API Connectivity Options
API connectivity ensures issuers can receive and respond to RDX requests.
RDX solutions require network configurations to successfully deliver API requests to the partner. Issuers should review this content for available connectivity options and requirements to implement RDX for their specific solutions.
Points to Remember:
- VCAS Test Account will use TLS to secure the connection
- VCAS Test Account will need to provide a public certificate from a VCAS-trusted certificate authority (certificates cannot be self-signed)
- VCAS will provide IP addresses which the Test Account will need to trust
- VCAS Test Account will provide fully qualified URL and port for staging and production
- VCAS will connect to one (endpoint) located at VCAS Test Account
API Endpoint/URL Creation
Partners will need to create full path URLs to be used to receive API requests from VCAS. Please note that VCAS cannot accept IP addresses in lieu of URLs. Examples are shown below:
If implementing RDX, it is suggested that issuers create one endpoint for every API call to be implemented. This may reduce the processing logic required on the backend when implementing the Step Up, InitiateAction, Validate, and Risk calls.
Firewall Configurations
Partners will need to trust list VCAS IP addresses in order to allow API requests to pass through firewalls:
Current:
• 198.217.252.0/24
• 198.217.253.0/24Future:
• 198.241.177.0/24
• 198.241.169.0/24
VCAS will send API requests through port 443 by default. If this needs to change, please let your VCAS Implementation Manager know so configurations can be implemented correctly.
Certificate Exchange
As part of the RDX implementation, certificates need to be exchanged between the partner and Cardinal. This exchange facilitates a network handshake required to pass through the API requests. VCAS offers the following connectivity approaches depending on the needs of the partner:
Connectivity Options
Mutual TLS/Two-way Authentication (MTLS)
Additional Resources
Refer to the VCAS Cardinal Signed RDX Certificate Update for more information.
Updated about 2 months ago