Hi, I Need help with xpay token generation Visa In-App Provisioning

alavu
New Contributor

Hi, I Need help with xpay token generation Visa In-App Provisioning

I am getting error while calling this API: https://sandbox.api.visa.com/inapp/provisioning/cardData/applePay

Please see the following screenshots for my pre-request script using SOAP UI:

Groovy.PNG

 

Result.PNG

Here I'm providing the script: (JAVA)

String apiKey = "U0LUA8LF07B5TSAXAQ4E214o4SeQkhqXaApz9ZkscEpURbOrA";
        String sharedSecret = "i$hhG5-K@/6vbbJG-8oqj6-N}5wupGG-IAd+LMG/";
        String resourcePath = "inapp/provisioning/cardData/applePay";
        String queryString = "apiKey=" + apiKey;
        String requestBody = "{\n" +
                "  \"vCardID\": \"v-123-b25dd0af-2960-420b-8aaa-49b3e466c00f\",\n" +
                "  \"deviceCert\": \"adevicecert\",\n" +
                "  \"nonceSignature\": \"jD4Aphu+93N2wbBn\",\n" +
                "  \"nonce\": \"vXWJaBidcTLaJJCF\"\n" +
                "}";

        System.out.println("START Sample Code for Api Key-Shared Secret (X-Pay-Token)");
        URL url = new URL("https://sandbox.api.visa.com/inapp/provisioning/cardData/applePay?" + queryString);

        HttpURLConnection con = (HttpURLConnection) url.openConnection();

        con.setRequestMethod("POST");
        con.setRequestProperty("Content-Type", "application/json");
        con.setRequestProperty("Accept", "application/json");


        String xPayToken = generateXpaytoken(resourcePath, queryString, requestBody, sharedSecret);
        con.setRequestProperty("x-pay-token", xPayToken);

        int status = con.getResponseCode();
        System.out.println("Http Status: " + status);

        BufferedReader in;
        if (status == 200) {
            in = new BufferedReader(new InputStreamReader(con.getInputStream()));
        } else {
            in = new BufferedReader(new InputStreamReader(con.getErrorStream()));
            System.out.println("Api Key-Shared Secret (X-Pay-Token) test failed");
        }
        String response;
        StringBuffer content = new StringBuffer();
        while ((response = in.readLine()) != null) {
            content.append(response);
        }
        in.close();
        con.disconnect();

        System.out.println(content.toString());

Error message: {"responseStatus":{"status":401,"code":"9159","severity":"ERROR","message":"Token Validation Failed","info":""}}

I'm tried to send a  request , but I keep getting an error message. I'm not sure what I'm doing wrong or where to start troubleshooting.
Has anyone successfully integrated the Visa In-App Provisioning API before? If so, can you share any tips or solution for clearing this error with an example.
Any help would be greatly appreciated. Thanks!

10 REPLIES 10
I_Doroteo3
Visa Developer Support Specialist

Re: Hi, I Need help with xpay token generation Visa In-App Provisioning

Hi @alavu

 

The 401 Token Validation Failed error you're getting will be seen when the x-pay-token sent in the header is invalid. 

A couple of things I'd like you to note while generating the token: 

  1. For starters, please follow the getting started documentation to generate a valid token: https://developer.visa.com/pages/working-with-visa-apis/x-pay-token. There is also this Visa YouTube video that may help: https://youtu.be/RZ7zlDA89xE 
  2. APIkey in the url query param should be the same as the one used to generate xpayToken 
  3. “resourcePath” sent in the xpaytoken has to be as per the documentation (eg: v2/payments?apikey={apikey}). 
  4. Payload sent in the request payload should exactly match along with spaces to the “requestBody” value used in xpaytoken. 

 

Can you send a screenshot of the request header? 

 

Also, could you check to see if you're passing a correct value for URI. For example, make sure it’s defined correctly in the beginning of your code, and use the same value for the URI in the middle of your code. In general, for cases like this (i.e. “helloworld works, but the API XX doesn’t”).

 

Thanks, 

Illana

alavu
New Contributor

Re: Hi, I Need help with x-pay-token generation Visa In-App Provisioning

"Sure, I can share you a screenshot of the request header.
Header request.PNGHeader re2.PNG

Here, I'm not using below the header field x-pay-token - "${#TestCase#xpayToken}" for getting token values, instead of I'm directly taking token from the groovy script and inserting the "Value" field. I tried that way for testing "helloworld" Api, but I got the token validation error so chosen this way.



alavu
New Contributor

Re: Hi, I Need help with x-pay-token generation Visa In-App Provisioning

I_Doroteo3, I posted a question a few days ago about with x-pay token generation Visa In-App Provisioning Api. I wanted to follow up on that post and see if anyone could offer any advice or suggestions.

I would really appreciate any help or guidance that you can offer. Thank you in advance for your time and expertise.

Best regards,

Alavu
I_Doroteo3
Visa Developer Support Specialist

Re: Hi, I Need help with x-pay-token generation Visa In-App Provisioning

Hi @alavu

 

In looking at your screenshots and comparing to the X-pay token guide and video, 

in your header for x-pay-token you have the value set to the actual token value when I believe it should be ${#TestCase#xpayToken} (see step 8 in the X pay token guide).

 

Please try and let me know.

Thanks, 

Illana

 

 

I_Doroteo3
Visa Developer Support Specialist

Re: Hi, I Need help with x-pay-token generation Visa In-App Provisioning

@alavu 

 

Apologies- I realize that you mentioned trying to take the value from your groovy script; can you double check the following as well: 

 

  • Resource path should not have “/” at the end
  • apiKey is case sensitive and must be the same what is passed in the request and as is used in x-pay-token creation
  • query string or resource path should not include “?”
  • there must not be any space “ “, new line "\n" or “.” in the request payload or at the end as compared to the one used in creating the x-pay-token
  • Ensure resource path capitalisation matches API definition - provisionedToken is not the same as provisionedtoken.

 

alavu
New Contributor

Issue with API Request - Follow up

Hi, @I_Doroteo3 

 I have double-checked the recommendations you provided, including ensuring that the resource path does not have a "/" at the end, verifying that the apiKey is case sensitive and is used consistently in the request and x-pay-token creation, and that the resource path capitalization matches the API definition.


However, despite these efforts, I am still encountering the same issue. I have also tried the additional suggestions you provided in your last response, but to no avail. I am including the details of my Postman request and any error messages that I have received for your reference.

EndPoint: https://sandbox.api.visa.com/inapp/provisioning/cardData/applePay?apiKey=<KEY>

 

Request Header: 

   key                          Value
x-pay-token            {{x-pay-token}}

 

Request Body :

{

  "vCardID": "v-123-b25dd0af-2960-420b-8aaa-49b3e466c00f",

  "deviceCert": "adevicecert",

  "nonceSignature": "jD4Aphu+93N2wbBn",

  "nonce": "vXWJaBidcTLaJJCF"

}

 

Pre-request Script:

var resourcePath = 'inapp/provisioning/cardData/applePay';
var queryParams = '<KEY>';
var sharedSecret = '<ID>';
var postBody = pm.request.body.toString();

 

var timestamp = Math.floor(Date.now() / 1000);  
var preHashString = timestamp + resourcePath + queryParams + postBody;  
var hashString = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA256(preHashString, sharedSecret));
var xPayToken = 'xv2:' + timestamp + ':' + hashString;

postman.setEnvironmentVariable('x-pay-token', xPayToken);

 

Response Header (include the x-correlation-id) :

Key                                                        Value

Server                                                   nginx

Date                                                      Tue, 04 Apr 2023 09:47:18 GMT
Content-Type                                        application/json

Content-Length                                    112

Connection                                           keep-alive
X-SERVED-BY                                       -68c8b6f9

X-CORRELATION-ID                             1680601638_168_338020198_-68c8b6f9_VDP_WS

x-vdp-normalized-url                            /inapp/provisioning/cardData/applePay

X-APP-STATUS                                       401

x-vdp-authn-api-visa-id                        VIAP.101

X-ERROR-ORIGIN                                  9100

Response Body :

{
    "responseStatus": {
        "status": 401,
        "code": "9159",
        "severity": "ERROR",
        "message": "Token Validation Failed",
        "info": ""
    }
}

 

Query Params:

Key                                          Value

apiKey                                     <KEY>


Could you please assist me further in resolving this issue? I would appreciate any additional insights or suggestions you can offer.

Thank you for your time and support.

Best regards,
Alavu

I_Doroteo3
Visa Developer Support Specialist

Re: Issue with API Request - Follow up

Hi @alavu

 

I've submitted a ticket for your issue and provided the info you shared to the technical team; I'll reach back out when I receive a response.

 

Thanks, 

Illana

alavu
New Contributor

Re: Issue with API Request - Follow up

Hi @I_Doroteo3 ,

I wanted to check in on the status of the ticket that was submitted for my issue. Have you received any updates from the technical team yet?

Thanks,
Alavu

I_Doroteo3
Visa Developer Support Specialist

Re: Issue with API Request - Follow up

Hi @alavu

 

Thanks for your patience, the root cause is a token hash mismatch error due to XPT setup.

 

Thanks, 

Illana