How to test MLE on Postman

shameem
Visa Employee

How to test MLE on Postman

In this “How-to” guide, we will show you how to test MLE (Message Level Encryption) enabled APIs using Postman.

 

Important Links:

 

Enable MLE for the API(s) you are interested in.

 

Login to your Visa Developer Dashboard and go to your project, you should see something like this:

 

2020-11-11_09-45-12.png

 

Enable the APIs for which MLE needs to be active in VDP by toggling the API for which MLE needs to be enforced.

 

In this example, we will enable MLE for Funds Transfer API And Query API as below:

 

2020-11-11_09-46-41.png

 

 

How to get credentials

 

You can obtain your project credentials by browsing the left side navigation menu of your project and click on “Credentials”.

 

2020-11-11_11-25-10.png

 

Next step we will create a Key-ID by clicking on the Generate Key-ID button.

 

2020-11-11_11-29-02.png

 

After you have clicked the button, you will get Key-ID. Copy the Key-ID for your reference.

The Key-ID will look like this: 41d9f2a1-xxxx-4xxx-b40c-a0480c2xxxxx

 

2020-11-11_11-30-49.png

 

The next step is to add a CSR (Certificate Signing Request). Click on the link "Add CSR" .   

 

You will be prompt to submit a Certificate Signing Request. 

 

2020-11-11_11-32-46.png

 

We have option to Generate a CSR for me (default) or submit your own. In this example we will use the Generate a CSR for me (default) and Click Confirm button.

 

After submitting the request, you will be prompt to download the Certificate/Copy Private Key. 

 

2020-11-11_11-34-26.png

 

After you have downloaded the private key, check the box "I confirm that I've downloaded my certificate key" and click continue. You will see the Status change to "Active".

 

 

Expand the Key-ID and you will see the Server Encryption Certificate and Client Encryption Certificate.

Download both certificates and save it.

 

2020-11-11_11-36-33.png

To be able to make an API call with MLE, you need to have the following

  • Server Encryption Certificate
  • Key-ID
  • Certificate Private Key

 

How to test MLE using Postman

 

 

Step 1 - Get the Postman MLE Zip File

 

  • Download the attached postman MLE Zip file and extract it
  • You should see the following files

2020-11-19_11-28-14.png

 

 

 

Step 2 - Setting up the mock server for the encryption and decryption

 

We are using Node JS for the mock server which allows the ease of encrypting the request payload and decrypting the encrypted response payload.

 

 

  • If node is not already installed, please install from https://nodejs.org/en/download/
  • Go the extracted folder location, and edit config.js
  • Set the below parameters

 

 

 

 

 

var config = {};

config.mlePublicKeyPath = 'ENTER PUBLIC KEY PATH';
config.mlePrivateKeyPath = 'ENTER PRIVATE KEY PATH';
module.exports = config;

 

 

 

 

 

 

  • Run npm install 
  • Run node index.js to start the Node JS Server on port 3000

 

Step 3 - Configure Postman

 

  • Launch Postman
  • Click on the Import button

2020-11-19_11-37-38.png

 

 

  • Import the collection file "TestMLE.postman_collection.json" to postman 2020-11-19_11-38-48.png

     

  • Set Your Key ID on Postman. Navigate to TestMLE -> a_Encrypt -> Headers. The value of header kid will be the MLE key

2020-11-19_11-42-35.png

 

 

  • Set your VDP credentials for Basic Authentication. Navigate to TestMLE -> b_VDRequest -> Authorization.

2020-11-19_11-44-04.png

 

 

 

NOTE: All the above steps are one time set up which is needed only once during initial setup.

 

 

Step 4 - Executing the test

 

 

  Update the json field "localTransactionDateTime" accordingly to the current date/time.

 

2020-11-19_12-06-54.png

 

 

 

E.g. https://sandbox.api.visa.com/visadirect/fundstransfer/v1/pushfundstransactions

 

2020-11-19_12-10-04.png

 

  • Navigate to TestMLE-> c_decrypt. Click on send to see the response

 

Picture1.png

 

 

 

 

Want more? Join the Visa Developer Community to get alerts on the latest tutorials, guides and new developer resources. Stay tuned for more in the series. 

19 REPLIES 19
ppp0
Regular Visitor

Re: How to test MLE on Postman

Great example on getting up and running on MLE requests quickly in postman. Especially insightful was the fact that for encryption we needed the Server Encryption Certificate instead of the client certificate if generated via CSR.

 

You might consider updating one of your node dependencies in package.json to "node-jose": "^2.0.0" as npm now complains of "high severity vulnerability" during npm install, which is fixed in the updated dependency.  

Mundoguero
Regular Visitor

Re: How to test MLE on Postman

Hello there!

 

Can you help me what with a config example in the Postman config.js?

I made the SSL configuration and when the hello world responds normally to my Postman requests.

I'm trying to use the card-on file API, MLE is mandatory, but I don't know what I need to put here. I have so many certs and .pem and dashboards keys that I'm lost here.

I finished your tutorial but I'm receiving a HTTP 401 Unauthorized response and I think its because a wrong config.js, I've tried all those .pem and that I have:

 

config.mlePublicKeyPath = 'visa-key.pem';
config.mlePrivateKeyPath = 'key_0467d1aa-8ab6-4cf8-b86b-23ab864e743b.pem';

 

 

shameem
Visa Employee

Re: How to test MLE on Postman

Hi @Mundoguero ,

 

Thank you for trying out our MLE"How to" Guide on Postman.

 

The certificates required for MLE configuration contains your MLE Key ID as below:

 

config.mlePublicKeyPath = '<PATH>/server_cert_<MLE_KEY_ID>.pem';
config.mlePrivateKeyPath = '<PATH>/key_<MLE_KEY_ID>.pem'';

 

Let us know if that helps

 

Thank you.

Mundoguero
Regular Visitor

Re: How to test MLE on Postman

Yes, it works and help me a lot! Thank you @shameem ! I was trying with the wrong cert and key.
ggeorg
New Contributor

Re: How to test MLE on Postman

Hi, I get this error from node-js in c_Decrpyt

 

node_modules/node-jose/lib/jwe/decrypt.js:141
              return Promise.reject(new Error("Algorithm not allowed: " + header.alg));

 

saadzikria1
Regular Visitor

Re: How to test MLE on Postman

I am getting following error while trying to decrypt packet. However, transaction successfully landed at VISA Developer platform as i have verified transaction using VISA Query API.

 

C:\Users\saad.zikria\Desktop\VISA QR Scan\Code Drop\postman\node_modules\node-jose\lib\jwe\decrypt.js:176
reject(new Error("no key found"));
^

Error: no key found
at processKey (C:\Users\saad.zikria\Desktop\VISA QR Scan\Code Drop\postman\node_modules\node-jose\lib\jwe\decrypt.js:176:22)
at processTicksAndRejections (node:internal/process/task_queues:96:5)

C:\Users\saad.zikria\Desktop\VISA QR Scan\Code Drop\postman>

shameem
Visa Employee

Re: How to test MLE on Postman

Hi @saadzikria1 ,

Thank you for trying out the "How to test MLE on Postman" tutorial.

As per the error you are getting, it seems that you haven't provided the private key file.

Kindly check your configuration and ensure below variable is set to your private key on mock server for the encryption and decryption

config.mlePrivateKeyPath = '<PATH>/key_<MLE_KEY_ID>.pem'';

Your private key file name should be as follows: key_<YOUR MLE KEY ID>.pem which you have downloaded from VDP.

Let us know if issue has been resolved and/or you have any feedback on how we can improve on our tutorials.

Thank you

Shameem

saadzikria1
Regular Visitor

Re: How to test MLE on Postman

Thankyou so very much Shameem for the detailed response, issue has been resolved.

pcamimlojunior
New Contributor

Re: How to test MLE on Postman

Hello,

Thanks for provide the How to test MLE on Postman
I am using this project to generate a encrypt payload to use in this API: https://sandbox.api.visa.com/universal/core/cards

because I need the vCardID to use in this API: https://sandbox.api.visa.com/inapp/provisioning/cardData/samsungPay 

To get the right data to send to the Samsung Pay SDK, I am working in a project which I need to crate a button in my app and call the Samsung Say Adk to AddCard to the wallet but I need this payload first from VISA because my client use VISA cards.


I am getting the same error that I already see here in the posts:

paulocesar@Paulos-Laptop postman % node index.js
Running!
/Users/paulocesar/Downloads/postman/node_modules/node-jose/lib/jwe/decrypt.js:176
reject(new Error("no key found"));

this error only happens when I call the decrypt endpoint in POSTMAN for the encrypt data is working fine 🙂 

OK, I am attaching my project and also my keys here for you check if everything in fine I added the files in the root of the project to make sure that I am not missing something but still doesn't work

Also I attached the postman request for you check. also added the screenshot of "hellowolrd" for you see that everything is working fine with my credentials added in postman config (certificates and user/pass in Basic Auth)


Could you help me on that please?


Thank youScreenshot 2023-11-10 at 18.09.24.pngScreenshot 2023-11-10 at 18.09.53.pngScreenshot 2023-11-10 at 18.10.00.pngScreenshot 2023-11-10 at 18.10.13.pngScreenshot 2023-11-10 at 17.53.42.png