Hi,
I'm currently implementing QR receiving side API in a sandbox, I have tried to follow and use java resources found from your repository, but I don't know what I'm doing wrong with certificates I guess but I end up getting below response
{"responseStatus":{"status":401,"code":"9210","severity":"ERROR","message":"Token validation failed","info":""}}.
I have tried to use this video for guidance from the visa community.
Solved! Go to Solution
Hi @developers,
Can you please try to make an API request to GET https://sandbox.api.visa.com/vdp/helloworld to test connectivity first?
Please also provide the following details so we may troubleshoot further. Thanks.
Hi Stacey,
HTTP GET call to https://sandbox.api.visa.com/vdp/helloworld is working, find the response that I'm getting below
End Point URL --> https://sandbox.api.visa.com/visadirect/fundstransfer/v1/pushfundstransactions
Request Header -- > keyId = df2bea23-1807-4746-9ec7-08edca895b53
---->Authorization = Basic NjczRDhVV0dTNEU4R1NPMzFRVDAyMUVPWTE0Z2lJN1REN2RuRTVhdm9mTEZBYkJVZzpxRTJ0cXFoRTNuWUFadG9YdmxPNUh4cjlqRDVTN29t
----> Content-Type = application/json
Request Body ---> {"encData":"eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNjE3ODU5NTEzOTIyLCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiJkZjJiZWEyMy0xODA3LTQ3NDYtOWVjNy0wOGVkY2E4OTViNTMifQ.Ql3JVo9t6XK1GaryB0PcyG_EuujQsxL3HPC6VHnwm1aY9jrOw8PF5imgwAg6GMlDQ_hsx79whaQX0mPONPWMmE3GxB0RU1KG3V9uLZuKsJPp8lMmB0ru_KVC0HkWCA85ctO9jP5SKULdT2ubCcsTIYrtgyZakBm12H5IsWfeqWmGcINZKhh2cdZetuP50GtydDtTnKTn9x9lGcHNvtflcgfIMvooMv8Seay-UsgZID1Iwkc126FyzQrSMAuPnL_1BFerronlPTAk3NKK1PjV8kgOPAH8BuAA5yPwMUfbJvTrL9UKSI3C7jj0U2rnl3J9pvrB59BC-ZJ8JiyBw3EpeQ.Zw4Zfmy8UeQHo4Bk.tB_74JDdQiCyyfh5Oyg0ZUaKCopYqRhbJ2a10pkdqSkDJg4I5HmgoxVa4BR1pYSm5YJl7UwXflNTtn0D4SKpcNdOmjLU3XPCihtzxXrbDQGjH5YmVN9x16ANC9HlQkot5qIfK8N5WWi67jXN5TkfDj0b0rA2UBNLURaeWuk3hYuEniSbP8y3DOps1zgV8yJ80i85PlFpJRCTOt7tzyVsCA0eBraB81_PmKykT--dupFvkIog4w67GtYFEsyKlnOEzYB-aQa4z6GCnK19XxPhKK-FSyybREPIsqgQ3ULCisQxYMxONwMJXYnEQ3sq1YibtoxCS2GH7a5ZIR921_ypvef7iPI5liFPmC_PJvHoMvoJYiuU7eB56K2jEulI-sUk3ucWWtC8w_ltbE8yyItu-1eaFo9niqjP_NmxPubIA7SzoStXaPyb3LvvtfRKQfoebnRmUJaoyO2Q8RxzuOH--zyQ72nm8pdMCsfqydBPeCuku1ZqpttraYM59CiHBG1djah6jrQy06s7H_I_LOmGBaC3ZLNsNNwCKG-mIOkCxx14wyv6pOdruReqq9nhlHLhM5wodaJIJdiiAGoclllsPC_Nm8tS-GLWWIjYNgPIMa2OWSaVn8-C738JmIkMRnx0uLVOIZg0X6s7QsJobywTQEatTNUmaINJEWavKOAjOd7nUcs28W7g6qlFyKMfPKIxJ_iWkFD_tSA4rFoiuEC4t-69LcbrQwIt-yNjM2TGMfKNXBd-NdBmFEf501Oc28DX8F84A0Lkn0vubXBBAyROCsfA79U_BbV8yL_TEWfnyhKJIbFq-6mSGYDdIrd6RZX0LZJfZg85XmM6Rlq8Sydvd2fcOXYUHQ12s6nrXoio6NRPtCSNIz8IiWjimBClMQmB-T_yMxyYq3ikyS_amfP47RXioAl2AK9-z_EG_uRn-H3A0UhGsJgSX1LmFSsp2vihdkQsygzC1OmKEOfW8prQvTw9yeo8MpD10K8_HS9t3nZTXSy0Kb_oqIbHJeScX_XbwszMcMGjUKBEJQ8UhcZTk03FesU-5W0G68ST8f2HppthMN87wZsjbzf0n9b79KEcvzR3JKW4W5Fe3oh_pvz9yZ3gtxbhP0yVQ6Ak8DBWUAup6MR0w3xttfXq1nb5CDwW8PNtL4xHlHviA2yYgKu52gpZCFTJ1MPHGpFGux885bwEohhFBVJuvuBiLDN_3xssLbr859FQo4t5HnGJZZFyvjm5Ix71FUnyf_FbI_vzCaZTP1VQ-d7oo9Day604Xfj0ANl1BRFpPy8PkZJC0uqoci9T_MKEUZWxbkH6tunxsJEJT3Mi4pJbmvzoFEgD8BiGYWtIjxDkgTSlfmcnpQiazyQ3AQjrZZKtCH9tnwLMcP1XNYZ2HWxAqEkKdulbK_CQkd9Bceq9CiXfLI-8gqfxZ7uhvw_QYyrYqn0ka9tRod7Lh8X4VbcRlJVv0v5K6O9yD7oYnY5jRTp2cSzV-uR0C-x39OywP3-1zsFHIU0P0od5Ove8f0UuuY8os0vtYg5d4_a9KFXloT76Ju_PU_QCPyTq6ZytoWU2sp-Vmr1FzmYAsXoGsjJLZLYfDLIaaOqXAK4qdWgA9YmVXs4iBe9NT6V8UADRXnfogDFe5clijoEa_V_UgXTQMikI2EdxHW2cwDi0tEAOPlic0eOWTbt8Jucein_xjjngOs_FUhx7fNZrciq_AanRGlrrovtCGidmGgdS71mp9RXEqeZPApBC7eRKdOa6qTxvcn1oMxqJpdfsq1Tj1kfGAt9LDt7YQbBT_E2s2MoxyKBQMjbAuPqTvPMQi-IXhzRaFUBpvudtBE9iLyNbNFIu6ERg_fxX1WZevZmzIVnjVrZW_VD33ZCbBokYMvZ-LajZefsYcHVCdQ8EAPnxxxwDgfbIBBA8bfbeWPex6FTnjvG8WVcDRkrJczhpYchWRZyEd1YBKPyRgrAikKaYbJSpuS1wavEXoMM1TF8HI1DChTF-J30_qVD5dVxhtOOOWXO_FroIHA9JSaTfAjfnN1Y6hITtH-kpP232I5DKaUBUE88lHW_wSPQV-NnitObiA0wBjVuTXtP2NI7SC-GXByEnWp0vd1eh6GeQsaIXDTk.j46LjnH18YF7272CtVaXAg"}
Response Header (include the x-correlation-id) --->
null : [HTTP/1.1 401 Unauthorized]
Server : [nginx]
X-Content-Type-Options : [nosniff]
X-CORRELATION-ID : [1617859392_871_1884381799_l73c014_VDP_WS]
Connection : [keep-alive]
X-SERVED-BY : [l73c014]
Pragma : [no-cache]
Date : [Thu, 08 Apr 2021 05:23:12 GMT]
X-Frame-Options : [SAMEORIGIN]
X-APP-STATUS : [401]
Strict-Transport-Security : [max-age=2592000;includeSubdomains]
Cache-Control : [no-cache, no-store, must-revalidate]
Expires : [-1]
X-XSS-Protection : [1; mode=block]
Content-Length : [112]
Content-Type : [application/json;charset=UTF-8]
Response Body ----> {"responseStatus":{"status":401,"code":"9210","severity":"ERROR","message":"Token validation failed","info":""}}
Hi @chambofadhili90,
Since the call to the helloworld ping test is successful, this means that your project credentials and certificate are working properly.
For the Push Funds Transaction API, MLE is not enforced. Can you please check in your project's "Summary" tab to see whether the MLE toggle button is on or off? If it is set to OFF, then you don't need to encrypt the request payload. If it is set to ON, then you'll need to encrypt the request payload with the MLE specific credentials.
Hope this helps, please let me know how it goes. Thanks.
Hi Stacey,
I had to do two things to make it work. first I had to enforce the use of MLE verifications and then I had to adjust the iat value by +90 to make it work. Thanks for your time.
Hi @developers,
Happy to hear the API is working for you. Thanks for sharing with us what you needed to change to make it work.