Recent Revisions to This Document

About This Guide

VISA Platform Connect: Specifications and Conditions for Resellers/Partners

Introduction to REST
- Secure Communication Requirements
- REST Set-Up Workflow

Signing Up for a Sandbox Account

Obtaining a PKCS12 Certificate
- Creating a PKCS12 File
- Testing the Shared Secret Key Pair
- Extracting the Private Key from the PKCS12 Certificate

Obtaining a Shared Secret Key Pair
- Creating a Shared Secret Key Pair
- Testing the Shared Secret Key Pair

Constructing Messages Using JSON Web Tokens
- Elements of a JSON Web Token Message
- Generating the Token Header
- Generating a Hash of the Claim Set
- Generating the Message Body
- Generating a Token Signature
- Generating a JSON Web Token

Constructing Messages Using HTTP Signature Security
- Elements of an HTTP Message
- Generating a Hash of the Message Body
- Generating the Signature Hash
- Updating Header Fields

Enabling Message-Level Encryption
- Message-Level Encryption Using JSON Web Tokens
- Message-Level Encryption Using HTTP Signature Authentication

Going Live
- Creating a Merchant ID
- Activating your Merchant ID

On This Page

REST API

Elements of a JSON Web Token Message

A JWT Message is built with the following elements:

Headers

These headers must be included in your message:

v-c-merchant-id: Your Cybersource organization ID.
Date: The date of the transaction in the RFC1123 format. (Thu, 18 Jul 2019 00:18:03 GMT)
Content-Type: Also known as the Multipurpose Internet Mail Extension (MIME) type, this identifies the media or file type of the resource. (application/json)
kid: The ID of the key used to digitally sign the JWT. The Key ID (kid) must be registered with the authorizing server.
Host: The transaction endpoint. (https://api.cybersource.com)
alg: Algorithm used to sign the token header.

Body

The message body. For more information on setting up the body, see Generating a Hash of the Message Body.