Code 9211 Token validation failed Error

aasddad81734

I am getting Token Validation Failed for below request

URL - https://sandbox.api.visa.com/v1/visaorch/enroll/notify?enable=vcpp
Request Headers-
{"Accept":"application/json","Content-type":"application/json","keyId":"57fcdc30-5956-4454-83e6-d17c26a5c88b"}
Request Body -
{"encData":"eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNzI2NDYyNTYxMTM5LCJraWQiOiJhY2E1OGFkMC1mMDg0LTRjYjYtODg0Zi1iNmE3ZDU1MjYyYTgifQ.cyo3B9IY-FU3ON4M88G7cMkEIspHeQvw94CoyvJ4OfdW1NX3WM5FldGEZre_NTjS5JpFA6w8G8oA6DQIbyd68Gd7xBOlbb_fiFAQaoQTlWxe3Hp5s3xf2RMftzIUE0v8ioBWZudYEWNrnXVMf3H0u56J2DFLi4zonTZtPzeh6RcNv8k2_nH22cwdFEXTDc7qEh3WZcSi8dFW6aD-n3VNQ68UJ3E0i1BafQpK6mdJaIZqrHl6CWTnQciKrA3uh1yGquAambTSGAH_Ow0u489ldQ9vu5CqB22vz-RT36aCSiAnKp0-mTLKSIzihAgxH8QohGZFMGEhMvkIP2nTtf9ykw.6VcjBzOG4OsAHJ-p.1L-8Kr7uzW7zmMj__w0Jk_Lcq8UpHJqwFoSRphrxRxcdjxoMw6ONogS6Gql9b1PVWUHQdck_9_QhY8haP1iqXL6Q0RAW-CN1WXRlu0Np-Km4DPxIfk5jKgeyPAI4jGStBOw032gHVWR6RzWTs9rfmgASDKJztl0hCcTnFBvVl_XUnDr4wCVuomLfLOoM-oIVeLSMU3r75zu5jLPRLnE26GPoNaRCaB1h25Xbx19WzZZxCIQ6Nk0nRYJRQ5Y46Q.tpd7Ym3cMKIP7XlX-kNTFA"}

Response. -
{"responseStatus":{"status":401,"code":"9211","severity":"ERROR","message":"Token validation failed","info":""}}
Response Headers-

"Cache-Control": {
"0": "no-cache, no-store, must-revalidate"
},
"Content-Length": {
"0": "112"
},
"Content-Security-Policy-Report-Only": {
"0": "default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;"
},
"Content-Type": {
"0": "application/json;charset=UTF-8"
},
"Date": {
"0": "Mon, 16 Sep 2024 04:56:02 GMT"
},
"Expires": {
"0": "-1"
},
"Pragma": {
"0": "no-cache"
},
"Server": {
"0": "nginx"
},
"Strict-Transport-Security": {
"0": "max-age=31536000;includeSubdomains"
},
"X-App-Status": {
"0": "401"
},
"X-Content-Security-Policy-Report-Only": {
"0": "default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;"
},
"X-Content-Type-Options": {
"0": "nosniff"
},
"X-Correlation-Id": {
"0": "1726462562_149_116111657_-6685d76f6-75d_VDP_WS"
},
"X-Error-Origin": {
"0": "9200"
},
"X-Frame-Options": {
"0": "SAMEORIGIN"
},
"X-Served-By": {
"0": "-6685d76f6-75d"
},
"X-Webkit-Csp-Report-Only": {
"0": "default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;"
},
"X-Xss-Protection": {
"0": "0"
}

I am using below for encryption of data -

"headers": {
  "alg": "RSA-OAEP-256",
  "enc": "A128GCM",
  "kid": "57fcdc30-5956-4454-83e6-d17c26a5c88b",
  "iat": "1694612765"
}

jenn_kh

Hi aasddad81734, An agent will look into this and get back to you as soon as possible. Until then, if any community member knows a solution, feel free to reply to this thread.

API_Products

Hey @aasddad81734,

Please refer to the Visa Developer Error Codes page for cause/resolution here: https://developer.visa.com/pages/visa-developer-error-codes

The error message "Token validation failed" typically indicates that there is an issue with the token being used for authentication. Here are a few steps to troubleshoot and resolve this issue:

1. Check the Key ID (`keyId`): Ensure that the `keyId` in the request headers matches the one used for encryption.

2. Check the Encryption Headers: Ensure that the `alg`, `enc`, `kid`, and `iat` headers used for encryption are correct and properly formatted.

3. Check the Token Expiry: Ensure that the token has not expired. The `iat` (issued at) claim should be in the correct format (Unix timestamp) and within the acceptable time range.

4. Verify the Token Structure: Ensure that the token is correctly formatted and split into three parts (Header, Payload, Signature).

5. Test with a Valid Token: Generate a new token and test the request again.

Here's a sample code snippet that might help you generate and validate the token:

```javascript
// START

const jwt = require('jsonwebtoken');
const fs = require('fs');
const privateKey = fs.readFileSync('path/to/private/key.pem', 'utf8');

const payload = {
iat: Math.floor(Date.now() / 1000),
// other claims
};

const options = {
algorithm: 'RS256',
keyid: '57fcdc30-5956-4454-83e6-d17c26a5c88b'
};

const token = jwt.sign(payload, privateKey, options);

console.log(token);

// END
```

Ensure you use the correct private key to sign the token and the corresponding public key for verification on the server side.

If the issue persists, consult Visa's API documentation or support for specific requirements related to token generation and validation.