issue in api bin paymentAccountLookup
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
issue in api bin paymentAccountLookup
Dear Team,
We are trying to test the bin service endpoints; I followed sample code in assets (Hello World Sample Codes).
I succeeded to call endpoints ("v2/", "paymentAccountLookup") and ("vdp/", "helloworld") with X-PAY-Token and Mutual tls
But failed to call endpoint ("v2/paymentAccountLookup”) using X-PAY-Token and Mutual tls
I want way to call endpoint ("v2/paymentAccountLookup”) using X-PAY-Token but i get exception
Response Body:
{"responseStatus":{"status":400,"code":"9125","severity":"ERROR","message":"Expected input credential was not present","info":""}}
1- I create p12 using below command:
openssl pkcs12 -export -in cert.pem -inkey "key_245d2d4f-4b10-402e-9efe-b6af664d1c12.pem" -certfile VDPCA-SBX.pem -out MFBin_keyAndCertBundle.p12
2- Endpoint:
"https://sandbox.api.visa.com/v2/paymentAccountLookup”
3- Request Body:
{
"requestHeader": {
"requestTS": "2023-05-15T22:05:00.000",
"requestMessageID": "a123"
},
"requestData": {
"paymentAccountType": "P",
"paymentAccount": "4815081000000000"
}
}
4- Request Headers:
Server: nginx
Date: Sun, 14 May 2023 07:54:27 GMT
Connection: keep-alive
X-SERVED-BY: -585d55954g45
X-CORRELATION-ID: 1684050867_046_1509836400_-585d55954g45_VDP_WS
X-XSS-Protection: 1; mode=block ,0, 1; mode=block
Cache-Control: no-store, must-revalidate, no-cache
X-AGS-Request-ID: v3:8655:sandbox:55c028:b602c3849ca014f58f0eac5995fa3c15, v3:8655:sandbox:73c009:baab04d4233c190c62acd4a26ca552b9
X-APP-STATUS: 200
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000;includeSubdomains, max-age=31536000;includeSubdomains;always
Pragma: no-cache
Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Content-Security-Policy-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-WebKit-CSP-Report-Only: default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
Content-Type: application/json; charset=UTF-8
Content-Length: 65085
Content-Language: en-US
Expires: -1
5- Response Body:
{"responseStatus":{"status":400,"code":"9125","severity":"ERROR","message":"Expected input credential was not present","info":""}}
SampleCode c# .net (please try and let me know where my issue is, I want to run using x-token):
using System.Diagnostics;
using System.Net;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
class Program
{
public static string visaUrl = "https://sandbox.api.visa.com/";
public static string apiKey = "KYC7AUJWRIF3X0TC8WO7214qs99SgmuE4ruy9Lgph6-XO8iuQ";
public static string sharedSecret = "+d}aEy7GNOmCx7MyoqwTx9J3X5AyhQWHZZJ272Ub";
public static string path = "C:\\Users\\User1\\Desktop\\tasks\\Visa\\Certs";
//<YOUR CLIENT CERTIFICATE PATH>
public static string cert = path + "\\MFBin_keyAndCertBundle.p12";
//<YOUR CERTIFICATE PASSWORD>
public static string certPassword = "123";
static void Main(string[] args)
{
Console.WriteLine("START Sample Code for Api Key-Shared Secret (X-Pay-Token)!");
Program program = new Program();
//this fails
var status = program.DoMutualAuthCall("v2/paymentAccountLookup", "POST", null, "{\r\n \"requestHeader\": {\r\n \"requestTS\": \"2023-05-15T22:05:00.000\", \r\n \"requestMessageID\": \"a123\"\r\n },\r\n \"requestData\": {\r\n \"paymentAccountType\": \"P\",\r\n \"paymentAccount\": \"4815081000000000\"\r\n }\r\n}", null);
Console.WriteLine("END Sample Code for Api Key-Shared Secret (X-Pay-Token)!");
}
private void LogRequest(string url, string requestBody)
{
Debug.WriteLine(url);
Debug.WriteLine(requestBody);
}
private void LogResponse(string info, HttpWebResponse response)
{
string responseBody;
Debug.WriteLine(info);
Debug.WriteLine("Response Status: \n" + response.StatusCode);
Debug.WriteLine("Response Headers: \n" + response.Headers.ToString());
using (var reader = new StreamReader(response.GetResponseStream(), ASCIIEncoding.ASCII))
{
responseBody = reader.ReadToEnd();
}
Debug.WriteLine("Response Body: \n" + responseBody);
}
private string GetBasicAuthHeader()
{
string authString = "4CREW02NASBVX5IISN6121QfFgaMpdGdYqjU43PECt_5TCC0o" + ":" + "ZjM45gSM6e4B1K00Qz498h0qAsMBpzyEk";
var authStringBytes = Encoding.UTF8.GetBytes(authString);
string authHeaderString = Convert.ToBase64String(authStringBytes);
return "Basic " + authHeaderString;
}
public string DoMutualAuthCall(string path, string method, string testInfo, string requestBodyString, Dictionary<string, string> headers = null)
{
string requestURL = visaUrl + path;
string certificatePath = cert;
string certificatePassword = certPassword;
string statusCode = "";
LogRequest(requestURL, requestBodyString);
// Create the POST request object
HttpWebRequest request = WebRequest.Create(requestURL) as HttpWebRequest;
request.ContentType = "application/json";
request.Accept = "application/json";
request.Method = method;
if (method.Equals("POST") || method.Equals("PUT"))
{
// Load the body for the post request
var requestStringBytes = Encoding.UTF8.GetBytes(requestBodyString);
request.GetRequestStream().Write(requestStringBytes, 0, requestStringBytes.Length);
}
if (headers != null)
{
foreach (KeyValuePair<string, string> header in headers)
{
request.Headers[header.Key] = header.Value;
}
}
// Add headers
request.Headers["Authorization"] = GetBasicAuthHeader();
// Add certificate
var certificate = new X509Certificate2(certificatePath, certificatePassword);
request.ClientCertificates.Add(certificate);
try
{
// Make the call
using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
{
LogResponse(testInfo, response);
statusCode = response.StatusCode.ToString();
}
}
catch (WebException e)
{
if (e.Response is HttpWebResponse)
{
HttpWebResponse response = (HttpWebResponse)e.Response;
LogResponse(testInfo, response);
statusCode = response.StatusCode.ToString();
}
}
return statusCode;
}
}
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: issue in api bin paymentAccountLookup
Thank you for reaching out, @jbana! An agent is looking for a solution for you and will get back with you shortly! If any community members know a solution, please feel free to respond in this thread.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: issue in api bin paymentAccountLookup
Hi @jbana,
Please use the endpoint and test data provided below. I ran a sandbox test and got a successful result.
End Point https://sandbox.api.visa.com/v1/paymentAccountLookup
Method POST
Request
{
"requestHeader": {
"requestTS": "2020-02-15T22:05:00.000",
"requestMessageID": "test999"
},
"requestData": {
"paymentAccountType": "P",
"paymentAccount": "4259077000001230"
}
}
Response
{
"wsStatus": {
"statusDesc": "Success",
"statusCode": "CDI000"
},
"responseData": {
"platformCd": "GV",
"accountFundingSourceCd": "R",
"accountBusName": "ABD & COMPANY",
"productID": "S2",
"paymentAccountType": "P",
"accountRegionCode": "06",
"issuerBillingCurrCd": "MRO",
"accountCtryAlpha2Code": "MR",
"issuerBin": "425907",
"productIDName": "Visa Government Purchasing",
"accountFundingSourceSubtypeCd": "N"
}
}
Response Header
Status Code: 200
Server : nginx
Date : Wed, 21 Jun 2023 22:12:09 GMT
Content-Type : application/json;charset=UTF-8
Content-Length : 1039
Connection : keep-alive
X-SERVED-BY : -6b78b6f4r987
X-CORRELATION-ID : 1687385529_133_1258835463_-6b78b6f4r987_VDP_WS
X-APP-STATUS : 200
X-XSS-Protection : 1; mode=block ,0
Cache-Control : no-cache, no-store, must-revalidate
Content-Language : en-US
X-AGS-Request-ID : v3:8655:sandbox:55c028:272d7d08a453e8feccf063e20eb74288
encrypted : true
X-Frame-Options : SAMEORIGIN
X-Content-Type-Options : nosniff
Strict-Transport-Security : max-age=31536000;includeSubdomains
Pragma : no-cache
Expires : -1
Content-Security-Policy-Report-Only : default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-Content-Security-Policy-Report-Only : default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-WebKit-CSP-Report-Only : default-src 'self' https://*.v.me https://*.visa.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.visa.com https://*.v.me;img-src 'self' https://*.v.me https://*.visa.com https://*.unica.com https://ad.doubleclick.net;style-src 'self' 'unsafe-inline' https://*.visa.com;object-src https://*.v.me https://*.visa.com data:;report-uri /logging/logCSPReport;
X-XSS-Protection : 1; mode=block
X-Content-Type-Options : nosniff
Strict-Transport-Security : max-age=31536000;includeSubdomains;always