How to test MLE on Postman

Visa Employee

How to test MLE on Postman

In this “How-to” guide, we will show you how to test MLE (Message Level Encryption) enabled APIs using Postman.


Important Links:


Enable MLE for the API(s) you are interested in.


Login to your Visa Developer Dashboard and go to your project, you should see something like this:




Enable the APIs for which MLE needs to be active in VDP by toggling the API for which MLE needs to be enforced.


In this example, we will enable MLE for Funds Transfer API And Query API as below:





How to get credentials


You can obtain your project credentials by browsing the left side navigation menu of your project and click on “Credentials”.




Next step we will create a Key-ID by clicking on the Generate Key-ID button.




After you have clicked the button, you will get Key-ID. Copy the Key-ID for your reference.

The Key-ID will look like this: 41d9f2a1-xxxx-4xxx-b40c-a0480c2xxxxx




The next step is to add a CSR (Certificate Signing Request). Click on the link "Add CSR" .   


You will be prompt to submit a Certificate Signing Request. 




We have option to Generate a CSR for me (default) or submit your own. In this example we will use the Generate a CSR for me (default) and Click Confirm button.


After submitting the request, you will be prompt to download the Certificate/Copy Private Key. 




After you have downloaded the private key, check the box "I confirm that I've downloaded my certificate key" and click continue. You will see the Status change to "Active".



Expand the Key-ID and you will see the Server Encryption Certificate and Client Encryption Certificate.

Download both certificates and save it.



To be able to make an API call with MLE, you need to have the following

  • Server Encryption Certificate
  • Key-ID
  • Certificate Private Key


How to test MLE using Postman



Step 1 - Get the Postman MLE Zip File


  • Download the attached postman MLE Zip file and extract it
  • You should see the following files





Step 2 - Setting up the mock server for the encryption and decryption


We are using Node JS for the mock server which allows the ease of encrypting the request payload and decrypting the encrypted response payload.



  • If node is not already installed, please install from
  • Go the extracted folder location, and edit config.js
  • Set the below parameters






var config = {};

config.mlePublicKeyPath = 'ENTER PUBLIC KEY PATH';
config.mlePrivateKeyPath = 'ENTER PRIVATE KEY PATH';
module.exports = config;







  • Run npm install 
  • Run node index.js to start the Node JS Server on port 3000


Step 3 - Configure Postman


  • Launch Postman
  • Click on the Import button




  • Import the collection file "TestMLE.postman_collection.json" to postman 2020-11-19_11-38-48.png


  • Set Your Key ID on Postman. Navigate to TestMLE -> a_Encrypt -> Headers. The value of header kid will be the MLE key




  • Set your VDP credentials for Basic Authentication. Navigate to TestMLE -> b_VDRequest -> Authorization.





NOTE: All the above steps are one time set up which is needed only once during initial setup.



Step 4 - Executing the test



  Update the json field "localTransactionDateTime" accordingly to the current date/time.










  • Navigate to TestMLE-> c_decrypt. Click on send to see the response







Want more? Join the Visa Developer Community to get alerts on the latest tutorials, guides and new developer resources. Stay tuned for more in the series. 

Regular Visitor

Re: How to test MLE on Postman

Great example on getting up and running on MLE requests quickly in postman. Especially insightful was the fact that for encryption we needed the Server Encryption Certificate instead of the client certificate if generated via CSR.


You might consider updating one of your node dependencies in package.json to "node-jose": "^2.0.0" as npm now complains of "high severity vulnerability" during npm install, which is fixed in the updated dependency.  

Regular Visitor

Re: How to test MLE on Postman

Hello there!


Can you help me what with a config example in the Postman config.js?

I made the SSL configuration and when the hello world responds normally to my Postman requests.

I'm trying to use the card-on file API, MLE is mandatory, but I don't know what I need to put here. I have so many certs and .pem and dashboards keys that I'm lost here.

I finished your tutorial but I'm receiving a HTTP 401 Unauthorized response and I think its because a wrong config.js, I've tried all those .pem and that I have:


config.mlePublicKeyPath = 'visa-key.pem';
config.mlePrivateKeyPath = 'key_0467d1aa-8ab6-4cf8-b86b-23ab864e743b.pem';



Visa Employee

Re: How to test MLE on Postman

Hi @Mundoguero ,


Thank you for trying out our MLE"How to" Guide on Postman.


The certificates required for MLE configuration contains your MLE Key ID as below:


config.mlePublicKeyPath = '<PATH>/server_cert_<MLE_KEY_ID>.pem';
config.mlePrivateKeyPath = '<PATH>/key_<MLE_KEY_ID>.pem'';


Let us know if that helps


Thank you.

Regular Visitor

Re: How to test MLE on Postman

Yes, it works and help me a lot! Thank you @shameem ! I was trying with the wrong cert and key.
New Contributor

Re: How to test MLE on Postman

Hi, I get this error from node-js in c_Decrpyt


              return Promise.reject(new Error("Algorithm not allowed: " + header.alg));


Regular Visitor

Re: How to test MLE on Postman

I am getting following error while trying to decrypt packet. However, transaction successfully landed at VISA Developer platform as i have verified transaction using VISA Query API.


C:\Users\saad.zikria\Desktop\VISA QR Scan\Code Drop\postman\node_modules\node-jose\lib\jwe\decrypt.js:176
reject(new Error("no key found"));

Error: no key found
at processKey (C:\Users\saad.zikria\Desktop\VISA QR Scan\Code Drop\postman\node_modules\node-jose\lib\jwe\decrypt.js:176:22)
at processTicksAndRejections (node:internal/process/task_queues:96:5)

C:\Users\saad.zikria\Desktop\VISA QR Scan\Code Drop\postman>

Visa Employee

Re: How to test MLE on Postman

Hi @saadzikria1 ,

Thank you for trying out the "How to test MLE on Postman" tutorial.

As per the error you are getting, it seems that you haven't provided the private key file.

Kindly check your configuration and ensure below variable is set to your private key on mock server for the encryption and decryption

config.mlePrivateKeyPath = '<PATH>/key_<MLE_KEY_ID>.pem'';

Your private key file name should be as follows: key_<YOUR MLE KEY ID>.pem which you have downloaded from VDP.

Let us know if issue has been resolved and/or you have any feedback on how we can improve on our tutorials.

Thank you


Regular Visitor

Re: How to test MLE on Postman

Thankyou so very much Shameem for the detailed response, issue has been resolved.

New Contributor

Re: How to test MLE on Postman


Thanks for provide the How to test MLE on Postman
I am using this project to generate a encrypt payload to use in this API:

because I need the vCardID to use in this API: 

To get the right data to send to the Samsung Pay SDK, I am working in a project which I need to crate a button in my app and call the Samsung Say Adk to AddCard to the wallet but I need this payload first from VISA because my client use VISA cards.

I am getting the same error that I already see here in the posts:

paulocesar@Paulos-Laptop postman % node index.js
reject(new Error("no key found"));

this error only happens when I call the decrypt endpoint in POSTMAN for the encrypt data is working fine 🙂 

OK, I am attaching my project and also my keys here for you check if everything in fine I added the files in the root of the project to make sure that I am not missing something but still doesn't work

Also I attached the postman request for you check. also added the screenshot of "hellowolrd" for you see that everything is working fine with my credentials added in postman config (certificates and user/pass in Basic Auth)

Could you help me on that please?

Thank youScreenshot 2023-11-10 at 18.09.24.pngScreenshot 2023-11-10 at 18.09.53.pngScreenshot 2023-11-10 at 18.10.00.pngScreenshot 2023-11-10 at 18.10.13.pngScreenshot 2023-11-10 at 17.53.42.png