On This Page
REST API

Test the Message

After you construct a message header and body and determine the message’s endpoint, it is time to test your message.
Before you are ready to test your message, perform a baseline test by plugging the following test values into your client. This verifies that you are getting the associated header info as well as the same signature and digest for POST or PUT. A failure indicates a client-side problem with the logic you used to generate the header.
Because the authentication information of this baseline test is invalid, it cannot be sent. You are testing only the signature and header construction logic. However, if the values you generate for the header match the following, the construction logic is sound. You can then plug in valid information and get a successful response.
The baseline test values include only the variable data and key information.

Baseline for POST Requests

The following example provides the test values for your baseline test.
Resource: /pts/v2/payments/
Host: 
apitest.cybersource.com
 
v-c-merchant-id: testmid
Date: Fri, 14 Dec 2018 00:00:00 GMT
secretKey: 0123k20MBbIB2t012345678993gHCIZsQKFpf7dR0hY=
keyID: 01234567-0123-0123-0123-012345678912
Body:
{
  "clientReferenceInformation": {
    "code": "TC50171_3"
  },
  "processingInformation": {
    "commerceIndicator": "internet"
  },
  "paymentInformation": {
    "card": {
      "number": "4111111111111111",
      "expirationMonth": "12",
      "expirationYear": "2031",
      "securityCode": "123"
    }
  },
  "orderInformation": {
    "amountDetails": {
      "totalAmount": "102.21",
      "currency": "USD"
    },
    "billTo": {
      "firstName": "John",
      "lastName": "Doe",
      "company": "Visa",
      "address1": "1 Market St",
      "address2": "Address 2",
      "locality": "san francisco",
      "administrativeArea": "CA",
      "postalCode": "94105",
      "country": "US",
      "email": "test@cybs.com",
      "phoneNumber": "4158880000"
    }
  }
}
The following example shows the resulting header information from your baseline test.
v-c-merchant-id: testmid
Date: Fri, 14 Dec 2018 00:00:00 GMT
Host: 
apitest.cybersource.com
 
Digest: SHA-256=a/goIo1XUCr80rnKFCWp7yRpwVL50E9RaunuEHh11XM=
Signature: keyid="01234567-0123-0123-0123-012345678912", 
algorithm="HmacSHA256", headers="host date (request-target) digest v-c-merchant-id", 
signature="SV0OVjBmO3ThK9P4CV5TaR4D/efXCVqbsE84doMdhA8="
The following example shows the signature parameter components.
host: 
apitest.cybersource.com
 
date: Fri, 14 Dec 2018 00:00:00 GMT
(request-target): post /pts/v2/payments/
digest: SHA-256=a/goIo1XUCr80rnKFCWp7yRpwVL50E9RaunuEHh11XM=
v-c-merchant-id: testmid
The following example shows the resulting endpoint.
https://apitest.cybersource.com
/pts/v2/payments/

Baseline for GET Requests

The following example provides the test values for your baseline test.
Resource: /tss/v2/transactions/
Host: 
apitest.cybersource.com
 
v-c-merchant-id: testmid
Date: Fri, 14 Dec 2018 00:00:00 GMT
requestID: 0123456789012345678901
secretKey: 0123k20MBbIB2t012345678993gHCIZsQKFpf7dR0hY=
keyID: 01234567-0123-0123-0123-012345678912
The following example shows the resulting header information from your baseline test.
v-c-merchant-id: testmid
Date: Fri, 14 Dec 2018 00:00:00 GMT
Host: 
apitest.cybersource.com
 
Signature: keyid="01234567-0123-0123-0123-012345678912", 
algorithm="HmacSHA256", headers="host date (request-target) v-c-merchant-id", 
signature="L7Z0LN4nP8er30DanPYNSPgZitVtCt9dubNFJhZoGHk="
The following example shows the signature parameter components.
host: 
apitest.cybersource.com
 
date: Fri, 14 Dec 2018 00:00:00 GMT
(request-target): get /tss/v2/transactions/0123456789012345678901
v-c-merchant-id: testmid
The following example shows the resulting endpoint.
https://apitest.cybersource.com
/tss/v2/transactions/0123456789012345678901