Hi @JavierSivack,

Please reference the MLE resources below:

https://developer.visa.com/pages/encryption_guide 

https://community.developer.visa.com/t5/Message-Level-Encryption/How-to-run-MLE-Sample-Code-Project/...

Some key points to check:

1. Add the keyId as an additional HTTP header

2. For Encryption, use the server encryption certificate

3. For Decryption, use the certificate private key 

You can also download MLE sample code for various languages. The download package is available from "General Assets" at the bottom of your project dashboard page.

Hope this helps, please let me know if you have other questions.

Hi Stacy,

It really does not help, I'm doing almost the same like all of the examples and docs, the only difference is that I'm using x-pay-token.

So I don't know how to follow with this...

Hi @JavierSivack,

Can you please share some more information about the error?

1. Request header

2. Request body

3. Response header with x-correlation ID

4. Pre-request script from Postman for the encryption

Thanks!

Hi Stacy, 

Here is postman console for the post

POST https://sandbox.api.visa.com/vctc/customerrules/v1/consumertransactioncontrols?apiKey=
401
180 ms
POST /vctc/customerrules/v1/consumertransactioncontrols?apiKey= HTTP/1.1
x-pay-token: xv2:1630107728:3a85a1b1c19b043cd07669bc28fb952f1f91aeffc50ee0e7c92bb5962c70a2d3
Accept: application/json
keyId: 
Content-Type: application/json
User-Agent: PostmanRuntime/7.28.4
Postman-Token: 0f8715f2-2814-4b5e-86bc-b1b67385cd89
Host: sandbox.api.visa.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 599
 
{"encData": "eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoiMTYzMDEwNDA3MDI0OCIsImFsZyI6IlJTQS1PQUVQLTI1NiIsImtpZCI6ImRiZDJiNWI2LWQ1MzAtNDk2NC1iZTRmLWU3MTUyYjFmMmI2ZSJ9.iXHW3RRqHCA9MlJZaaR3TIPrMCFtqmHy2hiaGjaw6zZGffXmqhUE2ieVolODPYlwoyyHRmiewS037ecKY49VdTZYfFxOJzB_M4zjEO_-KRyRt77wtwa_DdympVgZBDTrGUTwGVVita31MRXVxkkyj7CZpeq6v_Kc9UsGCeYL3udRLBfj-eFuNGeB6APvIf-IRlgoZhpP8If8b4u422ZEbmFO-XKupfOxSbBdg6de_TuYHo2ya4L8312cKgkxR_OEYTCwSSLXgnw5qGeV_618xMN3M_tricEI_NpERV85a_io8D26gdW7N8iW1j5-1cZ0pFR9thpUN2Y1q0c-qcYNZA.q8iPmKGnV9ykSTzS.4dng10CzuXjb3BQGL5C0VEM6c--vImdA69tg6_ZB23_pLybhGZ0uhBkmCC0.DMoyRaJ6Y8iNZIOq3ivStg"}
 
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Fri, 27 Aug 2021 23:42:09 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 112
Connection: keep-alive
X-SERVED-BY: l73c014
X-CORRELATION-ID: 1630107729_355_984436793_l73c014_VDP_WS
X-APP-STATUS: 401
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2592000;includeSubdomains
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
 
{"responseStatus":{"status":401,"code":"9212","severity":"ERROR","message":"Token validation failed","info":""}}

And pre request script:

var resourcePath = 'customerrules/v1/consumertransactioncontrols';
var queryParams = 'apiKey=';
var sharedSecret = '';
var postBody = pm.request.body.toString();

var timestamp = Math.floor(Date.now() / 1000);  
var preHashString = timestamp + resourcePath + queryParams + postBody;  
var hashString = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA256(preHashString, sharedSecret));
var xPayToken = 'xv2:' + timestamp + ':' + hashString;

postman.setEnvironmentVariable('x-pay-token', xPayToken);

Thanks in advance.

Javier Sivack

Hi @JavierSivack,

Can you please confirm that you have keyId in the Postman header and its value is set to the Key-ID value from your Project's Encryption/Decryption section?

Hi Stacy.

Yes I confirm it is there. You can see on my first message, I just had deleted the key to not post it here.

Hi Stacy.

Thanks, that with that, it start working on Postman with the the mle generated in my Java code!

So now, I have to get it working on Java code 😉 

Thank you!