Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration API

Solved! Go to solution
JavierSivack
Regular Contributor

Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration API

Hello, 

I'm having an issue when trying to call the Registration from Customer Rules on VTCs.

If I call it with out enforcing the MLE, and with out encrypting the payload, it work fine.

But if I enforce it, and do the encryption as it is done on the example code, it throw me this response: 

 

 

 

{"responseStatus":{"status":401,"code":"9208","severity":"ERROR","message":"Token validation failed","info":""}}

 

 

 

I don't get what may be wrong, if it is something with the JWE encryption, or with x-pay-token (that is working with no MLE).

Any idea what can it be?

Is there any documentation that have the error code detailed info? 

 

Thanks in advance!

Javier Sivack

 


Javier Sivack
Software Engineer
Ciphertext Solutions, Inc.
13 REPLIES 13
JavierSivack
Regular Contributor

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

I forgot to mention that I'm sending as request body is like

{"encData":"the_encrypted_payload"}

payload is {"primaryAccountNumber":"4986490538230001"} from test data.

Javier Sivack
Software Engineer
Ciphertext Solutions, Inc.
SLi
Visa Developer Support Specialist
Visa Developer Support Specialist

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

Hi @JavierSivack,

 

Please reference the MLE resources below:

https://developer.visa.com/pages/encryption_guide 

https://community.developer.visa.com/t5/Message-Level-Encryption/How-to-run-MLE-Sample-Code-Project/...

 

Some key points to check:

1. Add the keyId as an additional HTTP header

2. For Encryption, use the server encryption certificate

3. For Decryption, use the certificate private key 

 

You can also download MLE sample code for various languages. The download package is available from "General Assets" at the bottom of your project dashboard page.

 

Hope this helps, please let me know if you have other questions.


Best,
Stacey

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.
JavierSivack
Regular Contributor

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

Hi Stacy,

It really does not help, I'm doing almost the same like all of the examples and docs, the only difference is that I'm using x-pay-token.

So I don't know how to follow with this...


Javier Sivack
Software Engineer
Ciphertext Solutions, Inc.
SLi
Visa Developer Support Specialist
Visa Developer Support Specialist

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

Hi @JavierSivack,

 

Can you please share some more information about the error?

1. Request header

2. Request body

3. Response header with x-correlation ID

4. Pre-request script from Postman for the encryption

Thanks!

 


Best,
Stacey

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.
JavierSivack
Regular Contributor

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

Hi Stacy, 

Here is postman console for the post

POST https://sandbox.api.visa.com/vctc/customerrules/v1/consumertransactioncontrols?apiKey=
401
180 ms
POST /vctc/customerrules/v1/consumertransactioncontrols?apiKey= HTTP/1.1
x-pay-token: xv2:1630107728:3a85a1b1c19b043cd07669bc28fb952f1f91aeffc50ee0e7c92bb5962c70a2d3
Accept: application/json
keyId: 
Content-Type: application/json
User-Agent: PostmanRuntime/7.28.4
Postman-Token: 0f8715f2-2814-4b5e-86bc-b1b67385cd89
Host: sandbox.api.visa.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 599
 
{"encData": "eyJlbmMiOiJBMTI4R0NNIiwiaWF0IjoiMTYzMDEwNDA3MDI0OCIsImFsZyI6IlJTQS1PQUVQLTI1NiIsImtpZCI6ImRiZDJiNWI2LWQ1MzAtNDk2NC1iZTRmLWU3MTUyYjFmMmI2ZSJ9.iXHW3RRqHCA9MlJZaaR3TIPrMCFtqmHy2hiaGjaw6zZGffXmqhUE2ieVolODPYlwoyyHRmiewS037ecKY49VdTZYfFxOJzB_M4zjEO_-KRyRt77wtwa_DdympVgZBDTrGUTwGVVita31MRXVxkkyj7CZpeq6v_Kc9UsGCeYL3udRLBfj-eFuNGeB6APvIf-IRlgoZhpP8If8b4u422ZEbmFO-XKupfOxSbBdg6de_TuYHo2ya4L8312cKgkxR_OEYTCwSSLXgnw5qGeV_618xMN3M_tricEI_NpERV85a_io8D26gdW7N8iW1j5-1cZ0pFR9thpUN2Y1q0c-qcYNZA.q8iPmKGnV9ykSTzS.4dng10CzuXjb3BQGL5C0VEM6c--vImdA69tg6_ZB23_pLybhGZ0uhBkmCC0.DMoyRaJ6Y8iNZIOq3ivStg"}
 
HTTP/1.1 401 Unauthorized
Server: nginx
Date: Fri, 27 Aug 2021 23:42:09 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 112
Connection: keep-alive
X-SERVED-BY: l73c014
X-CORRELATION-ID: 1630107729_355_984436793_l73c014_VDP_WS
X-APP-STATUS: 401
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2592000;includeSubdomains
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
 
{"responseStatus":{"status":401,"code":"9212","severity":"ERROR","message":"Token validation failed","info":""}}

And pre request script:

var resourcePath = 'customerrules/v1/consumertransactioncontrols';
var queryParams = 'apiKey=';
var sharedSecret = '';
var postBody = pm.request.body.toString();

var timestamp = Math.floor(Date.now() / 1000);  
var preHashString = timestamp + resourcePath + queryParams + postBody;  
var hashString = CryptoJS.enc.Hex.stringify(CryptoJS.HmacSHA256(preHashString, sharedSecret));
var xPayToken = 'xv2:' + timestamp + ':' + hashString;

postman.setEnvironmentVariable('x-pay-token', xPayToken);

 

Thanks in advance.

Javier Sivack


Javier Sivack
Software Engineer
Ciphertext Solutions, Inc.
SLi
Visa Developer Support Specialist
Visa Developer Support Specialist

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

Hi @JavierSivack,

 

Can you please confirm that you have keyId in the Postman header and its value is set to the Key-ID value from your Project's Encryption/Decryption section?

keyIdInHeader.jpg

 

Key-ID.jpg


Best,
Stacey

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.
JavierSivack
Regular Contributor

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

Hi Stacy.

 

Yes I confirm it is there. You can see on my first message, I just had deleted the key to not post it here.


Javier Sivack
Software Engineer
Ciphertext Solutions, Inc.
SLi
Visa Developer Support Specialist
Visa Developer Support Specialist

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

Hi @JavierSivack,

 

Thanks for confirming that keyId is not the issue. The other thing I can think of is the timestamp.  Please check that the iat timestamp that goes in the JWE Header of the encrypted request is less than 2 minutes from the current time. The request will not be processed if the iat timestamp has expired. Please share the X-Correlation-ID from the latest failed request for us to troubleshoot further.


Best,
Stacey

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.
JavierSivack
Regular Contributor

Re: Token validation failed erro 9208 MLE on Visa Transaction Controls Customer Rules Registration A

Hi Stacy.

Thanks, that with that, it start working on Postman with the the mle generated in my Java code!

So now, I have to get it working on Java code 😉 

Thank you!


Javier Sivack
Software Engineer
Ciphertext Solutions, Inc.