POST /visadirect/mvisa/v1/merchantpushpayments HTTP/1.1^M
Host: sandbox.api.visa.com^M
Content-Type: application/xml^M
Content-Length: 1956^M
Connection: keep-alive^M
Accept-Encoding: gzip,deflate^M
keyId: 2c9e2f69-d2ca-41e7-954c-8898cd0cc325^M
Authorization: Basic RjdQUktWQUQ0REVYMzJZOUE3MjIyMTR3Y29uSkNyblVveEY4bmRiWVN2U3dtTi1ObzpYU21kNW15MlRoNnI4ZGJWNmRINTVPbFpBd1Y0MHV6UkU=^M
^M
{
encData: 'eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNjE4OTMyMDUzOTA1LCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiIyYzllMmY2OS1kMmNhLTQxZTctOTU0Yy04ODk4Y2QwY2MzMjUifQ.sFDSjd_Nn9UIj_CvBJ9AsCYYjHDS6BI4hueheVGqtgWk3scSB5Q9jCdJbiHcoc6qYWPTNgBp0CjPqFvSx-2dSkqYQ6CQM4tmmVTyZf4-578cwkor6jQEJmtWD9o6Kw3TCszLAOlSwzT0LhBDV8rshWBwj2eFcrPqoRR3QjnceRlr4ecST6bZbbBJlzsuHm3shnf3sO7IC7dW-HVl1E9i61ZyVYVP1HevV2B9ANCZPP_H3XoKz05I185psSr1x2l6jm1NB1AghrgI_sKI_HY4N9rzp9lRg5nIWQlb3gSiLZi1RckHl_gj-QQJzQ0HNqgO0P-ZixxPm7cZF-b3nTQM4A.CIaz5ADvYh2HB9zq.DEpagFANKDXspKdR2hUMXdqEeHYH2kWKOCTa-3yIpzc3-Fs1YXmqX6X18jZWQ2yZ7RT3ApeipcKaJ6EW8fKGURl4NBBUMtzgZtjpBqnXgAUW1pi0E77unU1wsKD7DZDbGhEGtC_ap44Bywy42gQSbmaFF2InQQ4VuediQR3qeeMXLXBZjkL4yhWuXld4E523I5VfrOw9hykP2RVEHIpRD90hNK0hAIdGSHU8oRXAOFdklEZLcepK1SnS8JVvIP-7XPwoKVzO_B1c0-XjnmC8PoYZpQ9M1thOHLV4CIULY5utfhplmi-0BtFMZr5MWLdVIbR0bXHN57MAfrHhuJA_t2AHVZ-bokZkKbwLZonl11nECEsKp6SEwMTtghMyVuG8fT-OJRCJ7u4FpMI5v_qKjtIpHRTsLhRYrzYAhja5a8rbbImBYlfPj046KIhlu3fnm5mJFUAUGhOZZ6jCK-DnwculQBTCUTVDLRZ3Y4PFXjqZbkAIRrXgILbtgMStWCLoVa_fCk20yV2FUpq8s_mP4ZqDHINgLkamEL7Qgx8dfosTwUSHeXyjSDGWo58tfCBu8mb8pfLhcMiOGQFGGG6IfSlL9RMRaEbsRDqkwc-kGSIISL1X77Mti-4rtXrj4QYGFNIBJ1ZcP9L_aXrYxzB_tpu3K097NwIZz2t5KvQkNA74SI8Bt9iPlltTAyO-NN5rYTMCl8K5qZz9lHEWZRT6yIcuOcHh3UsCjNXuhJO2lZ2fNXT_3I_NVFAsjbMNTvt8z3MF13dkishcinBh1R2mTR_AniW_xlJfwc5FUCElnY_Dv_lejFahcszEM2eZTE1leJoC07vktnwV4j6DA8Dqq3VSD57At-Ch91DdoSpsZRHLp95CL5565BN4yHQfMBSxdd8KzwdxACeaJZRKAMAfaexd8vgmN_yoSHQ3-Hwh_fT48t6DY7Q94De7g0X9lVe9NEGy9-ua-RHX5rzsCBtRdPM9zOErRZh-F-DBibu7BMcWRw0_Ties_SBLxQWkMQ2b0CLuacR6pe-yjjZDJT9QsKsibMByOz0HfPtLGL7SltXg57w11kR60PWjZkCC_ON8jXA92FCgIyngNqdH06rgNczocNSZX9e9SYCkGqybXRMEXqwV3mBAtipq1tHLCT_U3UYKlT-9iS05njIJsA16s07iqbZTCuGGRceYlwpJye9cxII_J56qCO4UnmlJiubIrzwCKDMDLO9rEsBH-t0UcC9YcS6jNg0mG8BeXRV0oHacWkHf_T_II_ohliILiZxBcdyalxin81eH9jWbz8xxBaPPLfahXKNsfqtp2Zlku6ifbKSGz3ooby-S51lWmDpPScSqKtrDu9sZ2WqsoMMMhYINcylisMw35oIM43L1wk41D53ZErvrhh8IgasOge6nE-54Ap5H.bkgHqB0rAnhZPMDlLlpBWA'
}
Solved! Go to Solution
Hi @raisingh,
Can you please provide some additional information so may look in to this further:
I also noticed that Content-Type is set to application/xml, have you tried application/json?
Thank you.
Hi @raisingh,
Can you please check your Project Summary page on whether you have enabled MLE for this API?
If MLE is set to Enforced, then you'll need to encrypt the request payload with your MLE credentials. Please reference this MLE Guide for detail information and sample code.
If MLE is set to Not Enforced, then you don't need to encrypt the request payload.
I have enable MLE for this API
and used the same certificates for MLE that is downloaded from credentials page.
Please help me out what is wrong in request message.
Hi @raisingh,
Can you please share how you are encrypting the payload? Some key points to check are that JWE header must contain fields kid mapped to MLE Key-ID, algorithm namely alg mapped to RSA-OAEP-256, ciphertext encryption algorithm enc equal to A128GCM and also iat which is issued at timestamp.
We have MLE Sample Code that you can download for reference. Please login to your Visa Developer account and scroll to the bottom of the page to download the MLE Sample Code Package.
If you want to test the API using a tool, I recommend our VDC Playground tool. It comes integrated with all required authentication methods to connect with Visa Developer APIs and supports Message Level Encryption.
You can find the guide on Getting Started with VDC Playground from this blog post here:
https://developer.visa.com/pages/visa-developer-center-playground
Using VDC Playground, the MerchantPushPayments API is returning 200 OK response.
function createEncryptedPayload(payload) {
let payloadString = typeof payload === 'string' ? payload : JSON.stringify(payload);
let keystore = nodeJose.JWK.createKeyStore();
let encProps = {
kid: credentials.encryptionKey,
alg: 'RSA-OAEP-256',
enc: 'A128GCM'
};
let encryptionCert = fs.readFileSync(credentials.mleServerCert);
return keystore.add(encryptionCert, 'pem', encProps)
.then((key) => {
return nodeJose.JWE.createEncrypt({
format: 'compact',
fields: {
'enc': 'A128GCM',
'iat': Date.now()
}
}, key)
.update(payloadString)
.final()
.then((result) => {
return { encData : result };
});
});
}
It worked for me, actually i am sending the wrong keyId.
I have one more question that I am creating payload of XML msg does MLE support this encrypted message.
I am receiving below reposnse.
HTTP/1.1 400 Bad Request
Server: nginx
Date: Tue, 27 Apr 2021 12:08:29 GMT
Content-Type: application/xml
Content-Length: 220
Connection: keep-alive
X-SERVED-BY: l73c013
X-CORRELATION-ID: 1619525309_952_886568139_l73c013_VDP_WS
X-APP-STATUS: 400
X-Cnection: close
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><responseStatus><code>9501</code><message>Invalid input found, please correct the input data</message><severity>ERROR</severity><status>400</status></responseStatus>
Hi @raisingh,
Thanks for letting us know that you've fixed the issue by sending the correct KeyId for MLE. The request payload needs to be in JSON format.