token validation failed for VMSS API

akashshaha_257
Dabbler

token validation failed for VMSS API

Hi, I am trying to consume the Visa merchant screening service API Using X-pay-token validation Authentication. 

I managed to test helloworld in sandbox environment but getting error for VMSS API.

Does VMSS support x-pay-token authentication method?

2 REPLIES 2
SyedSa
Community Moderator

Re: token validation failed for VMSS API

Hi @akashshaha_257Thank you for reaching out. An agent will get back to you as soon as possible. Until then, if any community member has information that may be helpful, please feel free to reply.

API_Products
Visa Developer Support Specialist

Re: token validation failed for VMSS API

Hey @akashshaha_257,

 

The Visa Merchant Screening Service (VMSS) typically uses Mutual TLS (mTLS) for authentication. However, some Visa APIs do support X-Pay-Token for authentication. To determine if VMSS supports X-Pay-Token, you should refer to the official documentation for VMSS on the Visa Developer Portal.

 

Steps to Verify Authentication Support

1. Review API Documentation:
- Check the VMSS API documentation on the Visa Developer Portal to see if X-Pay-Token is listed as a supported authentication method.

 

Example Authentication Code for X-Pay-Token

If VMSS does support X-Pay-Token, ensure that your request headers and token generation are correct.

 

Here’s a general example of how to use X-Pay-Token:

```python
import time
import hmac
import hashlib
import base64
import requests

 

# START 
def generate_x_pay_token(resource_path, query_string, request_body, shared_secret, api_key):
timestamp = str(int(time.time() * 1000))
pre_hash_string = timestamp + resource_path + query_string + request_body
hash_bytes = hmac.new(bytes(shared_secret, 'utf-8'), bytes(pre_hash_string, 'utf-8'), hashlib.sha256).digest()
hash_string = base64.b64encode(hash_bytes).decode('utf-8')
x_pay_token = 'xv2:' + timestamp + ':' + hash_string
return x_pay_token

# Example usage
resource_path = '/vmss/v1/someEndpoint'
query_string = 'apikey=your_api_key'
request_body = '{"field": "value"}' # Adjust according to the actual request body
shared_secret = 'your_shared_secret'
api_key = 'your_api_key'

x_pay_token = generate_x_pay_token(resource_path, query_string, request_body, shared_secret, api_key)

headers = {
'Content-Type': 'application/json',
'x-pay-token': x_pay_token
}

url = f'https://sandbox.api.visa.com{resource_path}?{query_string}'

response = requests.post(url, headers=headers, data=request_body)
print(response.status_code)
print(response.json())
# END 
```

 

1. Check Documentation: Verify if VMSS supports X-Pay-Token by reviewing the official documentation.
2. Contact Support: Reach out to Visa Developer Support for confirmation.
3. Use Correct Authentication: If supported, ensure your X-Pay-Token generation and request headers are correctly implemented.

 

By following these steps, you can confirm the appropriate authentication method and troubleshoot any issues with consuming the VMSS API.

  




Thanks,

Diana



Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.