Environment: Ubuntu
Software: PHP, cURL
API: Payment Account Validation API (Sandbox)
Steps to reproduce:
Script:
<?php
$url = 'https://sandbox.api.visa.com/pav/v1/cardvalidation';
$username = 'ABCDEFGHIJIKLMNOqrstuvwxy-xabc';
$password = 'sdsd22asdasd213123';
$ca = __DIR__ . '/VDPCA-SBX.pem';
$cert = __DIR__ . '/cert.pem';
$key = __DIR__ . '/privatekey.pem';
$auth_string = $username . ':' . $password;
$auth_string_bytes = utf8_encode($auth_string);
$auth_login_string = base64_encode($auth_string);
$auth_header = 'Authorization: Basic ' . $auth_login_string;
$header = [
'Accept: application/json',
"Content-Type: application/json",
$auth_header
];
$json_data = [
'acquirerCountryCode' => 810,
'acquiringBin' => '408999',
'primaryAccountNumber' => '4957040000000001', //acct
'addressVerificationResults' => [
'postalCode' => '94404',
'street' => '801 Metro Center Blv'
],
'cardExpiryDate' => '2020-10',
'cardCvv2Value' => '999',
'cardAcceptor' => [
'idCode' => '10061968',
'name' => 'Visa Inc',
'address' => [
'state' => 'CA',
'city' => 'San Francisco',
'zipCode' => '94404',
'country' => 'USA'
]
],
'actionCode' => 25,
'responseCode' => 5,
'addressVerificationResults' => 'I',
'cvv2ResultCode' => 'P',
'transactionIdentifier' => '123456789012345456789012345456789012345456789012345'
];
$json_data = json_encode( $json_data );
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_SSLCERT, $cert);
curl_setopt($ch, CURLOPT_SSLKEY, $key);
curl_setopt($ch, CURLOPT_CAINFO, $ca);
curl_setopt($ch, CURLOPT_PORT, 443);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 2);
curl_setopt($ch, CURLOPT_SSLVERSION, 1);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data);
curl_setopt($ch, CURLOPT_URL, $url);
$response = curl_exec($ch);
$response_info = curl_getinfo($ch);
var_dump( $response );
Result:
"{"responseStatus":{"status":400,"code":"9125","severity":"ERROR","message":"Expected input credential was not present","info":""}}"
Hi @Guest45, Thank you for reaching out. One of our agents will look into this and get back to you soon. In the meantime, if any community member knows a solution, please reply in this thread.
Have you tried passing the x-api-key as additional header for authorization?
Hi, we are still blocked on this. So we appreciate your suggestion. But as far as we know, we do not have an "x-api-key" we have the following:
Hey @Guest45,
The error message "Expected input credential was not present" usually means that the API request lacks proper authentication credentials or there is an issue with the provided certificates. Let's review and correct the script to ensure it meets the Visa Developer Platform requirements.
Corrected Script
Please ensure that your certificates and keys are correctly named and placed in the same directory as your script. Also, make sure your `VDPCA-SBX.pem` is the correct CA certificate provided by Visa.
```php
<?php
// START
$url = 'https://sandbox.api.visa.com/pav/v1/cardvalidation';
$username = 'ABCDEFGHIJIKLMNOqrstuvwxy-xabc';
$password = 'sdsd22asdasd213123';
$ca = __DIR__ . '/VDPCA-SBX.pem';
$cert = __DIR__ . '/cert.pem';
$key = __DIR__ . '/privatekey.pem';
$auth_string = $username . ':' . $password;
$auth_string_bytes = utf8_encode($auth_string);
$auth_login_string = base64_encode($auth_string_bytes);
$auth_header = 'Authorization: Basic ' . $auth_login_string;
$header = [
'Accept: application/json',
'Content-Type: application/json',
$auth_header
];
$json_data = [
'acquirerCountryCode' => 810,
'acquiringBin' => '408999',
'primaryAccountNumber' => '4957040000000001',
'addressVerificationResults' => [
'postalCode' => '94404',
'street' => '801 Metro Center Blv'
],
'cardExpiryDate' => '2020-10',
'cardCvv2Value' => '999',
'cardAcceptor' => [
'idCode' => '10061968',
'name' => 'Visa Inc',
'address' => [
'state' => 'CA',
'city' => 'San Francisco',
'zipCode' => '94404',
'country' => 'USA'
]
],
'actionCode' => '25',
'responseCode' => '5',
'addressVerificationResults' => 'I',
'cvv2ResultCode' => 'P',
'transactionIdentifier' => '123456789012345456789012345456789012345456789012345'
];
$json_data = json_encode($json_data);
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_SSLCERT, $cert);
curl_setopt($ch, CURLOPT_SSLKEY, $key);
curl_setopt($ch, CURLOPT_CAINFO, $ca);
curl_setopt($ch, CURLOPT_PORT, 443);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); // Changed to 1
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2); // Changed to specify TLS 1.2
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data);
curl_setopt($ch, CURLOPT_URL, $url);
$response = curl_exec($ch);
$response_info = curl_getinfo($ch);
if (curl_errno($ch)) {
echo 'Curl error: ' . curl_error($ch);
}
var_dump($response);
curl_close($ch);
?>
// END
```
Key Points:
1. Base64 Encoding: Ensure that the `auth_string_bytes` is correctly encoded in UTF-8 before base64 encoding.
2. SSL Version: Specify `CURL_SSLVERSION_TLSv1_2` to enforce TLS 1.2 which is recommended for secure connections.
3. SSL Verification: Ensure `curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);` to verify the peer's SSL certificate.
4. Check File Permissions: Ensure that `cert.pem`, `privatekey.pem`, and `VDPCA-SBX.pem` have correct file permissions.
If the problem persists, verify the contents and paths of the certificate files.