Recent Revisions to This Document

About This Guide

VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introduction to REST
- Secure Communication Requirements
- REST Set-Up Workflow

Signing Up for a Sandbox Account

Obtaining a PKCS12 Certificate
- Creating a PKCS12 File
- Testing the Shared Secret Key Pair
- Extracting the Private Key from the PKCS12 Certificate

Obtaining a Shared Secret Key Pair
- Creating a Shared Secret Key Pair
- Testing the Shared Secret Key Pair

Constructing Messages Using JSON Web Tokens
- Elements of a JSON Web Token Message
- Generating a Hash of the Message Body
- Generating a Hash of the Claim Set
- Generating a Hash of the Token Header
- Generating a Token Signature
- Generating a JSON Web Token

Constructing Messages Using HTTP Signature Security
- Elements of an HTTP Message
- Generating a Hash of the Message Body
- Generating the Signature Hash
- Updating Header Fields

Enabling Message-Level Encryption
- Message-Level Encryption Using JSON Web Tokens
- Message-Level Encryption Using HTTP Signature Authentication

Going Live
- Creating a Merchant ID
- Activating your Merchant ID

On This Page

REST API

Updating Header Fields

When the signature is generated, you can populate the

signature

header field. The

signature

header field includes these parameters:

kid: The shared secret key used to encrypt the signature.
algorithm: The HMAC SHA256 algorithm used to encrypt the signature. It should be formatted:
HmacSHA256
.
headers: This ordered list of the fields included in the signature:
host
date
request-target
digest
v-c-merchant-id
signature: The signature hash.

Signature Header Field Format

Signature:"keyid:"[shared secret key]",algorithm="[encryption algoritm]",headers="field1" "field2" "field3" "etc.", signature="[signature hash]"

Signature Header Example

Signature:"kid="123abcki-key1-key2-key3-keyid1234567", 
algorithm="HmacSHA256", headers="host date request-target digest v-c-merchant-id", 
signature="hrptKYTtn/VfwAdUqkrQ0HT7jqAbagAbFC6nRGXrNzE="