Samsung Pay SDK integration. Make sure that the credentials are being passed correctly in the request headers.

3. Endpoint URL:
The correct endpoint URL for card provisioning is:
```
https://sandbox.api.visa.com/inapp/provisioning/cardData/samsungPay
```
Ensure that you are using this URL and that it is correctly formatted in your requests.

4. Authorization Header:
Make sure that the Authorization header is correctly set up with Basic Auth using your API Key and Shared Secret. The header should look something like this:
```
Authorization: Basic <Base64_encoded_credentials>
```

5. Check API Key Permissions:
Verify that the API Key you are using has the necessary permissions to access the Visa In-App Provisioning API. You can check this in the Visa Developer portal under your project's settings.

6. Error Response Details:
The error response you received indicates a status code of 401 UNAUTHORIZED with the message "Credentials API Key incorrect". This clearly points to an issue with the API Key or Shared Secret.

7. Sample Request:
Here is a sample request in Postman to ensure you are formatting the request correctly:

```
GET /inapp/provisioning/cardData/samsungPay?startDate=20240101&endDate=20240105 HTTP/1.1
Host: sandbox.api.visa.com
Authorization: Basic <Base64_encoded_credentials>
Content-Type: application/json
```

8. Testing with Valid Credentials:
If you have verified all the above points and are still facing issues, try regenerating your API Key and Shared Secret from the Visa Developer portal and update your application with the new credentials.