Hi,
I am able to complete the two way-ssl authentication for the hello world API.
However when trying out the refund API(https://sandbox.api.visa.com/acs/v1/payments/refunds), I am getting the following error:
{"responseStatus": {
"status": 401,
"code": "9210",
"severity": "ERROR",
"message": "Token validation failed",
"info": ""
}}
I am encrypting the body with the server_encryption public key, downloaded from the key tab.
Request
POST <a href="https://sandbox.api.visa.com/acs/v1/payments/refunds" target="_blank">https://sandbox.api.visa.com/acs/v1/payments/refunds</a> HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/json
Authorization: Basic RFdJTENLOTFCRTU3SFFKWTQ3TUoyMURvZDJYQXJKUk9ESHJXQ1lvQ0ZlY3VEUnZPczpjNHBBNDJndWxuQkhqZ3R3NENrOFhFMW9OMHY=
Accept: application/json
keyId: 8121367b-cf74-410a-9325-ae979d778dd8
Content-Length: 911
Host: sandbox.api.visa.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
{"encData":"eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNTYzMTY4MjcyMTU0LCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiI3MzdjYjE2Ni00ZWQ1LTRhMzktODljMy1lZDY0NDM1NDc4YWMifQ.fUbu4rH4Z8bfqkXJelxB3h-1gsHZpCouhMzMqnNT9UxUMQK9416tPh7_AN6UlPB0ElW5WBIUPoWXPEy33mqrJJWJVlL9JVoSpHxey03-T8swq3EsPpYeWVIVzjdJCXsm0nmvz6Sxjk1Gpl98UAcZWCji1Id_0twEgn-SdRFO_odkVAyNP2sa8cjOIXoiTUCwSEW7CDvkSE3tYgokYCtIbwW7EqAxBJ8WFaa792WFoDRg0Ww07BcM1xk2F-Iauq4ezSsbnvB6Mfs1qAz6j8oDLBwCGzzBUZYSsa7jMA7_xsfZLMhdWTIa9PwmirwVmXkQfVambDD1C_e64zKz5C5RsQ.jVA3jZBy3sjOjJar.4xXsS7WoMjB5IBbN7cT5pk7VqL1IEsfRGpoMf2ixNGKU2wKueiCVBuKQ33ABO1rHKYz4WhT3RBQJ0T9_sJydfFdjj2WxhIjFNm6HgF_qwhPepY1uvmsBtOWUbtVj8cS_H2zCJ3aLi-CPwXhXB_GJqVBKGridUkK006XAlXzzJujYbTHq2PahqsME5kA0-kjgJu2mUgYc3ZR-hahoPS8jfU0oFtO0U54x9CNLMPfH-0Yr2A270_JU3L5LxXrCZUl9DUcM_KjflOyDwnov0xR4PFWiYOz1wzs3xbiCZ0o8cRcdbQQ7zi8yKhdJCd-wQdAh2UboMviObUiZYCt-mR6oFpoKL0IeeKJcEf3bOMmYKzchXfsXZ8myr0o.7vY6URXhzdte1Gzo-3bX5Q"}
Please help me resolve this issue.
Solved! Go to Solution
Hey @kranti-rzp,
To further investigate, please provide the following information:
1. End Point
2. Request Header
3. Request Body
4. Response Header (include the x-correlation-id)
5. Response Body
Using SoapUI, you can find the x-correlation-id in the Raw Tab of the response header.
Hey Diana,
I am facing the issue across APIs in VPP.
The end points being:
https://sandbox.api.visa.com/acs/v1/authorizations
https://sandbox.api.visa.com/acs/v1/payments/refunds
For the Authorization API, the curl request is:
curl -X POST \
https://sandbox.api.visa.com/acs/v1/payments/authorizations \
-H 'Accept: application/json' \
-H 'Authorization: Basic NVIwVjEzQlExRUkwWVFRWE5KQ0IyMUN3eUhjU0g4MmJmUktneHROZTZVRkhGLXV0ODowcGtMc3VrQXdY' \
-H 'Cache-Control: no-cache' \
-H 'Connection: keep-alive' \
-H 'Content-Type: application/json' \
-H 'Host: sandbox.api.visa.com' \
-H 'Postman-Token: 72b3907b-2663-4bc6-be31-6e289bbb72f1,c37de1f1-1a46-4e3e-82cb-792c361f98a3' \
-H 'User-Agent: PostmanRuntime/7.15.0' \
-H 'accept-encoding: gzip, deflate' \
-H 'cache-control: no-cache' \
-H 'content-length: 1064' \
-H 'keyId: bdee29f0-32e9-44f7-a36d-a3308a6cb0ca' \
-d '{"encData":"eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNTYzMTg0MjIxMTY2LCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiJiZGVlMjlmMC0zMmU5LTQ0ZjctYTM2ZC1hMzMwOGE2Y2IwY2EifQ.uDW_8vKqHm7lFuZw-o-FG6zJ5rh4E0UzFyLXZXUn3MG4tmGTRlcKEb0DtScQY9xdVHyR5U9y1eJT0Z8hTf7i5GhD9P98iwt0K5QfyOZhK_Ghd-OhKCbH26vYhT52hAPZqwer9KpsjCqRqkYC950BqHvoDIpkkZJpyBu0nU_shjJ-x3wuI9KcsFUtLMb4JxcJAgkTay4hsvLoNqVCb8ybcqVFGsrZWnQEujR-CVSGG4Idpk-0NZDv4c_9GkiFNKQOeEHWu5Yx4O_ZVuw3MXkIFb8_RDvSPbv9JWgSBrg32HQIsTrQfGPy6UyEC7ub3T_-aJTogsPfzEQ7s7cq4MjCSQ.gxC3qNqWZA3-41BJ.HDQfIpYHAWZbHG-dN8HhubOtUYN8OnOYSQgevsroiyW6BSVxLabgxBFSNGWug-ttN-4ZJSM28jgEbn_DKgAbyIPsm0Ydfde4Rkx11dLksB5r0La_SPLd1DlXcmqgZxjZoEwHoPVNwV-y_A-7mHtbWReVNfi8-TGkK4okec4K7XghWp2PPHMz66UcafH8mVcaRvCv6Q-Fr9PcTK6F44yepMmm71UDoGlRYAUHQVE8hpytaQOiY0yZu1xWe0waY4UgXS7WPRVC121EJJQbPUc6mmaxSeR4gtlzAY5vIER8EvRNFMxhNiOC_E-oc-4ATZ2P5H8DZj46_HTxBtuuQLNlFsRla3rTxbh9ltbO3crBY--OtCLC3YY94O78A5EMeB-VQ4_x0fJs_T2t9E32LNGSxuQPmF9T6S3qcmmajWEpw77f4wNrkbCBz0LyLUtMIV9kfA0w8b6usRGiEC0Q_toqR0m1feYkivZClDAnZIWAlSVHuD_ZAB34CPNhaTatjfxGPsXnA2zlbzfbR8VJ.7Y52x8jzlR_yAXXYH0fiNQ"}'
Tried this in Postman, and have also added the certificates. Two way SSL handshake is successful, have been able to get response in the Hello World application.
However, the encrypted data seems to have some issue.
Hi Diana,
I tried it over SoapUI.
X-CORRELATION-ID: 1563254410_042_96_l73c033_VDP_ARM
Response body:
{"responseStatus": {
"status": 401,
"code": "9210",
"severity": "ERROR",
"message": "Token validation failed",
"info": ""
}}
Hey @kranti-rzp,
Thanks for letting us know how you resolved the issue and thanks for confirming that we can close this issue out as resolved! It's great to hear your making progress and of your successful test results!
Hi,
I'm getting the same issue, here is my raw request, can you please check and identify what am I doing wrong.
POST https://sandbox.api.visa.com/visadirect/mvisa/v1/merchantpushpayments HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/json
Authorization: Basic Uzg5S0NXMUFBQzlOWkxHWFpBQlYyMS1wdXdod01IMGs4UVNOeWR5ZXVueWlzOTdDczp4SVpBeFBBc25taWZjMjU1MnVPV3cyQUdXMWlyQWM5
Accept: application/json,application/octet-stream
X-CORRELATION-ID: 09465302022020_042_96_l73c033_VDP_ARM
keyId: 9decd3b4-7b48-47a3-8433-74d1f5484a06
Content-Length: 1570
Host: sandbox.api.visa.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
{"encData":"eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNTgzMTY4MDYwNzU1LCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiI5ZGVjZDNiNC03YjQ4LTQ3YTMtODQzMy03NGQxZjU0ODRhMDYifQ.eKIRaQUZ98qIdT69Bx79bKvRMI3nOYzF5yx3acHawANxCWLgEIAYY_F5K6bENL2Or_O8F3QcvFmDJP3UuO2DokCtZ6H4XMnYHAyObC54d45d0o94JK_lMh851KrLC0-m9KFo56a5rqS7IwDupfKf7w1vn5uEQeIeEet6Kv18rG8jT1vZdbv5sDJP2yA9O2w8L4f0p8188RtrgiO5zXNJ3gW0F1kmFjwPm_y4Hl8zYUwZ0muATMJ7ATjkJoCLJdTIVqOxdpVQ2yhL_dl7kWtd9-4VLFTpEFyVPehQwH5EdhCxcB3eX2qCi_cMuhDsWyKoVh2ClCViGefeSBzJ1URuWg.-XBEKSsUL2uN3KkQ.yuoOPPeFJIqAq1UxpazwkJndQgzlG_-okWP56JFjI4CEClzgL4fF1PfTUweLyx1145Yx1S2bSVnkZFjXPZ_OCqtHo0EHVq9AWZdA30oxr-VozzgeenO6bDHFIX4R64Yging9_RiF954CPsr_41VzVpJWGKY5RrCOPlDjZHxHbi1UosPEGfFHrt3rqlOp9Q_Xzy9f5Zn4im19cA84-SmazOmIIxpOvRVKv283NotmLcl1NYG3kYy_lY_RgRCk4Mgca-aUv8vbWctBPlJyPPA_S_9doLY2nSCyYtike_UJYFPbRXKkk8V3-nKxLxpgtvN8AU09fHrR7lEn8lvLDXzKi5_cW_QHHwN4jmFuIdbPIQXJbECDlYorgBFVaP5m88MVNc1Bxlhdou7Mrj18IgmP67aHXQhFdgLQsk4D20M4k9R-T5CQcrQyFK88-3fGv8RdVGI408DXUWeEi5rBEyK4JhpZA8wz4Y1e687LFJ0RNrZqGCNX9JdLIQW7HurDMsT-hOxg3qd981SjgjicEWP-kDtFTS_RI1DIAW6IEAoXqcCTq3s8bhkhCk42WcTLoLXY1opId1Q18aCOZdYnYH1RT9XLX5Wj6VAJxZzbBBcaYPkiI1CwZLbcsgoZpLUJ93COpfsjva29lQCi6Qy_lMSC8SM0dq20GWAJE0lZWBMt0x4TqcH7n5iWEAWpbDVUPa7eTNMwptzXI2RkQbIOe9osFagAd0TDWk4dt2NrzDbLdSc_o4GRqYXCUnDxpx6SrLgA-YuYqKp7O9Fzq1PcKhmcTrz980v9VQVXDYuvSUoONalUxGuvOLwvm0Y5Busb6GNOQW_49AirfoejolEudHQlOniGGPWr0zZLqHQeD9FgKApzxGa7YXfCRoccN5BB2ZnLcwAse3QgL6GnR-fnTv-8VaA8Ypg06u9LIRfuU5H8d2xbcywAYPu4UwzXmCZXTuzVyaHVjOhYE5l4kK0sJUuhn82ruNS3S8xJa0woZs-F3rwe6CZyMCXsvRN4L7JVOnV1mE8QWLH5SQ.I99-isaatt077d2OCikj_w"}
Response:
HTTP/1.1 401 Unauthorized
Server: nginx
Content-Type: application/json;charset=UTF-8
Content-Length: 112
X-SERVED-BY: l73c013
X-CORRELATION-ID: 1583081270_627_748839424_l73c013_VDP_WS
X-APP-STATUS: 401
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2592000;includeSubdomains
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Date: Sun, 01 Mar 2020 16:47:50 GMT
Connection: close
{"responseStatus":{"status":401,"code":"9210","severity":"ERROR","message":"Token validation failed","info":""}}
Hey @Anees,
I'm happy to help you resolve the issue. Can you please let us know if you're using VDC Playground for your sandbox testing? We recommend you to use VDC Playground to test.
We recommend you to use the VDC Playground tool for your testing. Can you please download this tool from your project dashboard > Assets section and test from there?
You can find the guide on Getting Started with VDC Playground from this blog post here - https://developer.visa.com/pages/visa-developer-center-playground
I also just ran a sandbox test and I was able to get a successful 200 OK test result. Please see my request/response payloads below and refer too the screenshot.
Request
{
"amount": "124.05",
"localTransactionDateTime": "2020-03-02T19:17:54",
"secondaryId": "123TEST",
"recipientPrimaryAccountNumber": "4123640062698797",
"cardAcceptor": {
"address": {
"country": "IN",
"city": "KOLKATA"
},
"idCode": "CA-IDCode-77765",
"name": "Visa Inc. USA-Foster City"
},
"senderReference": "",
"acquirerCountryCode": "356",
"acquiringBin": "408972",
"retrievalReferenceNumber": "412770451035",
"purchaseIdentifier": {
"referenceNumber": "REF_123456789123456789123",
"type": "0"
},
"systemsTraceAuditNumber": "451035",
"senderName": "Jasper",
"businessApplicationId": "MP",
"settlementServiceIndicator": "9",
"merchantCategoryCode": "5812",
"transactionCurrencyCode": "356",
"senderAccountNumber": "4027290077881587"
}
Response
{
"transmissionDateTime": "2020-03-02T19:18:22.000Z",
"approvalCode": "21324K",
"settlementFlags": {
"settlementServiceFlag": "9",
"givUpdatedFlag": "false",
"settlementResponsibilityFlag": "true",
"givPreviouslyUpdatedFlag": "true"
},
"merchantCategoryCode": 5812,
"transactionIdentifier": 100690038274993,
"cardAcceptor": {
"address": {
"country": "IN",
"city": "mVisa City"
},
"idCode": "MvisaMerchant-1",
"name": "mVisa Merchant",
"terminalId": "MER-ID00"
},
"actionCode": "00",
"retrievalReferenceNumber": "412770451035",
"purchaseIdentifier": {
"referenceNumber": "REF_123456789123456789123",
"type": "0"
},
"merchantVerificationValue": "0A45AF98FC",
"responseCode": "5"
}
Response Header
Status Code: 200 OK
Server : nginx
Content-Type : application/json;charset=UTF-8
Content-Length : 627
X-SERVED-BY : l73c013
X-CORRELATION-ID : 1583176702_158_943378539_l73c013_VDP_WS
X-APP-STATUS : 200
X-APP-STATUS : 200
X-Backside-Transport : OK OK,OK OK
X-Global-Transaction-ID : 69536f0d5e5d5bfe26c190e5
X-Frame-Options : SAMEORIGIN
X-XSS-Protection : 1; mode=block
X-Content-Type-Options : nosniff
Strict-Transport-Security : max-age=2592000;includeSubdomains
Cache-Control : no-cache, no-store, must-revalidate
Pragma : no-cache
Expires : -1
Content-Language : en-US
Date : Mon, 02 Mar 2020 19:18:22 GMT
Connection : keep-alive
Hi Diana,
Actually I'm implementing Message Level Encryption and got this {"responseStatus":{"status":401,"code":"9210","severity":"ERROR","message":"Token validation failed","info":""}} when call the service . I encrypt the json message using java and then put the encrypted message in soap ui .
POST https://sandbox.api.visa.com/visadirect/mvisa/v1/merchantpushpayments HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/json
Authorization: Basic Uzg5S0NXMUFBQzlOWkxHWFpBQlYyMS1wdXdod01IMGs4UVNOeWR5ZXVueWlzOTdDczp4SVpBeFBBc25taWZjMjU1MnVPV3cyQUdXMWlyQWM5
Accept: application/json,application/octet-stream
X-CORRELATION-ID: 09465302022020_042_96_l73c033_VDP_ARM
keyId: 9decd3b4-7b48-47a3-8433-74d1f5484a06
Content-Length: 1570
Host: sandbox.api.visa.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
{"encData":"eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoxNTgzMTY4MDYwNzU1LCJhbGciOiJSU0EtT0FFUC0yNTYiLCJraWQiOiI5ZGVjZDNiNC03YjQ4LTQ3YTMtODQzMy03NGQxZjU0ODRhMDYifQ.eKIRaQUZ98qIdT69Bx79bKvRMI3nOYzF5yx3acHawANxCWLgEIAYY_F5K6bENL2Or_O8F3QcvFmDJP3UuO2DokCtZ6H4XMnYHAyObC54d45d0o94JK_lMh851KrLC0-m9KFo56a5rqS7IwDupfKf7w1vn5uEQeIeEet6Kv18rG8jT1vZdbv5sDJP2yA9O2w8L4f0p8188RtrgiO5zXNJ3gW0F1kmFjwPm_y4Hl8zYUwZ0muATMJ7ATjkJoCLJdTIVqOxdpVQ2yhL_dl7kWtd9-4VLFTpEFyVPehQwH5EdhCxcB3eX2qCi_cMuhDsWyKoVh2ClCViGefeSBzJ1URuWg.-XBEKSsUL2uN3KkQ.yuoOPPeFJIqAq1UxpazwkJndQgzlG_-okWP56JFjI4CEClzgL4fF1PfTUweLyx1145Yx1S2bSVnkZFjXPZ_OCqtHo0EHVq9AWZdA30oxr-VozzgeenO6bDHFIX4R64Yging9_RiF954CPsr_41VzVpJWGKY5RrCOPlDjZHxHbi1UosPEGfFHrt3rqlOp9Q_Xzy9f5Zn4im19cA84-SmazOmIIxpOvRVKv283NotmLcl1NYG3kYy_lY_RgRCk4Mgca-aUv8vbWctBPlJyPPA_S_9doLY2nSCyYtike_UJYFPbRXKkk8V3-nKxLxpgtvN8AU09fHrR7lEn8lvLDXzKi5_cW_QHHwN4jmFuIdbPIQXJbECDlYorgBFVaP5m88MVNc1Bxlhdou7Mrj18IgmP67aHXQhFdgLQsk4D20M4k9R-T5CQcrQyFK88-3fGv8RdVGI408DXUWeEi5rBEyK4JhpZA8wz4Y1e687LFJ0RNrZqGCNX9JdLIQW7HurDMsT-hOxg3qd981SjgjicEWP-kDtFTS_RI1DIAW6IEAoXqcCTq3s8bhkhCk42WcTLoLXY1opId1Q18aCOZdYnYH1RT9XLX5Wj6VAJxZzbBBcaYPkiI1CwZLbcsgoZpLUJ93COpfsjva29lQCi6Qy_lMSC8SM0dq20GWAJE0lZWBMt0x4TqcH7n5iWEAWpbDVUPa7eTNMwptzXI2RkQbIOe9osFagAd0TDWk4dt2NrzDbLdSc_o4GRqYXCUnDxpx6SrLgA-YuYqKp7O9Fzq1PcKhmcTrz980v9VQVXDYuvSUoONalUxGuvOLwvm0Y5Busb6GNOQW_49AirfoejolEudHQlOniGGPWr0zZLqHQeD9FgKApzxGa7YXfCRoccN5BB2ZnLcwAse3QgL6GnR-fnTv-8VaA8Ypg06u9LIRfuU5H8d2xbcywAYPu4UwzXmCZXTuzVyaHVjOhYE5l4kK0sJUuhn82ruNS3S8xJa0woZs-F3rwe6CZyMCXsvRN4L7JVOnV1mE8QWLH5SQ.I99-isaatt077d2OCikj_w"}
Response:
HTTP/1.1 401 Unauthorized
Server: nginx
Content-Type: application/json;charset=UTF-8
Content-Length: 112
X-SERVED-BY: l73c013
X-CORRELATION-ID: 1583081270_627_748839424_l73c013_VDP_WS
X-APP-STATUS: 401
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2592000;includeSubdomains
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Date: Sun, 01 Mar 2020 16:47:50 GMT
Connection: close
{"responseStatus":{"status":401,"code":"9210","severity":"ERROR","message":"Token validation failed","info":""}}
Hey @Aneesce,
Are you using test data? When you create a test App in our sandbox you will receive test data in your App. The test data for your Visa Developer application is available in the Dashboard under test data in the left navigation, this will ensure that you are using valid data that has been provisioned for specific scenarios. You will basically have a table per API that is split into the Request and Response sections and the values on the Request section are meant to be populated in the payload with the intention of obtaining results specified in the Response section.
Sandbox data is limited to what is provided in the Test Data tables and is not integrated to the Visa Network and you cannot test real data in sandbox.
Please use the same request payload that gave a successful result, which I had provided to you, and use your project app's test data. Please share your results with us and let us know if the issue is resolved.