17 posts / 0 new
Last post
raghavansankara...
Invalid Tokenize Request. Please check your input."status": 401, "type": "FDToken","status": "failed"

I am trying to use in the URL to authorize a transaction. as we are going to authorize using this payeezy soon. I have estimate the development effort on C# coding.
URL used
https://api-cert.payeezy.com/v1/securitytokens?apikey=<>&js_security_key=<>&callback=Payeezy.callback&auth=false&ta_token=<>&type=FDToken&credit_card.type=visa&credit_card.cardholder_name=abc&credit_card.card_number=4012000033330026&credit_card.exp_date=1116&credit_card.cvv=123;

Test credit card taken in payeezy: https://github.com/payeezy/testing_payeezy/blob/master/payeezy_testdata042015.pdf
APIKEY, js.SecurityKey and Merchandkey is created in developer site and given.

Please help me in getting a test credit card success call, so that I can estimate development effort for go live.

Thanks
Raghavan.


rohitrajagopal3538
Re: Invalid Tokenize Request. Please check your input."status...

Hello Raghavan,

I just tried your query with my api key and js_security_key and it worked. Here is an FAQ on how to resolve the 401 error

  • When testing in CERT environment
    • Ensure that you are accessing the sandbox URL - https://api-cert.payeezy.com/v1/
    • Ensure that the API is enabled for sandbox environment. Do this by going to My APIs and edit your API.
    • Ensure that you are using the merchant token listed in the "My Merchants" page under the "Sandbox" tab.
    • In tokenization requests, if applicable, ensure that you are using ta_token = 'NOIW'
  • In PROD environment,
    • Ensure that you are accessing the production URL - https://api.payeezy.com/v1/
    • Ensure that the API is enabled for Live environment. Do this by going to My APIs and edit your API.​
    • Ensure that you are using the merchant token listed in the "My Merchants" page under the Live tab.

Let us know if this doesn't resolve the issue.

Regards,

Payeezy team


raghavansankara...
Re: Invalid Tokenize Request. Please check your input."status...

Thanks for your response
I was using the API key from my login API sandbox, and included a taken header with value of merchant token from "My Merchants" and changed the ta_token='NOIW', I am using internet explore to confirm that my URL with header value is correct.
my input is
https://api-cert.payeezy.com/v1/securitytokens?apikey= &js_security_key= &token= &callback=Payeezy.callback&auth=true&ta_token=NOIW&type=FDToken&credit_card.type=visa&credit_card.cardholder_name=abc&credit_card.card_number=4012000033330026&credit_card.exp_date=1116&credit_card.cvv=123;

and my output is

Payeezy.callback(
{"status": 401,
"results": {
"type": "FDToken",
"status": "failed",
"Error": {"messages": [{"code": "401", "description": "Invalid Tokenize Request. Please check your input."}]}
}})
Am I using the correct header values or missing any header value?
Note: Please help me to have a successful call in the above URL with my header values.


rohitrajagopal3538
Re: Invalid Tokenize Request. Please check your input."status...

The get token call does not require any HTTP header. Also in your URL, you have a query parameter called "token" which is not correct. 

The rest of the URL is fine. Try this and if it works, add your api key and try again - 

https://api-cert.payeezy.com/v1/securitytokens?apikey=y6pWAJNyJyjGv66IsVuWnklkKUPFbb0a&js_security_key=js-6125e57ce5c46e10087a545b9e9d7354c23e1a1670d9e9c7&callback=Payeezy.callback&auth=true&ta_token=NOIW&type=FDToken&credit_card.type=visa&credit_card.cardholder_name=abc&credit_card.card_number=4012000033330026&credit_card.exp_date=1116&credit_card.cvv=123

Regards,

Payeezy team


raghavansankara...
Re: Invalid Tokenize Request. Please check your input."status...

Thanks a lot rohit, your URL is giving success and at the same time the same URL replaced with API key and JS key and the same was giving json file with success value.
1. Please help me in authorizing a transaction using this above json file(Not able to know post call with transactions/token).
sample_v3.2.html/payeezy_v3.2.js also gives a token value after replacing the value with my API key/JS key, merchant token and all values, I am able to generate token value. Please help me in using the token value after creating this token.


raghavansankara...
Re: Invalid Tokenize Request. Please check your input."status...

Thanks Rohit, I am able to give a success call as you have mentioned above and able to create a token. I have tried with your URL and even I have replaced with my APIKEY and JSKey too, it works fine.
Can you please let me know how to use this token/json file to authorize a transaction.

I have used the sample_v3.2\payeezy.js 3.2 to create token too, can you please help me in using this token to authorize a transaction.


rohitrajagopal3538
Re: Invalid Tokenize Request. Please check your input."status...

Raghavan - The next steps are -

1. The token number is submitted to your server as a hidden field.

2. Use the DIrect API library of your choice to process token based transaction.

Here is an PHP example -

\< ?php

$apiKey = "1AXHp1dY6JjJ29Eak5z1v7sFwmji1pvG";
$apiSecret = "2a9e90250949e4eefd1f7ca9ac2c8cade3a81c256006eca6f55f80778c12939a";
$token = "fdoa-a480ce8951daa73262734cf102641994c1e55e7cdf4c02b6";
$nonce = strval(hexdec(bin2hex(openssl_random_pseudo_bytes(4, $cstrong))));
$timestamp = strval(time()*1000); //time stamp in milli seconds

$payload = getPayload();

/**
* Generate Payload
*/

function getPayload($args = array())
{
$data = "";

$data = array(
'merchant_ref'=> 'sample token txn',
'transaction_type'=> "authorize",
'method'=> 'token',
'amount'=> '200',
'currency_code'=> 'USD',
'token'=> array(
'token_type'=> 'FDToken',
'token_data'=> array(
'type'=>'visa',
'value'=>'2537446225198291',
'cardholder_name'=>'JohnSmith',
'exp_date'=>'1030'
)
)
);

return json_encode($data, JSON_FORCE_OBJECT);
}

$data = $apiKey . $nonce . $timestamp . $token . $payload;

$hashAlgorithm = "sha256";

### Make sure the HMAC hash is in hex -->
$hmac = hash_hmac ( $hashAlgorithm , $data , $apiSecret, false );

### Authorization : base64 of hmac hash -->
$hmac_enc = base64_encode($hmac);

$curl = curl_init('https://api-cert.payeezy.com/v1/transactions');

$headers = array(
'Content-Type: application/json',
'apikey:'.strval($apiKey),
'token:'.strval($token),
'Authorization:'.$hmac_enc,
'nonce:'.$nonce,
'timestamp:'.$timestamp,
);

curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $payload);

curl_setopt($curl, CURLOPT_VERBOSE, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

$json_response = curl_exec($curl);

$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);

$response = json_decode($json_response, true);

if ( $status != 201 ) {
die("Error: call to URL $serviceURL failed with status $status, response $json_response, curl_error " . curl_error($curl) . ", curl_errno " . curl_errno($curl));
}

curl_close($curl);
echo "JSON response is: ".$json_response."\n";
?>


raghavansankara...
Re: Invalid Tokenize Request. Please check your input."status...

Thanks Rohit,

1. I am trying to implement the code in C#, so can you please share the source template for C#?.

2. Do we have an option to authorize the token based transaction through URL itself?. (Like we create token in URL: https://api-cert.payeezy.com/v1/securitytokens?apikey=s94yqj7HjXloiTiEga9qoY3b8OycofvV&js_security_key=js-13ce3e831fc2e0bccee5ae52ba3df88513ce3e831fc2e0bc&callback=Payeezy.callback&auth=true&ta_token=NOIW&type=FDToken&credit_card.type=visa&credit_card.cardholder_name=abc&credit_card.card_number=4012000033330026&credit_card.exp_date=1116&credit_card.cvv=123)


rohitrajagopal3538
Re: Invalid Tokenize Request. Please check your input."status...

1. Below is sample C# code for sample credit card authorize. The payload can be easily tweaked to make it a token based authorize/purchase transaction.

2. No, authorize transaction is a POST HTTP call. It needs to happen from the merchant server as it requires credentials which can be compromised if implemented in HTML.

 

using System;

using System.Collections.Generic;

using System.IO;

using System.Linq;

using System.Net;

using System.Security.Cryptography;

using System.Text;

using System.Threading.Tasks;

 

namespace ConsoleApplication1

{

    class Program

    {

        static void Main(string[] args)

        {

 

            string jsonString = "{ \"merchant_ref\": \"Payeezy Test\", \"transaction_type\": \"authorize\", \"method\": \"credit_card\", \"amount\": \"1299\", \"currency_code\": \"USD\", \"credit_card\": { \"type\": \"visa\", \"cardholder_name\": \"Test Name\", \"card_number\": \"4111111111111111\", \"exp_date\": \"1020\", \"cvv\": \"123\" } }";

            string apiKey = "";                              //Enter your api key

            string apiSecret = "";                          //Enter your api secret

            string token = "fdoa-a480ce8951daa73262734cf102641994c1e55e7cdf4c02b6";

            Random random = new Random();

            string nonce = (random.Next(0, 1000000)).ToString();

 

            DateTime date = DateTime.UtcNow;

            DateTime epoch = new DateTime(1970, 1, 1, 0, 0, 0, 0);

            TimeSpan span = (date - epoch);

            string time = span.TotalMilliseconds.ToString();

 

            string hashData = apiKey + nonce + time + token + jsonString;

 

            string base64Hash = Convert.ToBase64String(CalculateHMAC(hashData, apiSecret));

 

            string url = "https://api-cert.payeezy.com/v1/transactions";

 

            //begin HttpWebRequest

            HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);

 

            webRequest.Method = "POST";

            webRequest.Accept = "*/*";

            webRequest.Headers.Add("timestamp", time);

            webRequest.Headers.Add("nonce", nonce);

            webRequest.Headers.Add("token", token);

            webRequest.Headers.Add("apikey", apiKey);

            webRequest.Headers.Add("Authorization", base64Hash);

            webRequest.ContentLength = jsonString.Length;

            webRequest.ContentType = "application/json";

 

            StreamWriter writer = null;

            writer = new StreamWriter(webRequest.GetRequestStream());

            writer.Write(jsonString);

            writer.Close();

 

            string responseString;

            try

            {

                using (HttpWebResponse webResponse = (HttpWebResponse)webRequest.GetResponse())

                {

                    using (StreamReader responseStream = new StreamReader(webResponse.GetResponseStream()))

                    {

                        responseString = responseStream.ReadToEnd();

                        Console.WriteLine(webRequest.Headers.ToString() + jsonString);

                        Console.WriteLine(webResponse.Headers.ToString() + responseString);

                    }

                }

            }

            catch (WebException ex)

            {

                if (ex.Response != null)

                {

                    using (HttpWebResponse errorResponse = (HttpWebResponse)ex.Response)

                    {

                        using (StreamReader reader = new StreamReader(errorResponse.GetResponseStream()))

                        {

                            string remoteEx = reader.ReadToEnd();

                            Console.WriteLine(remoteEx);

                        }

                    }

                }

            }

            Console.ReadLine();

        }

 

        static byte[] CalculateHMAC(string data, string secret)

        {

            HMAC hmacSha256 = new HMACSHA256(Encoding.UTF8.GetBytes(secret));

            byte[] dataBytes = Encoding.UTF8.GetBytes(data);

            byte[] hmac2Hex = hmacSha256.ComputeHash(Encoding.UTF8.GetBytes(data));

 

            string hex = BitConverter.ToString(hmac2Hex);

            hex = hex.Replace("-", "").ToLower();

            byte[] hexArray = Encoding.UTF8.GetBytes(hex);

            return hexArray;

        }

    }

}

 

Regards,

Payeezy team


raghavansankara...
Re: Invalid Tokenize Request. Please check your input."status...

Thanks Rohit this works.
Just clarification, why we have create a token using
https://api-cert.payeezy.com/v1/securitytokens?apikey=s94yqj7HjXloiTiEga9qoY3b8OycofvV&js_security_key=js-13ce3e831fc2e0bccee5ae52ba3df88513ce3e831fc2e0bc&callback=Payeezy.callback&auth=true&ta_token=NOIW&type=FDToken&credit_card.type=visa&credit_card.cardholder_name=abc&credit_card.card_number=4012000033330026&credit_card.exp_date=1116&credit_card.cvv=123
Because I have not used this token in the authorize code in C#.

So we need API key, API Secret and a Merchant Token, where we can authorize a credit card transaction using it?,
If yes, then do you have any other way of authorizing transaction in C# or this is the only optimal way?


rohitrajagopal3402
Re: Invalid Tokenize Request. Please check your input."status...

Raghavan - The example I provided was for an authorize transaction using credit card numbers. You can also perform authorization or purchase transaction using the token number obtained from Payeezy JS. In my example, you will need to modify the payload accordingly. The payload for a  token based authorize will look like this - 

{
  "merchant_ref": "Astonishing-Sale",
  "transaction_type": "authorize",
  "method": "token",
  "amount": "200",
  "currency_code": "USD",
  "token": {
    "token_type": "FDToken",
    "token_data": {
      "type": "visa",
      "value": "2537446225198291",
      "cardholder_name": "JohnSmith",
      "exp_date": "1030"
    }
  }
}

You will need the api key, api secret and merchant token to perform these transactions.

Regards,

Payeezy team

 


raghavansankara...
Re: Invalid Tokenize Request. Please check your input."status...

Thanks Rohit, Got it, In our case we need to authorize a lot of credit card transactions in single day, so for single item we need to create a token and then authorizing will be time consuming, so we will go with credit card authorize itself.
1, In our one of current authorization we can send all our transactions in single file and authorize 300 different credit card items in single call for a merchant, the result will be in a single file with credit card # and its result. because we are process lot of transaction for a merchant in a day(as we are transaction processing company). Do you have any method of single authorizing for multiple transaction or we need to go with item by item only?.
I am asking to save time on processing transactions.


rohitrajagopal3538
Re: Invalid Tokenize Request. Please check your input."status...

Raghavan - Sure, you can directly authorize credit card numbers but please remember that as the credit card numbers are passing through your server, the merchant would need to go through a higher level of PCI compliance requirements. Payeezy JS on the other tokenizes the credit card and so it reduces the PCI burden.

WIth the API integration, you can process the transactions as they come but if you still need to do batch processing, you will need to do them item by item. The other option is to do it via the virtual terminal interface that the merchant will have access to.

Regards,

Payeezy team


raghavansankara...
Re: Invalid Tokenize Request. Please check your input."status...

Got it, Thank a lot for the information.
In our earlier authorization, we are not sending the CVV # for authorization, I have removed the CVV value tag in the credit card authorize, which was success. This is just to check with you that CVV is not a mandatory field right? Can you please give more info on all other fields that we are giving as input, so that our implementation will be easier with that information.


rohitrajagopal3538
Re: Invalid Tokenize Request. Please check your input."status...

Yes, CVV is an optional field. You should find information on all the fields on this page - https://developer.payeezy.com/payeezy-api/apis/post/transactions-3. 

Do let me know if you questions on anything in specific.

Regards,

Payeezy team


bradh15926
Re: Invalid Tokenize Request. Please check your input."status...

I am trying to implement Private Label Credit Cards (PLCC's) for a large merchant and am getting an "Invalid Tokenized Request..." error.

Do you know how I can implement this?


christopherlord730
Re: Invalid Tokenize Request. Please check your input."status...

First I would check the merchant account to ensure Transarmor is actually enabled in production. Otherwise please email support.payeezy@firstdata.com and provide them the merchant ID and correlation ID returned with any errors from our API.