I have the xpay-token generated from a java program. However, get the below when trying to hit the sandbox from postmanhttps://sandbox.api.visa.com/vts/panEnrollments?apikey=the apiKey from dashboard
Content-type: application/json
Accept: application/json
X-PAY-TOKEN: token generate from java code
Hey @fsimon,
I'm happy to help you resolve the issue! To continue, please provide the following information:
1. Endpoint
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body
Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.
I am using postman not soap
1. Endpoint: https://sandbox.api.visa.com/vts/panEnrollments?apikey=JNW93DZXG8F09UXIT7UJ21nrxMlZGk0yJqL4V2RRgx9Ah.... Request Header
Content-type: application/json
Accept: application/json
X-PAY-TOKEN: xv2: 1575912459: 385fdd80e2f525323bc3069d3f84f241b3a25ddccdc83553bc1d8d748fca910e
3. Request Body:
{
"channelSecurityContext":{
"channelInfo":{
"encryptionScheme":"RSA_PKI"
},
"deviceCerts":[
{
"certFormat":"X509",
"certUsage":"CONFIDENTIALITY",
"certValue":""
},
{
"certFormat":"X509",
"certUsage":"INTEGRITY",
"certValue":""
},
{
"certFormat":"X509",
"certUsage":"DEVICE_ROOT",
"certValue":"..."
}
],
"vtsCerts":[
{
"certUsage":"CONFIDENTIALITY",
"vCertificateID":"f1606e98"
},
{
"certUsage":"INTEGRITY",
"vCertificateID":"bf617210"
}
]
},
"locale":"en_US",
"clientDeviceID":"deviceID1468874324",
"passcode":{
"type":"OTP",
"value":"134578"
},
"clientWalletAccountID":"clientID1468874324",
"panSource":"ONFILE",
"platformType":"iOS",
"encPaymentInstrument":"...",
"clientAppID":"fitpay",
"consumerEntryMode":"KEYENTERED"
}
Hey @fsimon,
To follow up, Visa Token Services (VTS) is a restricted product. You (the merchant) will need to work with your Technical Account Manager to have your issue resolved. Or you can also send an email to developer@visa.com and someone will connect you to the Visa Token Service expert team to have your request reviewed.
Hey @fsimon,
To follow up, we did not find an account associated to the apikey that you have provided to us in the forum, therefore, we will not be able to advise anything at this time. Please note that, "Token Validation Failed" error is something that arises when forming the timestamp + resourcepath + querystring+requestbody is incorrect.
x-pay-token: xv2: + UTC_Timestamp + : + HMAC-SHA256_hash(shared_secret, (UTC_Timestamp + resource_path + query_string + request_body))
Here is a sample Pre-request script for you to create x-pay-token in Postman.
var apiKey="Your apiKey";
var secretKey = "Your Shared Secret";
var URI= "vts/panenrollments";
var QS="apiKey="+apiKey;
var timeInSeconds = parseInt((new Date()).getTime() / 1000);
console.log("timeInSeconds " + timeInSeconds);
var request=JSON.parse(JSON.stringify(request.data));
var beforeHash = timeInSeconds + URI + QS+request
var hash = CryptoJS.HmacSHA256(beforeHash, secretKey);
var hashInBase64 = CryptoJS.enc.Hex.stringify(hash);
hashInBase64="xv2:" + timeInSeconds + ":" + hashInBase64;
postman.setGlobalVariable("xpayToken", hashInBase64);
Please let me know if this works for you.
Hey @vathanoo,
Thanks for providing this pre-request script to create x-pay-token in Postman. 🙂