Re: How to Encry Card Data - In-App Provisioning

infinetwallet

hello support,

i am trying to implement the Visa In-App Provisioning(Universal card enrollment) in postman and im getting a 401 response error.

I tried encrypting the card data with the JWE encryption method, using my api key and shared secret but somehow, it doesnt work

{
"responseStatus": {
"status": 401,
"code": "9123",
"severity": "ERROR",
"message": "Expected input credentials were not present",
"info": ""
}
}

I_Doroteo3

Hi @infinetwallet,

The error you're seeing is due to the Basic Authentication not being sent in the header with username and password.

For more information, please read the information on this page: Visa Developer Error Codes,

Thanks,

Illana

infinetwallet

firstly, thank you

but then when i pass the basic auth

i get 400 bad response error
{
"errorResponse": {
"status": 400,
"reason": "invalidParameterEncCard",
"message": "Invalid input parameter(s)",
"details": [
{
"location": "encCard",
"message": "Unable to parse or decrypt"
}
]
}
}

however i copied the exact same sample code provided in the docs

I_Doroteo3

Hi @infinetwallet,

Please provide the following information so that I may assist you further:

Endpoint
Request Header
Request Body
Response Header (include the x-correlation-id)
Response Body

Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.

Thanks,

Illana

infinetwallet

Endpoint: https://sandbox.api.visa.com/universal/core/cards

Request Header:
x-pay-token -
Content-Type: application/json
Request Body: {
"encCard": "eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiQTI1NkdDTUtXIiwia2lkIjoiSTUyWVZGUjJHRllBU05UUlFXTloyMVl6WEZtREt5TkRTWGE4NEt4emMteDdwTDFJayIsIml2IjoiTjJ2Qlc1MUwxdnRlRXg3XyIsInRhZyI6ImlUVURvRkFqckY0OWd1d2lZcjNGVXcifQ.tLg4W3K2Sr9-_cuHwpZ1Ccrf2P4J2ZtQoKn9e4YFvow.wdIBYfKm_cFflrRa.aWfJiUj_3d0UFAsNGjOlfzJUvEaJJKwnEuUknjs6nPpgZ9Lpp9MMIL7-fHGbXmvqyNsMl7bZ1KQv_AhqIBzFUIJuxs6Si_ZvB-gLVLyDx-4-QhRjJ3xg1Hp6PUTsPeJljQjg6pCDLQQ24sctVRw4vSrnK9ruy412v9fNmYN4kvzsHOhZok1Oie81O9Hp5J0t-HvNHsD5dy1S74vq7ImC3fmInh0KNXg-i4YTeLcn5ILbLTAeFMZKklZGFO8piBdyB4U7ahD_qvHjfdAUpGKcNHY1tVCVHd9n9TRtR0LTItncU-VHLRjRASqHngZjVcDE4Sn4R9Bmhkujt1A4N8BbDQ6jaqESk9uyK-URsQUgCamhNzSUm_geFynrTVq7TiZRGM-IwclqEePzuywG79iZKJ3QDLMHE0xLtiJKC9r_-mCO3CuwRXHRgmRKSOrkSlMJ9ovbyslJ2E26qjjfrnSR3-qcpsF_RhNBeb8lCPjuRakTjygXVRYBkoYczqdjMxy56iESeUZlHAvuPyMT9BbFK916VNZWMy9hdQZ-ARe45yg.ReH3rqQcyapz2WxC0OeHsg"
}

Response Header:

Server: nginx
Date: Tue, 15 Nov 2022 16:30:21 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 180
Connection: keep-alive
X-SERVED-BY: -756b6656n
X-CORRELATION-ID: 1668529821_332_993850134_-756b6656n_VDP_WS
X-ERROR-ORIGIN: 9900
X-APP-STATUS: 400
Cache-Control: no-cache, no-store, must-revalidate
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
Pragma: no-cache
Expires: -1
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;

I_Doroteo3

Hi @infinetwallet,

The sample request payload for the Enroll Card API is:

{
"encCard": "eyJraWQiOiIyRUkzRE5WU1pHTUFERFlOTUtNMDExd2o3Z2V4WUJILWhOMkpzSFg5NHlkaktjb0VVIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6IlJTQS1PQUVQLTI1NiJ9.Ahg9Pt2j3UJfVSKj5Tmk8kKEywHoYCbBBvwUKblOh_0M5Nb5RfsDG1Kw9M3-Sqs8_VZZ9rMRZRvDnDFzV8LgRIx-Z5fMQLdoFtOzTpOr-aD-Zx4sQSxkjI1HoZBkZTGkxNiUM5LRNMkJ5HaP0SprddkY4dO3J74xiQNDUTiHlCjsQHnGyWFwcE3B-kq9ooj--AgFMdAkPogNTcLnZoYi3HAgZk2T-Dnq_AbSJzk7xPHtklHEOrFfRRBhsDzRk__sXcmMjFlEJ5T3NK8TCOrdE6q9m13tzTpIrnV3BOWCO4FeKLrkTBzA2270oXLLTX_im0kFCVTKqtCz0oHRPFCAhQ.O7x3brFeJmSyxTER.45ETkDsYpag37X6yeHd0aOBAttQYaPI9333k-Z_t9QQez1VDSfY2yv_S3iDVcSErJP2UnxrTaHm89_bVDAc2yOwZXhxiT-1hEIFf2tJNIF4tSfb4nHiK8YI1exjQevG05KiBpvAqZEd_jF4n8Fl-iiPQFurbqkI.raYixQnXRc_86p3AkMTyZQ"
}

This is the sample payload copied directly from: https://developer.visa.com/capabilities/visa-in-app-provisioning/reference#tag/Universal-Card-Enroll...

Please try this payload and let me know if this helps.

Thanks,

Illana

infinetwallet

it didnt work

{
"errorResponse": {
"status": 400,
"reason": "invalidParameterEncCard",
"message": "Invalid input parameter(s)",
"details": [
{
"location": "encCard",
"message": "Unable to parse or decrypt"
}
]
}
}

I_Doroteo3

Hi @infinetwallet,

Ok, I've submitted a ticket with the technical team to see if they can look deeper into your issue.

I'll reach back out when I have an update.

Thanks,

Illana

infinetwallet

hello @I_Doroteo3,
i havent heard back from you on the issue im facing with the In-App provisioning enroll card endpoint.

Please, what is the progress on that? if i may ask.

I_Doroteo3

Hi @infinetwallet,

No response from them yet but I've reached out for an update.

Thanks,

Illana