Frequently Asked Questions

  • How do I fix registration/login issues?
  • Here are some tips to resolve problems with logging in and registering at the Visa Developer Center.

    Email Confirmation Issues

    When you register at the Visa Developer Center, you will need to confirm your email address. In some cases, the email might get caught in a spam filter and you won't receive the email to complete your registration. You can always send yourself another email by going to: the Visa Developer Center > Login. This will send out another email confirmation message to your registered email address. From there, you can confirm your email and login with your email address as your user ID, and use your established password.

    Password Resets

    If you are having issues with login, you can also reset your password by going to: Visa Developer Center > Login. This will allow you to change your password through an email delivered to your inbox.

    Account Lockouts

    If you enter an incorrect password several times, your account will be locked out and you will be forced to reset your password to get back into your account. You can reset your password by going to Visa Developer Center > Login. This will allow you to change your password through an email delivered to your inbox.

  • How do I create and submit a Certificate Signing Request for Two-Way SSL authentication?
  • The Certificate Signing Request (CSR) is a prerequisite to get your project certificate (cert.pem), which is required to establish a Two-Way SSL connection. Additionally, you will need a root certificate (VICA-SBX.pem) and your private key.

    To generate a CSR to use in the sandbox, you have two options:

    • Visa generates a CSR for you
    • Generate your own CSR

    For details, refer to Getting Started > Testing Connectivity and Authentication. This section describes how to obtain a private key, client certificate, and Visa Developer certificate authority root certificate, as well as how to bundle the certificates into keystores, using Java keytool or OpenSSL.

  • How do I fix issues with my test credentials?
  • To fix issue with your test credentials:

    1. Verify the client certificate being used in the certificate chain with the following command:
      OpenSSL> verify -verbose -CAfile VICA.pem client.pem
      You should receive:
      client.pem: OK
    2. Check the contents of keystore by using the following command:
      keytool -list -keystore <JKS_File_Path>
      The above command displays the three entries related to Visa Developer as following:
      • Single Private key entry. The private key entry comprises of environment private key and the environment client certificate. The private key should be the same that the client has used for generating Certificate Signing Request for the requested environment. Please ensure that the correct environment certificates are being used.
      • Visa Development Platform Intermediate Certificate.                          
      • Visa Development Platform Root Certificate

    You can download all these three certificates from the project details page under the appropriate environment (for example, Certification or Production) tab.

  • How do I fix connectivity issues with Authentication for API Requests?
  • The easiest way to troubleshoot connectivity issues is to use the SOAPUI tool. Refer to Testing Two-Way SSL Connectivity Using SOAPUI section in Getting Started > Two-Way SSL that includes steps to access the helloworld project. This is the fastest way to test your access credentials and to create sample HTTP requests that work. Once you get your SOAPUI connection to work, review the raw HTTP request – you will get the exact value of an encoded username and a password that works. You can then compare the working value with the value you generate in your IDE.

  • What endpoints should I use during the development and testing process?
  • Use the following endpoints for:

    • Sandbox:
    • Projects requiring testing in the Certification environment:
    • Production:
  • How do I fix connectivity issues with the from the Data Power?
  • To fix the connectivity issues with the Sandbox: from the Data Power:

    1. Create a project
    2. Download the private key during project creation
    3. Get your API credentials
    4. Download the GeoTrust Certificate and Project Certificate (cert.pem)
    5.  In the Trusted Certificates section of Data Power appliance configuration; add Geotrust.pem and sandbox.pem (Notesandbox.pem is optional and may be needed if hostname verification is enabled)
    6. Run the command for sandbox.pem 
      openssl s_client -showcerts -connect
    7. In the Client Configuration section, add the private key in the client private key field and cert.pem in the client certificate field as shown below:

  • I'm getting error from Visa Developer. How do I learn more about the error cause and resolution?
  • Refer to Visa Developer Error Codes for a detailed list of Visa Developer error codes and their descriptions.

  • I’m getting Error 401 – Unauthorized. What does this mean and how can I resolve this?
  • The 401 (Unauthorized) status code indicates that the request has not been applied because it lacks valid authentication credentials for the target resource (or endpoint). Visa Developer supports multiple authentication and authorization methods. The request could fail due to one of the following reasons:


    Common Root Causes:

    • Token is either not properly formatted or contains incorrect or incomplete information e.g. timestamp is not valid UTC timestamp
    • Token has expired
    • Token version is deprecated
    • The request contains multiple authentication token
    • The target resource does not support X-pay Token based authentication


    1. Check your Keys/API link in your VDP project to validate the Status is “Active”
    2. If “Inactive”, select the “Activate” option and confirm status is “Active”
    3. If the above is unsuccessful, try creating a new VDP project with the same API’s
    4. Verify that you have followed the required steps to generate X-Pay-Token as described in API Key - Shared Secret (X-Pay-Token) section.

    Mutual SSL

    Common Root Causes:

    • Missing Authorization header in the request
    • Authorization header is in invalid format e.g.  does not start with 'Basic'
    •  Authorization header has invalid credentials e.g. either username or password is blank or incorrect
    • Certificate Chain validation failed


    1. Check that your User Name and Password information is correct
    2. Verify that you have followed the required steps to establish Two Way SSL as described in Two-Way SSL (Mutual Authentication) section. Specifically, ensure that you have added the certificates downloaded from VDP to the keystore (for example: clientkeystore.jks) that you generated while creating the CSR.
  • I’m getting Error 403 – Forbidden. What does this mean and how can I resolve this?
  • The 403 (Forbidden) HTTP Status code indicates that this project does not have permission to access the requested resource. This can happen if you are trying to invoke API request for a resource that is not part of your project e.g. if you have created a project with Visa Direct Product but are trying to use the same credentials to access Visa Consumer Transaction Controls.


    • Ensure that you are using a project and the credential for the project which includes the API being accessed
    • Create a project and receive Sandbox credentials for the API’s being called
    • Add the API being called (if not already included) to the project with credentials that are being used
  • X-CORRELATION-ID is a unique ID that system generates for every API request and is included in the Response Headers.  If you are using SOAP UI, you can see the X-CORRELATION-ID under Response section as shown below. This is helpful for debugging purposes when you report your issues to Visa Developer (

  • How much does it cost to purchase an API?
  • Visa Developer is an open platform. There is no cost to you to develop your project using any of the Visa APIs in the sandbox. When you are ready to transition to production to use the APIs, fees may apply. Fees are evaluated by project as they are a function of many elements, including the nature of your project and your relationship with any partner.

  • Will my Sandbox credentials and or Production credentials still work after the account migration due to unification of Visa Digital Solutions platform with Visa Developer Center?
  • Yes, your sandbox credentials would still work.  You do not need to create or generate new API keys for Sandbox or Production.

  • After the unification of Visa Digital Solutions platform with Visa Developer Center, I tried to login and I was asked to activate my account. What is this?
  • As a part of migrating accounts to Visa Developer Center, for your protection we’d like you to simply revalidate your account.  You will receive an email to do so.  Just click on the link provided in the email and you’re done!

  • After the unification of Visa Digital Solutions platform with Visa Developer Center, how do I get access to my product profiles and configuration pages?
  • Your profile and configuration pages are located in your Project Dashboard via the “Configurations” link provided in the Left Navigation bar.  Once you select this option, you will see Visa Checkout or Visa Token Service listed in the main pane.  Select the accordion menu icon next to the API to reveal the links to the product specific profiles and configurations.

  • Why can I no longer select Visa Token Services during project creation?
  • Visa Token Service is a restricted product. If you’re interested in using Visa Token Service and believe you meet the requirements, please email us at

  • What has changed for promoting the project to certificate or production environment?
  • Visa Developer has a new user experience for progressing a project from the sandbox environment through certification (if applicable) and to production. The new process is called Going Live. For details, refer to Going Live with Visa Developer.

  • Why did Visa change the project promotion process?
  • Visa is responding to client requests to remove friction from the onboarding process and to make the client journey to go live more transparent and clear.

  • Has the process to register a developer user account changed due to new project promotion process?
  • No, the process to register a developer user account has not changed.

  • What is different when I log in now to Visa Developer?
  • When you log in, you will be taken to the dashboard where you will see all your existing projects, if any. There is no change to the dashboard. 

  • Has the Project Summary page changed?
  • Yes, the Project Promotion icon on the left navigation has changed to a Going Live icon. There are newly designed screens with detailed instructions for completing the going live process. You will also be able to see status icons to indicate the environment you are in and if a step is in progress or completed.

  • What does “Going Live” mean?
  • When you have completed testing in the sandbox and are ready to request credentials for either the certification or production environment, you will need to follow a new set of steps that will allow you to easily submit the information required.  The new process is called Going Live. For details, refer to Going Live with Visa Developer

  • What happens to the projects that are in the promotion process currently? Do I need to start over again?
  • Projects that are currently in the process of promotion will not be impacted. Data associated with a project will be migrated to the new flow. You do not have to start over and you do not have to take any action. 

  • Do any of my existing projects get impacted because of the new "Going Live" process?
  • Existing projects will continue to be available in your dashboard. When you are ready to move to the next environment, follow the new process as described in Going Live with Visa Developer.

  • Can all certificate types be renewed?
  • Yes, you can renew sandbox, certification, and production certificates for a project. 

    A: Yes, you can renew sandbox, certification, and production certificates for a project. 

  • How do I know when my sandbox certificates expire?
  • When sandbox certificates expire, you will see a notification in the Credentials section of your dashboard.

  • How do I renew my sandbox certificate?
  • You will have an option to “Get New Certificate” in the Credentials section of your dashboard. You will be guided through the workflow to request a certificate.

  • Why did I not receive an email notification that my sandbox certificate expired?
  • Expiration notifications are sent for projects that have been promoted to certification and production environments only.

  • Will I receive an email notice in advance of certificate expiration?
  • For projects that have been promoted to the certification or production environments only, Visa Developer will send email notifications at predetermined intervals, to the “owner” (full access) registered users for the project.

  • What are the intervals at which a client will be notified by email?
  • Notifications will be sent 120, 90, 60, 30, 15 and 7 days prior to expiration. 

  • How do I know when my certification or production certificates expire?
  • You will see this information in a new status column on the dashboard indicating either “Certificate Expired” or “Certificate Expiring”. 

  • Why am I not seeing certificate renewal options?
  • The new workflow is enabled 120 days prior to a certificate expiring.

  • What is the duration of certificates?
  • Mutual SSL certificates are issued for 27 months. 

  • When the new certificate is available in SBX, are the user id and password also new?
  • Yes. In sandbox, certification and production the new certificate will come with a new user id and password.

  • We are getting an “Access Denied” message when trying to connect to sandbox. How should I address this?
  • Your sandbox certificate has expired. Navigate to the Credentials section of your dashboard to the “Get New Certificate” link.

  • Can you help me understand how does the payment ecosystem works?
  • Please refer to Payology that provides a crash course about payments (and more). There are four easy-to-follow modules:

    • Module 1: Who’s who, and what do they do?
    • Module 2: How the payment businesses make money
    • Module 3: Making payments happen at the point of sale
    • Module 4: Making payments innovation come alive

    Each module offers up visual slides, storytelling narratives and helpful videos from industry-specific mentors, who explain what they wish they’d known before taking a deep dive into the payment ecosystem. For example, developers can’t avoid Payment Card Industry (PCI) compliance, but it can help them understand the ways to help smooth out the process. (If all of this sounds like gibberish, don’t fret—Payology breaks it down from start to finish to help everyone—from the money spender to the money receiver—understand the different parts of the payment web).

    Payology is produced by industry expert The work is sponsored by the Visa Developer platform to help clients, partners and developers accelerate innovation.

  • My Visa Developer account is disabled. How do I enable it?
  • Please contact Visa Developer Support at to enable your account. 

Looking for term definitions ? See the Glossary.

Can't find what you're looking for?

Ask the Community

Need to talk to Visa?

Contact Us