This also happens with other endpoints in the API as well, e.g., /dcas/cardservices/v1/cards, /dcas/cardservices/v1/cards/{cardId}/cardstatus, etc.

Is the documentation (and sample code) just wrong or is the sandbox environment just broken?

Hey @pbiron,

I'm happy to help resolve the issue you're experiencing. To move forward, please provide the following information:

1. Endpoint
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body

Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.

endpoint

/dcas/cardservices/v1/cards/4883836336860016/cardholderdetails

(the cardId in the endpoint is from the Test Data in the project)

request headers

User-Agent: VDP_SampleCode_Php
Accept: application/json
Content-Type: application/json
Authorization: Basic [obfuscased]

request body

[empty]

response headers

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/json
Content-Length: 366
X-SERVED-BY: l73c018
X-CORRELATION-ID: 1580420411_521_2135072074_l73c018_VDP_WS
X-Backside-Transport: FAIL FAIL,FAIL FAIL
Cache-Control: no-cache ,no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
X-OPNET-Transaction-Trace: a2_5238e38a-735d-42d1-b737-882f5cf7203e-7180-912
Correlation-ID: a70ecc0d-8223-402f-8864-9c9627fd1bfc
X-Powered-By: ASP.NET
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';
X-Global-Transaction-ID: 458484be5e334d3bb16ef2f7
X-APP-STATUS: 400
Strict-Transport-Security: max-age=2592000;includeSubdomains
X-Cnection: close
Date: Thu, 30 Jan 2020 21:40:11 GMT
Connection: keep-alive

response body

{
"resource": {
"ssn": null,
"dateOfBirth": null,
"name": null,
"address": null,
"mobilePhoneNumber": null,
"homePhoneNumber": null,
"cardIssueDate": null,
"nameOnTheCard": null,
"expirationDate": null,
"cardTenureDate": null,
"isPrimary": false,
"directDepositEnabled": false
},
"processingTimeInMs": 0,
"receivedTimestamp": "2020-01-30 21:40:11.428",
"errors": [
"Missing Required Header: App-ID"
]
}

Hey @pbiron,

I'm happy to help. Can you please provide us with the name of your project so I can take a look?

Please also visit our Visa Developer Error Codes page - https://developer.visa.com/pages/visa-developer-error-codes 

This page lists the common Visa Developer error codes and how to resolve them. I've also copied and pasted the Bad Request 400 error and resolution below, for your convenience. Please test again and share your results with us.

Payload and URI Error Codes

HTTP STATUS: BAD REQUEST
HTTP CODE: 400

CAUSE/RESOLUTION: This error could be due to a variety of reasons.

Check for the following:

• The url has a space after the ?.
• Whitespace issues, in general, anywhere in the url.
• Ideally the following fields need to be checked for correctness:
  
  • URL
  • Query params

Or

• The API endpoint you are trying to use only supports Two-Way SSL authentication. Please ensure you are not using any other token type.

Or

• Invalid input found in the request payload.

Hey @pbiron,

Just checking in to see if your issue is now resolved. Can you please confirm? I'd be happy to help if you need further assistance.

Hey @pbiron, 
 
I've reached out to you previously but haven't heard back. Feel free to reach out to us if you're interested in working together in the future.