How to add X-Pay-Token to project? I can not find this item among APIs. In VISA webinar (2016, https://youtu.be/RZ7zlDA89xE) I see following item:
But now (September 2020) I don't see even group "Risk and Fraud" among APIs. So, how can I add X-Pay-Token to my project?
The question is principal: I don't want to use client CSR, because I had a lot of problems with it earlier. Sometimes, certificate is declined, and you can not understand the reason. I prefer avoid using of client's CSRs. API key and secret is more reliable way.
Solved! Go to Solution
It seems, I found it. I added CyberSource API. After it, API key and Shared secret appeared on page Credentials.
It looks that X-Pay-Token is a part of CyberSource API now. Am I right?
Great questions and I'm happy to help. Visa Developer APIs have two types of authentication methods, which are two-way SSL or x-pay-token. When you choose the API to use for your project, and then create the project, you will then have an API that will have either a two-way SSL or x-pay-token authentication method.
The authentication method for CyberSource Payments is x-pay-token. From the API documentation page, the left side menu has an authentication tab that indicates its method here (refer to screenshot below) - https://developer.visa.com/capabilities/cybersource/docs-authentication
Currently, the only way to query CyberSource Payments sandbox is to create a merchant account directly with CyberSource:
Test their account credentials here: https://developer.cybersource.com/api/reference/api-reference.html
Here's the sample code: https://github.com/CyberSource/cybersource-rest-samples-java/blob/master/src/main/java/samples/payme...
Please let us know if you have other questions and someone will be happy to help.
It looks like CyberSource is some third-party software. Is it? Is it safe? Can I make fund transfers with it? Is it part of VISA?
My goal is avoiding of using Two-way SSL, because client's CSRs sometimes are declined, and it can be very difficult to find, understand and eliminate the reason. So, I prefer One-way SSL, when only server is responsible for his certificate. From my point of view, API key is more reliable way.
Can I use API key / Shared Secret with VISA native APIs, not CyberSource only?
I'm happy to help connect you with the CyberSource Support team. Please call CyberSource Support using the phone number below and someone will be happy to answer your questions on this API.
CyberSource Support 800-709-7779