I am attempting to POST using Postman to the Cybersource Simple Order API, but it comes back with a no header error when doing so. What am I doing wrong here? Since the merchant ID is used as the username, what is used as the password, should this be the Simple Order transaction processing key?
Posting the following XML data to the test endpoint (https://ics2wstesta.ic3.com/commerce/1.x/transactionProcessor):
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>merchantname</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile1.0#PasswordText">key</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<requestMessage xmlns="urn:schemas-cybersource-com:transaction-data-1.150">
<merchantID>merchantname</merchantID>
<merchantReferenceCode>12345678912</merchantReferenceCode>
<recurringSubscriptionInfo>
<subscriptionID>12345678901234567890</subscriptionID>
</recurringSubscriptionInfo>
<paySubscriptionDeleteService run="true"/>
</requestMessage>
</soapenv:Body>
</soapenv:Envelope>
You have a small error in your namespaces. You missed a "-".
oasis-200401-wss-wssecurity-secext1.0.xsd
should be
oasis-200401-wss-wssecurity-secext-1.0.xsd
and
oasis-200401-wss-username-token-profile1.0#PasswordText
should be
oasis-200401-wss-username-token-profile-1.0#PasswordText