An outbound call is an HTTP callback. A project created with certain APIs on Visa Developer enables you to register the URLs on which you want to listen to the events. The callback triggers an HTTP POST to the configured URL when an event occurs. The client notified on the URL has the flexibility to take appropriate action on the notification.
Note: The outbound configuration is supported only over Two-Way SSL (Mutual Authentication). In order to configure an outbound configuration, you must be a registered user and have either config-only or full access to the product.
To setup an outbound callback:
Once your outbound callback configuration is approved for a project, Visa Developer issues an HTTP POST request to the URL specified every time an associated event is triggered. The request's (outbound call) POST parameters will contain XML/JSON data relevant to the event that triggered the request.
You can edit the submitted configuration only after it has been approved by the Visa admin. Select the "Details" option available for your outbound callback configuration and select an "Edit" option (pencil icon), which will allow you to edit the "Domain" and "Path." After you modify the "Domain" parameter, Visa will be notified of it and will review the request for approval. The configuration in the interim will be in “Pending” state. Post Visa approval, the configuration state is updated to “Approved” at which point the configuration is live.
Note: If you only change the "Path" parameter, it will not require a re-approval from Visa.
Visa may reject your submitted outbound configuration if there is an issue in verification. If rejected, you will see the configuration in “Rejected” state on Visa Developer and rejection comments will be available under "Details."
Two-Way SSL (Mutual Authentication) requires certificate exchange for the client and server to identify themselves and establish a tunnel.
For Sandbox:
Note: Visa recommends clients validate our server certificate by root or intermediate certificate rather than by the leaf certificate itself. This will minimize possible service impacts when we renew our server certificate.
Note: Clients are responsible for renewing their certificates before they expire. Visa does not store your certificate and thus will not be able to alert you regarding its validity or upcoming expiration.
Visa Developer allows you to test your outbound callback configuration and verify that the URL is reachable by sending a test payload.
Click on "Test Outbound," which will send a payload to your application hosted at the URL specified, and your application response will be displayed on the test modal. Response would be either 200 Ok or 5xx error from your application.
Note: For the certification and production environment, the outbound callback configuration can only be added after your project is promoted to the environment.
To verify and activate an outbound callback configuration, consider the following:
You can de-activate an active outbound callback configuration anytime from Visa Developer.
Note: The outbound callback configuration status remains “Approved” and only state changes to “Active”/”Inactive” via the toggle.
As your outbound callback configuration is activated and the state reflects as "Active", you can proceed to test the same using "Ping Test."
To edit an outbound callback configuration:
You can now proceed for testing the new configuration via "Ping Test" option.
To delete an outbound callback configuration, contact your Visa representative.
Visa Admin will need to initiate the configuration deletion on your behalf. The SLA to complete a deletion is 3-4 days. You will not be able to submit a new outbound callback configuration until your delete request has entered the "Pending" state.
Visa has the right to reject an outbound callback configuration submitted by you if it finds that domain is not valid or it is not owned by you. Visa will provide rejection comments which will be visible to you on the Developer portal in “Comments” field under “Details” modal.
The configuration status will be "Rejected" on Visa Developer dashboard.
You can correct the callback URL (domain/path) using the "Edit" option and re-submit the configuration.
The configuration will again undergo verification by Visa.
For the configuration setup to work: