Visa Offers Network

Start a Project Start a Project API Overview API Overview API Reference API Reference
Navigate to...
keyboard_arrow_down

Before you Begin

Before integrating with the Visa Offers Network (VON) API, ensure you have the necessary prerequisites and understand the authentication requirements. Perform the initial Visa Offers Network (VON) API setup with support from the Visa Implementation Manager.

Development Environment Setup

Ensure your development environment meets these requirements:

  • HTTPS Support – All API communications must use HTTPS/TLS 1.2 or higher (TLS 1.3 recommended).
  • JSON Processing – Your application must handle JSON request and response formats.
  • Authentication Management – Secure storage and transmission of API credentials (different services use different header names).
  • Error Handling – Robust error handling for HTTP status codes and API-specific errors with detailed field-level validation through ErrorDetail schema.
  • Rate Limiting – Implementation of retry logic with exponential backoff.

API Endpoint Structure

All VON API endpoints follow this base URL pattern:

https://sandbox.api.visa.com/von/gor-gateway/{service}/v1/{resource}

Where:

  • {service} – The specific VON service (gor-consumer-enrollment, gor-eligibility, gor-ledger, gor-offers, or gor-payout).
  • {resource} – The specific resource or operation within that service.

In the production environment, replace "sandbox" with the production URL provided during your production onboarding process. The production URL follows the same pattern and will be provided during onboarding.

API Versioning

The VON API uses URL-based versioning, where each endpoint includes the current version number in the URL path. Future API versions will be announced through the Visa Developer Center (VDC).

Authentication Headers

VON API authentication relies on client credentials provided through HTTP headers. Each VON API service uses specific authentication headers.

Clients must use X-GOR-API-KEY and X-GOR-SHARED-SECRET, along with the applicable headers listed in this table, for proper authentication and authorization.

Header Name Used By Required Example
X-GOR-CLIENT-ID Offers Service Yes X-GOR-CLIENT-ID: your-client-id-here
X-GOR-CLIENT-ID Consumer Enrollment Service Yes X-GOR-CLIENT-ID: your-client-id-here
EX-CORRELATION-ID Ledger Service No EX-CORRELATION-ID: unique-request-id-123
clientId Payout Service Yes clientId: your-client-id-here

Response Format

All API responses use JSON format and include appropriate HTTP status codes. Successful responses return relevant data objects, while error responses provide detailed error information including error codes, messages, and field-specific details when applicable.

The standard response header is Content-Type: application/json.

Prerequisites

Before using the Visa Offers Network (VON) API, ensure you have an active Visa Developer Center (VDC) account and the required VON-specific permissions.

  1. Register for a VDC account at developer.visa.com if you do not already have one.
  2. Request access to the VON API product through your VDC dashboard. Access approval may require additional business verification and use case documentation.
  3. Obtain your client credentials including your unique Client ID for API authentication. The Client ID is required for authentication but uses different header names depending on the service. For example, X-GOR-CLIENT-ID for Consumer Enrollment and Offers Services, and clientId for Payout Service. The Ledger Service does not require authentication headers, though it accepts an optional EX-CORRELATION-ID for request correlation. Client IDs are unique to your application and must not be shared between different applications or environments.
  4. Review and understand the VON business model and compliance requirements. VON implementations must comply with Visa's terms of service and applicable regulations.
  5. Set up your development environment with HTTPS support and JSON processing capabilities. All VON API communications must use HTTPS. Ensure your application can handle JSON request and response formats.

After completing these prerequisites, you will have the necessary access and credentials to begin integrating with the VON API in the sandbox environment. Next, configure sandbox access to test your integration before moving to production.

Sandbox Access

Configure access to the Visa Offers Network (VON) sandbox environment for testing and development.

  1. Access the Visa Developer Center (VDC) dashboard at developer.visa.com.
  2. Navigate to your VON API project and locate the sandbox credentials section. Sandbox credentials are separate from production credentials and must only be used for testing.
  3. Configure your application to use the sandbox base URL (https://sandbox.api.visa.com). All VON API endpoints use this base URL in the sandbox environment.
  4. Update your authentication configuration to use your sandbox client ID. The sandbox client ID is different from your production credentials. Different VON services use different authentication header names.
  5. Test your connection by making a simple API call to verify authentication and connectivity. Consider starting with a GET request to test basic connectivity before implementing more complex operations.

Your application is now configured to use the VON API sandbox environment for development and testing. You can now make your first API call to test the integration functionality.