How to test MLE on Postman

Highlighted
Visa Employee

How to test MLE on Postman

In this “How-to” guide, we will show you how to test MLE (Message Level Encryption) enabled APIs using Postman.

 

Important Links:

 

Enable MLE for the API(s) you are interested in.

 

Login to your Visa Developer Dashboard and go to your project, you should see something like this:

 

2020-11-11_09-45-12.png

 

Enable the APIs for which MLE needs to be active in VDP by toggling the API for which MLE needs to be enforced.

 

In this example, we will enable MLE for Funds Transfer API And Query API as below:

 

2020-11-11_09-46-41.png

 

 

How to get credentials

 

You can obtain your project credentials by browsing the left side navigation menu of your project and click on “Credentials”.

 

2020-11-11_11-25-10.png

 

Next step we will create a Key-ID by clicking on the Generate Key-ID button.

 

2020-11-11_11-29-02.png

 

After you have clicked the button, you will get Key-ID. Copy the Key-ID for your reference.

The Key-ID will look like this: 41d9f2a1-xxxx-4xxx-b40c-a0480c2xxxxx

 

2020-11-11_11-30-49.png

 

The next step is to add a CSR (Certificate Signing Request). Click on the link "Add CSR" .   

 

You will be prompt to submit a Certificate Signing Request. 

 

2020-11-11_11-32-46.png

 

We have option to Generate a CSR for me (default) or submit your own. In this example we will use the Generate a CSR for me (default) and Click Confirm button.

 

After submitting the request, you will be prompt to download the Certificate/Copy Private Key. 

 

2020-11-11_11-34-26.png

 

After you have downloaded the private key, check the box "I confirm that I've downloaded my certificate key" and click continue. You will see the Status change to "Active".

 

 

Expand the Key-ID and you will see the Server Encryption Certificate and Client Encryption Certificate.

Download both certificates and save it.

 

2020-11-11_11-36-33.png

To be able to make an API call with MLE, you need to have the following

  • Server Encryption Certificate
  • Key-ID
  • Certificate Private Key

 

How to test MLE using Postman

 

 

Step 1 - Get the Postman MLE Zip File

 

  • Download the attached postman MLE Zip file and extract it
  • You should see the following files

2020-11-19_11-28-14.png

 

 

 

Step 2 - Setting up the mock server for the encryption and decryption

 

We are using Node JS for the mock server which allows the ease of encrypting the request payload and decrypting the encrypted response payload.

 

 

  • If node is not already installed, please install from https://nodejs.org/en/download/
  • Go the extracted folder location, and edit config.js
  • Set the below parameters

 

 

var config = {};

config.mlePublicKeyPath = 'ENTER PUBLIC KEY PATH';
config.mlePrivateKeyPath = 'ENTER PRIVATE KEY PATH';
module.exports = config;

 

 

 

  • Run npm install 
  • Run node index.js to start the Node JS Server on port 3000

 

Step 3 - Configure Postman

 

  • Launch Postman
  • Click on the Import button

2020-11-19_11-37-38.png

 

 

  • Import the collection file "TestMLE.postman_collection.json" to postman 2020-11-19_11-38-48.png

     

  • Set Your Key ID on Postman. Navigate to TestMLE -> a_Encrypt -> Headers. The value of header kid will be the MLE key

2020-11-19_11-42-35.png

 

 

  • Set your VDP credentials for Basic Authentication. Navigate to TestMLE -> b_VDRequest -> Authorization.

2020-11-19_11-44-04.png

 

 

 

NOTE: All the above steps are one time set up which is needed only once during initial setup.

 

 

Step 4 - Executing the test

 

 

  Update the json field "localTransactionDateTime" accordingly to the current date/time.

 

2020-11-19_12-06-54.png

 

 

 

E.g. https://sandbox.api.visa.com/visadirect/fundstransfer/v1/pushfundstransactions

 

2020-11-19_12-10-04.png

 

  • Navigate to TestMLE-> c_decrypt. Click on send to see the response

 

Picture1.png

 

 

 

 

Want more? Join the Visa Developer Community to get alerts on the latest tutorials, guides and new developer resources. Stay tuned for more in the series. 

1 REPLY 1
Highlighted
Regular Visitor

Re: How to test MLE on Postman

Great example on getting up and running on MLE requests quickly in postman. Especially insightful was the fact that for encryption we needed the Server Encryption Certificate instead of the client certificate if generated via CSR.

 

You might consider updating one of your node dependencies in package.json to "node-jose": "^2.0.0" as npm now complains of "high severity vulnerability" during npm install, which is fixed in the updated dependency.