Re: Testing sandbox from post,man

fsimon
Regular Visitor

Testing sandbox from post,man

I have the xpay-token generated from a java program.  However, get the below when trying to hit the sandbox from postmanhttps://sandbox.api.visa.com/vts/panEnrollments?apikey=the apiKey from dashboard

Content-type: application/json

Accept: application/json

X-PAY-TOKEN:    token generate from java code

 

 

{
    "errorResponse": {
        "status"401,
        "message""Token Validation Failed",
        "reason""inputValidationError",
        "details": [
            {
                "location""x-pay-token"
            }
        ]
    }
}
6 REPLIES 6
API_Products
Visa Developer Support Specialist

Re: Testing sandbox from post,man

Hey @fsimon,

 

I'm happy to help you resolve the issue! To continue, please provide the following information:

1. Endpoint
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body

Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.

 

 




Thanks,

Diana



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

fsimon
Regular Visitor

Re: Testing sandbox from post,man

I am using postman not soap

 

1. Endpoint:  https://sandbox.api.visa.com/vts/panEnrollments?apikey=JNW93DZXG8F09UXIT7UJ21nrxMlZGk0yJqL4V2RRgx9Ah.... Request Header

Content-type: application/json

Accept: application/json

X-PAY-TOKEN: xv2: 1575912459: 385fdd80e2f525323bc3069d3f84f241b3a25ddccdc83553bc1d8d748fca910e

3. Request Body:

{

   "channelSecurityContext":{

      "channelInfo":{

         "encryptionScheme":"RSA_PKI"

      },

      "deviceCerts":[

         {

            "certFormat":"X509",

            "certUsage":"CONFIDENTIALITY",

            "certValue":""

         },

         {

            "certFormat":"X509",

            "certUsage":"INTEGRITY",

            "certValue":""

         },

         {

            "certFormat":"X509",

            "certUsage":"DEVICE_ROOT",

            "certValue":"..."

         }

      ],

      "vtsCerts":[

         {

            "certUsage":"CONFIDENTIALITY",

            "vCertificateID":"f1606e98"

         },

         {

            "certUsage":"INTEGRITY",

            "vCertificateID":"bf617210"

         }

      ]

   },

   "locale":"en_US",

   "clientDeviceID":"deviceID1468874324",

   "passcode":{

      "type":"OTP",

      "value":"134578"

   },

   "clientWalletAccountID":"clientID1468874324",

   "panSource":"ONFILE",

   "platformType":"iOS",

   "encPaymentInstrument":"...",

   "clientAppID":"fitpay",

   "consumerEntryMode":"KEYENTERED"

}

API_Products
Visa Developer Support Specialist

Re: Testing sandbox from post,man

Hey @fsimon,

 

To follow up, Visa Token Services (VTS) is a restricted product. You (the merchant) will need to work with your Technical Account Manager to have your issue resolved. Or you can also send an email to developer@visa.com and someone will connect you to the Visa Token Service expert team to have your request reviewed.

 




Thanks,

Diana



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

API_Products
Visa Developer Support Specialist

Re: Testing sandbox from post,man

Hey @fsimon,

 

To follow up, we did not find an account associated to the apikey that you have provided to us in the forum, therefore, we will not be able to advise anything at this time. Please note that, "Token Validation Failed" error is something that arises when forming the timestamp + resourcepath + querystring+requestbody is incorrect.

forming timestamp etc.png

 

x-pay-token: xv2: + UTC_Timestamp + : + HMAC-SHA256_hash(shared_secret, (UTC_Timestamp + resource_path + query_string + request_body))

 




Thanks,

Diana



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

vathanoo
Regular Visitor

Re: Testing sandbox from post,man

Here is a sample Pre-request script for you to create x-pay-token in Postman.

 

var apiKey="Your apiKey";

var secretKey = "Your Shared Secret";

var URI= "vts/panenrollments";

var QS="apiKey="+apiKey;

var timeInSeconds = parseInt((new Date()).getTime() / 1000);

console.log("timeInSeconds " + timeInSeconds);

var request=JSON.parse(JSON.stringify(request.data));

var beforeHash = timeInSeconds + URI + QS+request

var hash = CryptoJS.HmacSHA256(beforeHash, secretKey);

var hashInBase64 = CryptoJS.enc.Hex.stringify(hash);

hashInBase64="xv2:" + timeInSeconds + ":" + hashInBase64;

postman.setGlobalVariable("xpayToken", hashInBase64);

 

Please let me know if this works for you.

API_Products
Visa Developer Support Specialist

Re: Testing sandbox from post,man

Hey @vathanoo,

 

Thanks for providing this pre-request script to create x-pay-token in Postman. 🙂

 

 




Thanks,

Diana



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.