3

I'm trying to update a session with card info.

I'm following this guide:

https://ap-gateway.mastercard.com/api/documentation/apiDocumentation/rest-json/version/51/operation/Session%3a%20Update%20Session.html?locale=en_US

In the section "Update session", it says:

You can request to add or update request fields contained in the session.

Using Postman, i set the

Authorization: Basic Auth as 'merchant.{your gateway merchant ID}' in the username portion and your API password in the password portion.

Url:"https://ap-gateway.mastercard.com/api/rest/version/51/merchant/{merchantId}/session/{sessionId}"

Method: PUT

Body: "raw" as JSON, like so:

{
    "sourceOfFunds":{
        "provided":{
            "card":{
                "nameOnCard":"Joseph",
                "number":"5506900140100305",
                "securityCode":"100",
                "expiry":{
                    "month": "05",
                    "year": "21"
                }
            }
        }
    }
}

Issue: Getting the response.

{
    "error": {
        "cause": "INVALID_REQUEST",
        "explanation": "Directly providing cardholder data is not supported. Consider using a session or token."
    },
    "result": "ERROR"
}

How I have obtained the Session id.!

I have followed this guide:

https://ap-gateway.mastercard.com/api/documentation/apiDocumentation/rest-json/version/51/operation/Session%3a%20Create%20Session.html?locale=en_US

Using Postman, i set the

Authorization: Basic Auth as 'merchant.{your gateway merchant ID}' in the username portion and your API password in the password portion.

Url:"https://ap-gateway.mastercard.com/api/rest/version/51/merchant/{merchantId}/session"

Method: POST

Body: "raw" as JSON, like so:

{
   "apiOperation": "CREATE_CHECKOUT_SESSION",
   "order": {
       "currency": "USD",
       "id": "2000",
       "amount": 5
   }
}

Success: Getting the response.

{
    "merchant": "merchantId",
    "result": "SUCCESS",
    "session": {
        "id": "SESSION0002210064458I18884862F9",
        "updateStatus": "SUCCESS",
        "version": "f531053101"
    },
    "successIndicator": "4c47702b70cb4f16"
}

The session id i have received in above request has been passed to update session request.

I expected the updated session with card information but getting the error: "Directly providing cardholder data is not supported. Consider using a session or token."

Sohail Bhutto
  • 71
  • 1
  • 7

1 Answers1

-1

The error is coming because you have not enabled the tokenization for you merchantID.

You can integrate the payment gateway using the following steps: 1. Make CREATE CHECKOUT SESSION API call using the following body

    {
    "apiOperation" : "CREATE_CHECKOUT_SESSION",
    "order": {
            "amount" : "0.001",
            "currency" : "BHD",
            "id" : "3"
        },
        "interaction":{
        "operation":"PURCHASE", 
        "returnUrl":"http://www.your-success-page-url.com/",
        "cancelUrl":"http://pay.your-failure-page-url.com/"
        }
    }

Step 3: Copy the sessionID and append it at the end of the payment gateway URL and paste this URL in the browser. Example: https://gateway.mastercard.com/checkout/pay/SESSION_ID_OF_CHECKOUT_SESSION_API

Sreehari K
  • 119
  • 1
  • 5
Mayur Rathod
  • 331
  • 3
  • 11