VTS X-Pay-Token Troubleshooting Guide

Solved! Go to solution
API_Products
Visa Developer Support Specialist

Re: VTS X-Pay-Token Troubleshooting Guide

Hey @adamlee,

 

Regarding your query on Visa Token Service, contact your Visa Account Executive, Gateway or Acquiring partner and/or visit our detailed product page at Visa Ready. You can submit queries about Visa Token Service at Visa Ready using the ‘Contact Us’ link. 

 




Thanks,

Diana H.



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

manishk
Newbie

Re: VTS X-Pay-Token Troubleshooting Guide

Thanks for providing this guide.

What error can we expect if the same xPayToken is used multiple times within the expiration period of 480 seconds ?

API_Products
Visa Developer Support Specialist

Re: VTS X-Pay-Token Troubleshooting Guide

Hey @manishk,

 

If the same `xPayToken` is used multiple times within the expiration period of 480 seconds, you can expect to receive an error indicating that the token has already been used. This is because `xPayToken` is designed to be a single-use token for security purposes. Reusing the token within its validity period is against the intended usage and will be rejected by the Visa Developer Platform.

 

Common Error:
The specific error you might encounter is:

- HTTP Status Code: `401 Unauthorized`
- Error Message: `Token already used`

 

Example Error Response:
```json
{
"responseStatus": {
"code": "9121",
"message": "Token already used",
"severity": "ERROR"
}
}
```

 

Troubleshooting Steps:
1. Generate a New Token: Ensure that you generate a new `xPayToken` for each API call.
2. Check Token Generation Logic: Verify that your code correctly generates and uses a new `xPayToken` for each request.
3. Monitor Token Usage: Implement logging to monitor the generation and usage of `xPayToken` to identify if tokens are being reused inadvertently.

 

Additional Tips:
- Token Expiration: Remember that the `xPayToken` is valid for a period of 480 seconds (8 minutes). Within this time, the token should not be reused.
- Security Best Practices: Always ensure that tokens are kept secure and not exposed in logs or error messages.

By following these guidelines, you can avoid the issue of token reuse and ensure secure and successful API interactions with the Visa Developer Platform.

 




Thanks,

Diana H.



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.