The below is groovy script
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import groovy.json.JsonOutput
def hmac(String secretKey, String data) {
Mac mac = Mac.getInstance("HmacSHA256")
SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getBytes(), "HmacSHA256")
mac.init(secretKeySpec)
byte[] digest = mac.doFinal(data.getBytes())
return digest
}
def APIKey = 'UDTEE5CUPLX6ZATVYVxxxxxxxxx-ef6J2CRKPj74vvxluo'
def sharedSecret = '/uw7HJN97vEW46wMQ+BaunfBJ@FJrfE+0u9rR6sr'
def URI = "/installments/v2/clients"
def QS = "apiKey="+APIKey
def timeStampUTC = String.valueOf(System.currentTimeMillis().intdiv(1000L))
def payload = '{' +
'"partnerMerchantReferenceID": "fbf114e6-8536-d537-69f0-1e18fb88b634",' +
'"city": "San Francisco",' +
'"address2": "2nd Block",' +
'"address1": "1 Main Street",' +
'"postalCode": 94301,' +
'"primaryContactLastName": "Smith",' +
'"primaryContactFirstName": "John",' +
'"primaryLegalName": "My Merchant",' +
'"stateProvinceCode": "CA",' +
'"phone": "4155551212",' +
'"countryCode": "US",' +
'"primaryWebsiteURL": "http:\\/\\/www.myMerchant.com",' +
'"primaryTradeName": "MyMerchant.com",' +
'"primaryContactEmail": "jsmith@mymerchant888.com"' +
'}'
def HMACDigest = hmac(sharedSecret, timeStampUTC + URI + QS + payload)
log.info(timeStampUTC + URI + QS + payload)
log.info(HMACDigest)
def encodedDigest = HMACDigest.encodeHex().toString()
log.info(encodedDigest)
def XPayToken = "xv2:"+ timeStampUTC + ":" + encodedDigest
testRunner.testCase.setPropertyValue("xpayToken", XPayToken)
log.info(XPayToken)
This is body
{"partnerMerchantReferenceID":"fbf114e6-8536-d537-69f0-1e18fb88b634","city":"San Francisco","address2":"2nd Block","address1":"1 Main Street","postalCode":94301,"primaryContactLastName":"Smith","primaryContactFirstName":"John","primaryLegalName":"My Merchant","stateProvinceCode":"CA","phone":"4155551212","countryCode":"US","primaryWebsiteURL":"http://www.myMerchant.com","primaryTradeName":"MyMerchant.com","primaryContactEmail":"jsmith@mymerchant888.com"}
Below is logs from soapUI
Tue Apr 30 12:24:29 GST 2024:INFO:1714465469/installments/v2/clientsapiKey=UDTEE5CUPLX6ZAxxxxxxbvZ5Ca-ef6J2CRKPj74vvxluo{"partnerMerchantReferenceID": "fbf114e6-8536-d537-69f0-1e18fb88b634","city": "San Francisco","address2": "2nd Block","address1": "1 Main Street","postalCode": 94301,"primaryContactLastName": "Smith","primaryContactFirstName": "John","primaryLegalName": "My Merchant","stateProvinceCode": "CA","phone": "4155551212","countryCode": "US","primaryWebsiteURL": "http:\/\/www.myMerchant.com","primaryTradeName": "MyMerchant.com","primaryContactEmail": "jsmith@mymerchant888.com"}
Tue Apr 30 12:24:29 GST 2024:INFO:[B@3c2d239c
Tue Apr 30 12:24:29 GST 2024:INFO:7fee6e49e037fca30ccfcfca6c835fad7e206cbe43d0cbeed8204b580c12773d
Tue Apr 30 12:24:29 GST 2024:INFO:xv2:1714465469:7fee6e49e037fca30ccfcfca6c835fad7e206cbe43d0cbeed8204b580c12773d
Tue Apr 30 12:23:57 GST 2024: DEBUG: http-outgoing >>
POST /installments/v2/clients?apikey=UDTEE5xxxxxxxxxxxxxxKPj74vvxluo HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/json
x-pay-token: xv2:1714465424:735febb7d336012423d66940fb7fa4bc4ac7eb694dddfc6bd59d1447758c2d9e
Content-Length: 458
Host: sandbox.api.visa.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.5 (Java/16.0.2)
{"partnerMerchantReferenceID":"fbf114e6-8536-d537-69f0-1e18fb88b634","city":"San Francisco","address2":"2nd Block","address1":"1 Main Street","postalCode":94301,"primaryContactLastName":"Smith","primaryContactFirstName":"John","primaryLegalName":"My Merchant","stateProvinceCode":"CA","phone":"4155551212","countryCode":"US","primaryWebsiteURL":"http://www.myMerchant.com","primaryTradeName":"MyMerchant.com","primaryContactEmail":"jsmith@mymerchant888.com"}
Tue Apr 30 12:23:57 GST 2024: DEBUG: http-incoming <<
HTTP/1.1 401
Server: nginx
Date: Tue, 30 Apr 2024 08:23:57 GMT
Content-Type: application/json
Content-Length: 112
Connection: keep-alive
X-SERVED-BY: -776c6b4-6d2
X-CORRELATION-ID: 1714465437_578_1493591987_-776c6b4-6d2_VDP_WS
x-vdp-normalized-url: /installments/v2/clients
X-APP-STATUS: 401
x-vdp-authn-api-visa-id: IPS.102
X-ERROR-ORIGIN: 9100
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
{"responseStatus":{"status":401,"code":"9159","severity":"ERROR","message":"Token Validation Failed","info":""}}
I am working on client onboarding api in visa installment transaction service. and getting the error mentioned above. Please help
Hi @bijujoseph, Thank you for reaching out. An agent is looking into this and will get back to you soon. Until then, if any community member knows a solution, feel free to reply to this thread.
Hi @bijujoseph,
Please refer to the Visa Developer Error Codes page for cause/resolution. I've also included the cause/resolution below.
HTTP STATUS | HTTP CODE | CAUSE/RESOLUTION |
---|---|---|
UNAUTHORIZED | 401 |
Depending on the authentication/encryption mechanism being used, this could be due any of the following reasons. If you are unable to root-cause the same from the possible reasons below, please contact Visa Support at developer@visa.com with the details of the error message, and full http request, response details. Two-Way SSL (Mutual Authentication):
X-Pay Token:
JWE:
JWS:
This could be due to any of the following scenarios in Message Level Encryption (JWE):
General:
|