Endpoint: https://sandbox.api.visa.com/connect/v1/cardServices/new

Request headers:

Content-Type: application/json
Accept: application/json
keyId: 7ab366c6-6033-419c-ae61-9d5362fce23f
X-App-Id: <string>
Authorization: Basic REFCRkRPUjlGSTBKVjJTTlhFMDIyMXY3aU9SenJDTUNKalRvaVJkVENKTnhZV2t1MDpNVjJ1S0pDSFB6UzltbkV0WkhrN3lOckIzUXJEUzE=
User-Agent: PostmanRuntime/7.42.0
Postman-Token: 01e8d436-3387-4abd-8b64-213805684ca0
Host: sandbox.api.visa.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 783

Request Body
{
"encData": "eyJpYXQiOjE3MzAxMDAwOTIxNjQsImVuYyI6IkExMjhHQ00iLCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiI3YWIzNjZjNi02MDMzLTQxOWMtYWU2MS05ZDUzNjJmY2UyM2YifQ.l9n4aegtz2zthhUf5SN3lhUkSYngC0_xEvLSVgTLyjnnxva9uAmXSJw2wqSbSV2qc0V0AOGTgk4q5Ki2zzY2ktm43Aj10S1Q1NdS00zeyDTm69j3rrDCF6qzB6gawER914ib1opI6eGjqslmKZwVFGytu0y1Pclb12Y-0eNUS18x64hfEiOBJKs7y3nFSOyU-ZrR2rWGZT1jLeMJrFDyjCamYny-ncTTV1RvNLZroN9IRZZV0C25LaLvPzlu3So3t91iZZjc0wyugXttobW3ploG0WT21U6fixADmqiYaiPn59o0wLkJLUsMZjtWyXm2MtgWrqr4OlOTzXN5_cVICg.3hnpWZhFBVz98qcB.i7mINAAVwAC3irnWta3wFKrvfmH7fvqPR2S4-qAXVohUpCOLEP1HDUIA6h0S9N-qdk8anu_km0Vy63KqRcs8djzA-do3JLWxD_YCVqmfWwwzmZGpGLebtkPyDY5S9kUPL-l18IqtYDNKRtKYSeGcHc5911PR7ijEWqtAphjBwFaDBRntjv6nU0dIqClfkbTHoarip9NNO_XyPKuKJDI3CgJcvI7rhEn4n1D6p5nxTr39W8rf.XeHE0E2GspEeC5h8ZoX3lQ"
}

Response Headers
Server: nginx
Date: Mon, 28 Oct 2024 07:21:41 GMT
Content-Type: application/json
Content-Length: 679
Connection: keep-alive
X-SERVED-BY: -7c479c7889-8248
X-CORRELATION-ID: 1730100101_559_2003168883_-7c479c7889-8248_VDP_WS
X-ERROR-ORIGIN: 9900
X-APP-STATUS: 403
Content-Encoding: identity
encrypted: true
Cache-Control: no-cache, no-store, must-revalidate
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
Pragma: no-cache
Expires: -1
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Strict-Transport-Security: max-age=31536000;includeSubdomains

Response Body
{"encData":"eyJjdHkiOiJhcHBsaWNhdGlvbi9qc29uIiwiZW5jIjoiQTEyOEdDTSIsImlhdCI6MTczMDEwMDEwMTgzOSwiYWxnIjoiUlNBLU9BRVAtMjU2In0.V_m1RW5i6vExatKilsm3_4y-f41Eo58wT4QoeCD7szecINhM4j4XBPANKDRn7hJ-VR56QHQemrYaSy6_zzleqUbUUHgfmcvR71p67Xwngb9NMPDPOi7iUbj3vk_ufdiCylegUntojJtiNlaq9SRBbvl6tJe96sYbeFQBAJam0xTnKR_nYOe8stuJGloYnnkHPBxNPwU5iIwmhgIE9TSCGcXckrK6dsorADAHaNPxg6Lp36IFt8cgOcuMwS3aTroUNB3icKPDqL3UKxNFN291amErmNrH2EB8nZamr4J4ITLRp4PuH05JzLr9GIG7Ryo1br0MxbZp_MCFZ7R0F8EtvQ.3oElOkF2Yv56c2gi.FSEDfYav_RECvIa3bTIdXEqVOv1doP6or5_nM1pSKHwmvOGiwjr9WVFxiibdMAQ6b7PNrlc8YmNgIosxkHs2FAzpGKGgmu3h_EEyS5OMFxLMrJLpPfVG6v3RkfsnVISDzMDi3EW5drUG2k1kyQD4x50zYK_w1YJVifhfNYPzQQ.WYk6pUEB1b7h3j1VkG74dA"}