I am doing post payment in postman with CyberSource API.I am using test api from CyberSource API developer guide. it is failing as it is giving 400 Bad Request. below is error json response -
{
"submitTimeUtc": "2025-01-17T15:28:40.598Z",
"status": "DECLINED",
"errorInformation": {
"reason": "INVALID_DATA",
"message": "Invalid Json Request"
}
}
As per CyberSource Authentication guide, message body needs to be hashed and pass in header. I am doing all these steps in Script tab (Pre-request) of postman. but still it is failing. below is script
const secretKey = "<shared-secret-key>";
const httpMethod = request.method;
const resourcePath = "/pts/v2/payments";
const date = new Date().toUTCString();
const host = "apitest.cybersource"; // Cybersource sandbox host
let requestBody = "";
if (httpMethod === "POST" || httpMethod === "PUT") {
requestBody = pm.request.body.raw; // Get the raw request body
}
const signatureString = `${httpMethod}\n${resourcePath}\n${date}\n${host}\n${requestBody}`;
const crypto = require("crypto-js");
const hash = crypto.HmacSHA256(signatureString, secretKey);
const signature = crypto.enc.Base64.stringify(hash);
pm.request.headers.add({ key: "Date", value: date });
pm.request.headers.add({ key: "Authorization", value: `Signature ${signature}` });
and request body -
{
"clientReferenceInformation": {
"code": "TC50171_3"
},
"paymentInformation": {
"card": {
"number": "4622943127013705",
"expirationMonth": "12",
"expirationYear": "2031"
}
},
"orderInformation": {
"amountDetails": {
"totalAmount": "1",
"currency": "USD"
},
"billTo": {
"firstName": "John",
"lastName": "Doe",
"address1": "1 Market St",
"locality": "san francisco",
"administrativeArea": "CA",
"postalCode": "94105",
"country": "US",
"email": "[email protected]",
"phoneNumber": "4158880000"
}
}
}
and finally test api used -
in addition to that, I am also passing merchant id in header with key - v-c-merchant-id
what I am missing in these steps.