Hi @manish_shahani,
Please refer to the Visa Developer Error Codes page.
AuthN Error Codes
HTTP STATUS |
HTTP CODE |
CAUSE/RESOLUTION |
UNAUTHORIZED |
401 |
Depending on the authentication/encryption mechanism being used, this could be due any of the following reasons. If you are unable to root-cause the same from the possible reasons below, please contact Visa Support at developer@visa.com with the details of the error message, and full http request, response details.
Two-Way SSL (Mutual Authentication):
- Authorization Header missing in the request.
- Authorization Header in invalid format. It either does not start with 'Basic' or the userId or password fields are blank.
- UserId or Password or Subject DN on the certificate is invalid.
- You could be presenting a wrong client certificate for that environment.
X-Pay Token:
- x-pay-token is blank or not in valid format.
- Timestamp field not in valid UTC timestamp format.
- Version field is invalid.
- Token's timestamp is more than 8 minutes off from the current time.
- Token hash mismatch.
- APIKey not present in request.
- APIKey is not active.
- APIKey not valid.
- APIKey not active.
- The request contains an older version of x-pay-token than supported by the API/project. Please upgrade to the latest supported version. Consult the VDP Getting Started Guide for the same.
JWE:
- JWE Token format is invalid.
- Kid not present in the token.
- Token validation against Shared secret failed.
- JWT Grant Type or Token value is either missing, empty or has multiple values.
JWS:
- JWS token validation failed.
- Kid extraction from header failed.
- JWT Grant Type or Token value is either missing, empty or has multiple values.
- Kid missing in JWS header.
JWS/JWE:
- JWT prefix not in proper format.
- JWT in Request Body not a well-formed JSON.
- JWT does not contain grant type field or grant type field is blank.
- JWT does not contain assertions field or assertions field is blank.
- JWT token value does not start with the appropriate bearer_JWT prefix.
- APIKey is not active.
- APIKey not valid.
- APIKey not active.
This could be due to any of the following scenarios in Message Level Encryption (JWE):
- KeyId in request is invalid.
- KeyId not present in the request (JWE Header/Request Header).
- JWE payload element in request is not in the proper format.
- JWE token does not have iat header or token has expired.
General:
- Request has more than one authentication tokens which is not supported.
- Incoming http request does not contain any of the required authentication tokens for this API.
|
Thanks,
Diana
Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.