Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      


Updated on February 9, 2022

Verifi Order Insight includes the Authorization and x-verifi-issuer headers with every request. The x-verifi-issuer header contains the issuer ID that is assigned by Verifi, whereas the Authorization header contains the word Bearer that is followed by a space and an encoded JSON Web Token (JWT).

The JWT header and payload are signed with the symmetric-key based HMAC SHA256 algorithm, using the secret obtained from Verifi. Because the standard Pega JWT feature uses an asymmetric key-based HMAC signature instead of a symmetric key-based signature, the GenerateJWT custom function was created. The function takes the header, payload, and secret as input parameters. The JWT header and payload should be signed with the symmetric key-based HMAC SHA256 algorithm, using the secret obtained from Verifi.

The CreateInsightRequest data transform and InvokeSetInsightOutcome activity reference the GenerateJWT data transform before the invocation of the respective services. The request configuration and signature generation settings are obtained from the D_VerifiOIConfigurationDetails data page and are passed along with the required Authorization element in the header of every service request.

For more information about how to configure Verifi Order Insight authentication settings, see the Pega Smart Dispute for Issuers Implementation Guide that is available on the Pega Smart Dispute for Issuers product page.


The following table details an example of a complete authorization header that is generated by the GenerateJWT function.

JWT Payload
Signed and encoded using a secret of mysecret
Complete HTTP header
Authorization: Bearer

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us