Hi,
I am new, and I am certain this question has been asked 10M times but I can't find it...so apologies in advance!
I can successfully run Hello World using 2-way SSL on postman, yet I get the 405 when running all of the following VBASS requests even when copying the body json from the provided examples:
https://sandbox.api.visa.com/v2/binRangeDetails
https://sandbox.api.visa.com/filedeliveryservice/v1/binFilesMetadata
https://sandbox.api.visa.com/filedeliveryservice/v1/binFileTransfer
Is there something more than that these requests require than the hello world example?
Thank you for your question, @kemp. An agent will get back to you as soon as possible. In the meantime, if any community member knows the solution, please reply to this thread!
Hi @kemp,
405 Method Not Allowed response status code means you either tried a GET on something that only allows POST, or vice-versa, or tried http: on a method that requires https.
In order to correct that error, try changing your request method to POST.
Refer to my sample below.
End Point https://sandbox.api.visa.com/v1/paymentAccountLookup
Method POST
Request
{
"requestHeader": {
"requestTS": "2020-02-15T22:05:00.000",
"requestMessageID": "test999"
},
"requestData": {
"paymentAccountType": "P",
"paymentAccount": "4259077000001230"
}
}
Response
{
"wsStatus": {
"statusDesc": "Success",
"statusCode": "CDI000"
},
"responseData": {
"platformCd": "GV",
"accountFundingSourceCd": "R",
"accountBusName": "ABD & COMPANY",
"productID": "S2",
"paymentAccountType": "P",
"accountRegionCode": "06",
"issuerBillingCurrCd": "MRO",
"accountCtryAlpha2Code": "MR",
"issuerBin": "425907",
"productIDName": "Visa Government Purchasing",
"accountFundingSourceSubtypeCd": "N"
}
}
Response Header
Status Code: 200
Server : nginx
Date : Thu, 22 Jun 2023 00:17:42 GMT
Content-Type : application/json;charset=UTF-8
Content-Length : 1039
Connection : keep-alive
X-SERVED-BY : -5c8c48b66
X-CORRELATION-ID : 1687393061_716_2110112747_-5c8c48b66_VDP_WS
X-APP-STATUS : 200
X-XSS-Protection : 1; mode=block ,0
Cache-Control : no-cache, no-store, must-revalidate
Content-Language : en-US
X-AGS-Request-ID : v3:8655:sandbox:55c029:2985721c4c684c561f851d1519ff6527
X-AGS-Request-ID : v3:8655:sandbox:73c010:4101e04bd2550f5fc3e2f4198f889923
encrypted : true
X-Frame-Options : SAMEORIGIN
X-Content-Type-Options : nosniff
Strict-Transport-Security : max-age=31536000;includeSubdomains
Pragma : no-cache
Expires : -1
Content-Security-Policy-Report-Only : default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Content-Security-Policy-Report-Only : default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-WebKit-CSP-Report-Only : default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-XSS-Protection : 1; mode=block
X-Content-Type-Options : nosniff
Strict-Transport-Security : max-age=31536000;includeSubdomains;always