How to Use Visa Pay

Learn how to set up the main Visa Pay API processes for adding cards, approving transactions, and managing tokens.

This section gives you a simple overview of the steps you need to access the APIs and make calls to Visa Pay.

Visa Pay API operates through four essential processes that handle authentication, account management, credential oversight, and payment processing.

  • API Authentication
  • Signing up new Visa Pay accounts
  • Managing enrolled Visa Pay Credentials throughout their lifetime
  • Authorization handling for payment processing

Authentication Workflows

Option 1: Basic Authentication (Sandbox)

  1. Create access keys in the Control Center and save the server key and server secret.
  2. Send a POST request to /v2/s2s/access-token with your server credentials.
  3. Store the returned access token and refresh token securely.
  4. Use the access token for verified requests to Visa Pay API endpoints.

Option 2: OpenID Authentication (Production)

  1. Create a JWT token signed by your client login information.
  2. Send a POST request to /v1/oauth2/token with your JWT in the request body.
  3. Extract the access token, refresh token, and expiration time from the response.
  4. Include the access token in the Authorization header for future API calls.

Enrollment Workflow

  1. Prepare sign-up data including program ID, wallet information, and token requests.
  2. Send POST request to /v1/enroll with sign-up information.
  3. Store the returned enrollment ID for future reference.
  4. Check sign-up status using GET /v1/enrollments/{externalId} endpoint.

Token Management Workflow

  1. Identify tokens requiring status updates (block, unblock, cancel).
  2. Send PATCH request to /v1/enrollments/{externalId}/tokens/{token_id}/status.
  3. Verify token status change in the response.

Transaction Approval (Webhook) Workflow

  1. Provide a Webhook URL that Pismo will call for each authorization API request.
  2. If certificate-based authentication is needed, share public key with Visa Pay.
  3. Configure required processing for MTI codes and available Response codes.
  4. Test authorization in Sandbox environment with mock data using /v1/simulate.
  5. Parse the JWT to verify and approve the request.
  6. Process authorization response and handle approval or decline scenarios.

Post Process Considerations

What successful implementation gives you: 
  • Seamless card enrollment experience.
  • Real-time transaction processing capabilities.
  • Comprehensive token lifecycle management.
  • Secure payment authorization.
After implementing core workflows: 
  • Implement comprehensive error handling.
  • Set up transaction monitoring and logging.
  • Test all workflows in the sandbox environment.
  • Prepare for production deployment.