VisaCheckout and x-pay-token

Pymnts
Regular Visitor

VisaCheckout and x-pay-token

Hi,

 

I am integrating VisaCheckout into a web page using the Javascript SDK. Mostly everything works OK with the sandbox environment. But when I checked the browser console, there was a message from https://sandbox.secure.checkout.visa.com/marketing/v1/marketing/campaign with responseStatus indicating Token Validation Failed (code 9101). 

 

My questions :

1. Is x-pay-token required for VisaCheckout ?

2. You have provided code for generating an x-pay-token. I have modified it for my environment. Could you provide some documentation which indicates what Javascript code will be required to add x-pay-token to any request that is communicating with */wallet-services-web/*  ?

 

thanks,

Pymnts

 

3 REPLIES 3
Visa_Hemanth
Regular Visitor

Re: VisaCheckout and x-pay-token

Hi,

Thanks for trying out Visa Developer. 

Around the "Token Validation Failed" error seen in the JavaScript console, it should not impact your testing in Sandbox. However, we will get back soon with the reasoning around the error.

 

Answers to your other questions

1. Is x-pay-token required for VisaCheckout?

  • Yes. We need to use the x-pay-token mechanism for making API calls for Visa Checkout endpoints mentioned in the page here

2. You have provided code for generating an x-pay-token. I have modified it for my environment. Could you provide some documentation which indicates what Javascript code will be required to add x-pay-token to any request that is communicating with */wallet-services-web/*  ?

  • The recommended approach for usage of Visa Checkout API (mentioned here) requires you to pass on the callId that was returned in the payment.success javascript event on the browser over to your internal server that does the payment processing and to make the call to Visa Checkout API from there. Details around how to do it is mentioned here
Pymnts
Regular Visitor

Re: VisaCheckout and x-pay-token

Hi Hemanth,

 

Firstly, I really appreciate your reply. 

 

So, I will await your findings regarding "Token Validation Failed" error seen in the JavaScript console. 

 

My read of the other items is that, if VisaCheckout is completely implemented using the Javascript SDK, not calling into the VisaCheckout API at all (apparently, this is OK as well) there is no need for x-pay-token. Correct ? 

 

thanks,

Pymnts

 

Visa_Hemanth
Regular Visitor

Re: VisaCheckout and x-pay-token

Hi,

The JavaScript SDK primarily provides functionality to add the Visa Checkout button to a web page, handle payment events, and initiate checkout. 

 

Visa Checkout offers two APIs (that make use of x-pay-token) that you can use to get consumer payment information after a successful lightbox session and to update Visa Checkout with the status of the transaction after the payment has been processed. These APIs provide an alternative to using the Visa Checkout JavaScript library to perform those same functions from your web pages.

 

Since these actions make use of the Shared Secret that is handed out for your app at the time of app creation in the Visa Developer Portal, it is recommended that these API (particularly the one that decrypts consumer payment information) be invoked on your internal server from a security standpoint to avoid disclosing the Shared Secret in your javascript code.