I am in the middle of integration zuora apis with my application. These are the below 3 three apis I am using through following steps -
Step 1 Requesting for auth token
Service api (Test)- https://rest.apisandbox.zuora.com/oauth/token
Request Headers - Content-Type:application/x-www-form-urlencoded
Authorization:Basic YWYzNTg5ZWMtNTFmMC00YTc2LWFlZjEtYjk0YzZmYWE0Y2ViOlJDdGV5OGlTWFFUc00xQytTPTFYWD1POE9tRWM1c0FBWVBaaE5vV24=
Request Body - grant_type:client_credentials
Response Body - {
"access_token": "41947f41d664437a98a9da38a293c89d",
"token_type": "bearer",
"expires_in": 3598,
"scope": "entity.a083d63b-b3f5-8626-f793-65cec903f9ca platform.write service.events.read service.events.write service.genesis.read service.genesis.write service.notifications.read service.notifications.write service.usage.delete service.usage.update service.usage.write tenant.41231 user.2c92c094738e5b090173902066c201ba",
"jti": "41947f41d664437a98a9da38a293c89d"
}
Use access_token or jti value from auth token response and pass it on to the headers parameters as Authorization: Bearer
Step 2 : - Request for hmac-signatures for making payment
Service api (Test) - https://rest.apisandbox.zuora.com/v1/hmac-signatures
Request Headers - Content-Type:application/json
Authorization:Bearer 41947f41d664437a98a9da38a293c89d
Request Body - {
"accountKey": "A00000485",
"method": "POST",
"uri": "https://rest.apisandbox.zuora.com/v1/payment-methods/credit-cards"
}
Response Body - {
"signature": "MDgzN2ZkYjAzOTQ5NmQ5NDQyZjc5YTU3NjUwMDgxOGIxNTY3YWM2Mw==",
"token": "C41mzDTudB2uc0Jc6vwrhQGvwq3JTxsF",
"success": true
}
The signature needs to be added in Make Payment header asSignature:MDgzN2ZkYjAzOTQ5NmQ5NDQyZjc5YTU3NjUwMDgxOGIxNTY3YWM2Mw== The token needs to be added in Make Payment header as Token:C41mzDTudB2uc0Jc6vwrhQGvwq3JTxsF
Step 3:- Make payment request –
Service Api - https://apisandbox-api.zuora.com/rest/v1/payment-methods/credit-cards
Headers Parameters – Host:apisandbox-api.zuora.com Signature:MDgzN2ZkYjAzOTQ5NmQ5NDQyZjc5YTU3NjUwMDgxOGIxNTY3YWM2Mw== Token:C41mzDTudB2uc0Jc6vwrhQGvwq3JTxsF Content-Type:application/json Origin:www.test.gov.uk Cache-Control:no-cache
Request Parameters – {
"defaultPaymentMethod": true,
"cardHolderInfo": {"addressLine1": "77 Fallon Glen", "addressLine2": "", "zipCode": "94020", "state": "California", "phone": "4155551234", "country": "USA", "cardHolderName": "Bill Thiebault", "city": "Fremont", "email": "bill@testaddress.com"}, "expirationMonth": "10", "accountKey": "A00000485", "creditCardType": "Visa", "expirationYear": "2021", "creditCardNumber": "4012888888881121", "securityCode": "123" }
Response Body – {
"success": true,
"**paymentMethodId": "2c92c0fb73ad855c0173b8c3316b36a1"**
}
When I use the same steps using postman I am able to get a success response. And the Payment Method id is also getting generated. Using java client the first two services are being executed. But the issue appears when I hit the request for Payment-Method / credit cards, It always returns - { "success" : false, "processId" : "84AD9CF25EC6623A", "reasons" : [ { "code" : 90000011, "message" : "this resource is protected, please sign in first" } ] }
Please suggest me if I missed anything here.