From 392335a966416b71f22f216b7571c74262d5217d Mon Sep 17 00:00:00 2001 From: AmitScriptsHub Date: Tue, 24 Mar 2026 20:46:27 +0530 Subject: [PATCH] Fix incorrect JWT claim name for Response MLE KID MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The JWT token generated for Response MLE includes the claim name "v-c-response-mle-kid" but the CyberSource server expects "v-c-api-response-mle-kid". This mismatch causes the server to reset the connection (ECONNRESET) on POST requests when Response MLE is enabled. File: src/authentication/jwt/JWTSigToken.js (line 57) Change: "v-c-response-mle-kid" → "v-c-api-response-mle-kid" Without this fix, any merchant enabling Response MLE with the Node SDK v0.0.75 will get ECONNRESET on all POST/PUT/PATCH requests (payments, refunds, etc). GET requests are unaffected as they don't include this claim. Tested and confirmed working with: - PaymentsApi.createPayment (POST /pts/v2/payments) - MicroformIntegrationApi.generateCaptureContext (POST /microform/v2/sessions) - CustomerPaymentInstrumentApi.getCustomerPaymentInstrumentsList (GET) --- src/authentication/jwt/JWTSigToken.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/authentication/jwt/JWTSigToken.js b/src/authentication/jwt/JWTSigToken.js index cfb2d7ef..fe2d6749 100644 --- a/src/authentication/jwt/JWTSigToken.js +++ b/src/authentication/jwt/JWTSigToken.js @@ -54,7 +54,7 @@ exports.getToken = function (merchantConfig, isResponseMLEForApi, logger) { if (isResponseMLEForApi === true) { const responseMleKID = MLEUtility.validateAndAutoExtractResponseMleKid(merchantConfig, logger); // Using bracket notation for property name with hyphens - claimSetJson["v-c-response-mle-kid"] = responseMleKID; + claimSetJson["v-c-api-response-mle-kid"] = responseMleKID; } const customHeader = {