I am getting error while calling this API: https://sandbox.api.visa.com/inapp/provisioning/cardData/applePay
* Please see the following screenshots for my pre-request script using SOAP UI:
Here I'm providing the script: (JAVA)
String apiKey = "U0LUA8LF07B5TSAXAQ4E214o4SeQkhqXaApz9ZkscEpURbOrA";
String sharedSecret = "i$hhG5-K@/6vbbJG-8oqj6-N}5wupGG-IAd+LMG/";
String resourcePath = "inapp/provisioning/cardData/applePay";
String queryString = "apiKey=" + apiKey;
String requestBody = "{\n" +
" \"vCardID\": \"v-123-b25dd0af-2960-420b-8aaa-49b3e466c00f\",\n" +
" \"deviceCert\": \"adevicecert\",\n" +
" \"nonceSignature\": \"jD4Aphu+93N2wbBn\",\n" +
" \"nonce\": \"vXWJaBidcTLaJJCF\"\n" +
"}";
System.out.println("START Sample Code for Api Key-Shared Secret (X-Pay-Token)");
URL url = new URL("https://sandbox.api.visa.com/inapp/provisioning/cardData/applePay?" + queryString);
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Accept", "application/json");
String xPayToken = generateXpaytoken(resourcePath, queryString, requestBody, sharedSecret);
con.setRequestProperty("x-pay-token", xPayToken);
int status = con.getResponseCode();
System.out.println("Http Status: " + status);
BufferedReader in;
if (status == 200) {
in = new BufferedReader(new InputStreamReader(con.getInputStream()));
} else {
in = new BufferedReader(new InputStreamReader(con.getErrorStream()));
System.out.println("Api Key-Shared Secret (X-Pay-Token) test failed");
}
String response;
StringBuffer content = new StringBuffer();
while ((response = in.readLine()) != null) {
content.append(response);
}
in.close();
con.disconnect();
System.out.println(content.toString());
Error message: {"responseStatus":{"status":401,"code":"9159","severity":"ERROR","message":"Token Validation Failed","info":""}}
I'm tried to send a request , but I keep getting an error message. I'm not sure what I'm doing wrong or where to start troubleshooting.
Has anyone successfully integrated the Visa In-App Provisioning API before? If so, can you share any tips or solution for clearing this error with an example.
Any help would be greatly appreciated. Thanks!
Hi @alavu,
The 401 Token Validation Failed error you're getting will be seen when the x-pay-token sent in the header is invalid.
A couple of things I'd like you to note while generating the token:
Can you send a screenshot of the request header?
Also, could you check to see if you're passing a correct value for URI. For example, make sure it’s defined correctly in the beginning of your code, and use the same value for the URI in the middle of your code. In general, for cases like this (i.e. “helloworld works, but the API XX doesn’t”).
Thanks,
Illana
"Sure, I can share you a screenshot of the request header.
Here, I'm not using below the header field x-pay-token - "${#TestCase#xpayToken}" for getting token values, instead of I'm directly taking token from the groovy script and inserting the "Value" field. I tried that way for testing "helloworld" Api, but I got the token validation error so chosen this way.
Hi @alavu,
In looking at your screenshots and comparing to the X-pay token guide and video,
in your header for x-pay-token you have the value set to the actual token value when I believe it should be ${#TestCase#xpayToken} (see step 8 in the X pay token guide).
Please try and let me know.
Thanks,
Illana
Apologies- I realize that you mentioned trying to take the value from your groovy script; can you double check the following as well:
Hi, @I_Doroteo3
I have double-checked the recommendations you provided, including ensuring that the resource path does not have a "/" at the end, verifying that the apiKey is case sensitive and is used consistently in the request and x-pay-token creation, and that the resource path capitalization matches the API definition.
However, despite these efforts, I am still encountering the same issue. I have also tried the additional suggestions you provided in your last response, but to no avail. I am including the details of my Postman request and any error messages that I have received for your reference.
EndPoint: https://sandbox.api.visa.com/inapp/provisioning/cardData/applePay?apiKey=<KEY>
Request Header:
key Value
x-pay-token {{x-pay-token}}
Request Body :
{
"vCardID": "v-123-b25dd0af-2960-420b-8aaa-49b3e466c00f",
"deviceCert": "adevicecert",
"nonceSignature": "jD4Aphu+93N2wbBn",
"nonce": "vXWJaBidcTLaJJCF"
}
Pre-request Script:
var resourcePath = 'inapp/provisioning/cardData/applePay';
var queryParams = '<KEY>';
var sharedSecret = '<ID>';
var postBody = pm.request.body.toString();
var timestamp = Math.floor(Date.now() / 1000);
var preHashString = timestamp + resourcePath + queryParams + postBody;
var hashString = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA256(preHashString, sharedSecret));
var xPayToken = 'xv2:' + timestamp + ':' + hashString;
postman.setEnvironmentVariable('x-pay-token', xPayToken);
Response Header (include the x-correlation-id) :
Key Value
Server nginx
Date Tue, 04 Apr 2023 09:47:18 GMT
Content-Type application/json
Content-Length 112
Connection keep-alive
X-SERVED-BY -68c8b6f9
X-CORRELATION-ID 1680601638_168_338020198_-68c8b6f9_VDP_WS
x-vdp-normalized-url /inapp/provisioning/cardData/applePay
X-APP-STATUS 401
x-vdp-authn-api-visa-id VIAP.101
X-ERROR-ORIGIN 9100
Response Body :
{
"responseStatus": {
"status": 401,
"code": "9159",
"severity": "ERROR",
"message": "Token Validation Failed",
"info": ""
}
}
Query Params:
Key Value
apiKey <KEY>
Could you please assist me further in resolving this issue? I would appreciate any additional insights or suggestions you can offer.
Thank you for your time and support.
Best regards,
Alavu
Hi @alavu,
I've submitted a ticket for your issue and provided the info you shared to the technical team; I'll reach back out when I receive a response.
Thanks,
Illana
Hi @I_Doroteo3 ,
I wanted to check in on the status of the ticket that was submitted for my issue. Have you received any updates from the technical team yet?
Thanks,
Alavu
Hi @alavu
Thanks for your patience, the root cause is a token hash mismatch error due to XPT setup.
Thanks,
Illana