Solved: Re: MLE error Token Validation 9210

Russel

Hello,

I have issues when I deploy the Visa Direct service Project on Test server.

The MLE function works well on my computer. But as soon as I deploy it on the local test server (apache tomcat on Linux), the MLE returns error on Token Validation, but the two way ssl works well.

Kindly assist on what could be the issue.

Response detail:

401 Unauthorized: [{"responseStatus":{"status":401,"code":"9210","severity":"ERROR","message":"Token validation failed","info":""}}].

Full stack web Developer

vkamboj

Hello @Russel,

The 401 Token Validation Failed error you're getting will be seen when the x-pay-token sent in the header is invalid.

Few things to note while generating the token:

For starters, please follow the getting started documentation to generate a valid token. https://developer.visa.com/pages/working-with-visa-apis#get-started-overview
APIkey in the url query param should be the same as the one used to generate xpayToken
“resourcePath” sent in the xpaytoken has to be as per the documentation (eg: v2/payments?apikey={apikey}).
Payload sent in the request payload should exactly match along with spaces to the “requestBody” value used in xpaytoken.

Can you please provide the request payload of this API call? It's possible that you're missing a field or have an inaccurate format. I'd like to see screenshot attachments of the error provided, if possible.

Also, could you check to see if you're passing a correct value for URI. For example, make sure it’s defined correctly in the beginning of your code, and use the same value for the URI in the middle of your code. In general, for cases like this (i.e. “helloworld works, but the API XX doesn’t”).

Thank you,

Vaibhav

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

Russel

Hello,

The APi I am using are not xpayToken based, they are two way ssl auth based.

Actually, I am using Visa Direct APIs and Payment Account Attributes Inquiry.

For example, please find below the result for the same case on Dev Computer and on Server(Linux using apache tomcat)

With Same configuration, same credentials, but different results:

In the server test deployment: (Failed with 401)
Request header:
Mle KeyId: d26581e3-6684-4aa0-9d34-c1f16a8dexxx
Request Header: [Accept:"application/json", Content-Type:"application/json",
Authorization:"Basic MkVLMzBOTVFBWVUzOUtZVENHNFAyMXozNk9QbFRNLVc4UE9PWVRtekRmYVR2UjJyWTp5R0oyWklMNERjVVhtVXczOVNzWGc=",
keyId:"d26581e3-6684-4aa0-9d34-c1f16a8dexxx", User-Agent:"VDP_XXXXXXX_Java"]
Request Body: {"encData":"eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNjE4MjQyODI1OTQwLCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiJkMjY1ODFlMy02Njg0LTRhYTAtOWQzNC1jMWYxNmE4ZGU0MmUifQ.PQeGedrcGS9RWKMMAA53WC6l3UowqsRY2yQ51DToEPAjqEpNkbFHRyQ1LrAPybdZBq9ARv3CTf_bx1fdfRx1I0jtqr1KFexkZoyCpsQD11EBvXCPfrAZSvsMonM4X6pfVO7TJibfz8pRp3feN7XArbi3V9mozbyJpnpt0pGaUlckufx118aPag2moSJdJuQ-R63gheS_J9DiSx3IctWa997J7UQg12jfeZYbaEH5hsZUTnB3kXXzKEeBy80tYW5IAYWzmmNxqLQZ5L6ooPTLRQAWOSfsSLrdBoLHanjPhh9b4KS2y6aHw-030yk9hMuXCgA4txhEqPMTJdausmrftA.YD4tr8Jg6NEtGUm0.DYCjsbMDNj0Jw4W_JMcrnzAaYefsGRHOB_QExvggprGmuSUiFVWy7XyxfdI23RTeyHnLOxqZ7aaVCuQOGMLwqA9HOhqXfsciqqYJ3dfVP_pBoJUHS6lwok-Wmmm5Od6yj9Va285GQ_SzARsiPSqoUmJeBuCLpeXr.f0h_mgO0oXD_rzxrLWCskg"}

Response Detail:
401 Unauthorized: [{"responseStatus":{"status":401,"code":"9210","severity":"ERROR","message":"Token validation failed","info":""}}]

In the Development Computer: (Success)
Mle KeyId: d26581e3-6684-4aa0-9d34-c1f16a8dexxx
Request Header: [Accept:"application/json", Content-Type:"application/json",
Authorization:"Basic MkVLMzBOTVFBWVUzOUtZVENHNFAyMXozNk9QbFRNLVc4UE9PWVRtekRmYVR2UjJyWTp5R0oyWklMNERjVVhtVXczOVNzWGc=",
keyId:"d26581e3-6684-4aa0-9d34-c1f16a8dexxx", User-Agent:"VDP_XXXXXXX_Java"]
Request Body: {"encData":"eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNjE4MjQ0NTMyNDUzLCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiJkMjY1ODFlMy02Njg0LTRhYTAtOWQzNC1jMWYxNmE4ZGU0MmUifQ.3F4OMCakN8OsUhHmMybe444xnlOJLmW5PqCqKV58L0JtDM0A9ZYPsUB_kcGLyzBbMBHDRI4LYuZj8d6CZ6xZWVYUZR4XNRqe5fI8fOgpIBL9KUZNaJv1GyETX9ZWsJzqaOGIP3WNy1s8QW19j72J1BTswaRyAwkfOgKaqNZBQqJY3AYnEouvV11eXSDVrAVVAkIuTIF7FyTKa-jtPf5udw7FcvERkDccqEH6Ks-eVFyiocu3BHX2SWNjNZj12RQkh05asy8c5-tWbqHu3F6b2t5t2mDrtUq4t9FTc6nN3x4sIF7wNJCNN8HES20QZFvO3LlQS_o7LmoSXeqU2xQBFQ.PnVtO9GnyT-QWpn_.e3QBF29sFVdhUFsFwn87tBSA3bFv9uk6mXbDSJLMvV49tbKiMrcGm26RQRZ_89wgZ8-_Pwa6TQUebOpkWmNMwwWCgghU7x7Yb9dqZxzA7MMiDiDXsm5zzY0i-uTw-tvvQwG7eozvKSSHqtQo2JYjJRLfESczrl5i.IzYF9UG3ib6AIILXUXe1KA"}

Response Detail:
Response Status: 200 OK
Response header: [Server:"nginx", Date:"Mon, 12 Apr 2021 17:11:52 GMT", Content-Type:"application/json;charset=UTF-8",
Content-Length:"1467", Connection:"keep-alive", X-SERVED-BY:"l73c016", X-CORRELATION-ID:"1618247512_256_1143709058_l73c016_VDP_WS", X-APP-STATUS:"200",
"200", X-Backside-Transport:"OK OK,OK OK", X-Global-Transaction-ID:"69536f0d60747f587c3dec4f", X-Frame-Options:"SAMEORIGIN", X-XSS-Protection:"1;
mode=block", "1; mode=block", X-Content-Type-Options:"nosniff", "nosniff", Strict-Transport-Security:"max-age=2592000;includeSubdomains",
"max-age=15768000;includeSubdomains;always", Cache-Control:"no-cache, no-store, must-revalidate", Pragma:"no-cache", Expires:"-1", encrypted:"true",
Content-Language:"en-US"]
Response Body: class EncryptedResponse {
encData: eyJjdHkiOiJhcHBsaWNhdGlvblwvanNvbjtjaGFyc2V0PVVURi04IiwiZW5jIjoiQTEyOEdDTSIsImlhdCI6MTYxODI0NzUxMjUwNywiYWxnIjoiUlNBLU9BRVAtMjU2In0.S5j_fLET2NSyK4k7UxV3GMrYAu74knzadHAzQcNferURacVMzJhYdx8PmoQuuvV0VTMAJ2dzNQSUwmXZiVdPFXpX7O4-XzRGd4zaP5I5pm5oEIkZE-EaKWru12PhfqnQyDaoGpL7_QaH0gsY_9ujEqsSAk4buSzbyoxL7ZHa8uYIEU6yo0fbyB0iK3YeJjMtWY4VPyoUH_5pr4MYmkf3OS9rewgDGAQT83neWI3jwW6wuVxnc29ZfFsh5HFghRaRDfqNNZ9pIKvsWlwsQc8I5Kza-fIZmcWIDtLHFg2E7j0v2vPZygT3w1Y6MD2TYS9q0eOehvco4XOPuSssiMYTew.iD5im2wzXuDFcg4W.wUQscGKvfQDcllj-AEjtBmnBIrbyHIFSvYsSQ_W12b_UcPAfj92RdNngw2dWZjbPpEBWlfPKllsV6a78NHpVLHgoMWbdRbssqled-OOQPV3FfFTrrhL37vYnOHrAqTMh7oedYqu10dG-PfTmGNtllE9o0kzs5sRzyX5TkLdo-8eXBufPro_01HzByUCqPtA3e0ooTM0NOFZ-3VkZAynZKjhvkljJ_IpJIrWGdWX3Rwxeod-XfrhYVemy8KD4YQ3z_S9VQ-DBN4QcjAgF2oVYHiV7y-tL0xyw90Ubzs-vxy0MKTeq9gQj0yKr7YnwWOqZPyuW0Gin2TkKPDH_j3_x2xs1IInS33H1SmshD862t6h03-2oMWPdZnfIBxpr5GZK5kTLJ-rF4PAfWj_5KjzSlQ9zBCJGkOtbMV4D0UillW800-4VzNK_yXsXWMrPmsZy70E9_GFlHDeeH5hLMsI6JHrLP1uSHYCuZcqrD2KUTqxb4XjqTvN06Ade22BftulL-Mhc1wPUXLOgpyNFH5F8cKeIqoksSRN9cOSGvhOAZGbivQW7BzXRSZ1HCRJHuD0P6hy6m8beJGPzWhMqaYoFn3j_69DIQ6_acylh9ADrzwPc6VPrD3uGgtwdbWf0WvHpiWx_rUWPJOnXyVIWpEC8a0E30xC5-IuNGWctBDwER-tUOsuHzFGWKkLzBwp6OaPlkcLcZoCIqsrAoyPDcg_jro9bsvvMKyQ41wfnFr_4VRNCPn9jdXA-kr0WuF9qW8l-bqHDuzmFLQXCwWfEXjf0wXtlbI6WW5JBfxyvXjVOMAXtVTtf3YWXfz8fnRqjw50L56H52Nyqhv3SN_A-ph5wXeOIvSKqDQs7orYMTbmI-hWWnpO7SsYy_cUbz47w8CuYV1c36KDfi8Y20yCulYt9Di-pqGBLYdrloxrtZJsyJw.cfgnGrON3BYo8LpfIV9UlA
}

Kindly assist what I need again to check in the SERVER side.

Regards.

Russel.

Full stack web Developer

Russel

Hello dear, is there any feedback? I'm still waiting since my last update I sent to you.

Regards.

Russel

Full stack web Developer

vkamboj

Hello @Russel,

My apologies for x-pay-token related answer earlier. It's an oversight. For the issue with your Server, please check if the iat Server timestamp that goes in JWE Header of the encrypted request is less than 2 minutes from the current time. If not the request is not processed thinking the iat timestamp is expired. This is one thing we can think of at this time since it works fine on local and not on Server. Kindly do share the X-Correlation-ID from the failed request for us to debug further.

Thank you,

Vaibhav

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

Russel

Thank you for your assistance.

The issue has been resolved after I reviewed the server time. It was about 12 minutes late.

Regards.

Russel

Full stack web Developer