Setup SOAP Connector for Comdata Credit Card Services

It came to my attention that comdata has an SOAP Api available for their customers. I finally was able to get it working so hopefully this is helpful for someone.

Here are all the tools I used to achieve my goal however Postman is probably all you need (I liked SoapUI):

• SoapUI
• Postman
• Wizdler
• Comdata Resource Center
  • Comdata Web Services 2.1

SoapUI

Open SoapUI and click File>New Project

For the Initial WSDL field paste the link from the Comdata documentation and make sure Create sample requests is checked and click OK

https://api.iconnectdata.com/FleetCreditWS/services/FleetCreditWS0200/wsdl/FleetCreditWS0200.wsdl

Next expand inquireCardV02 and double click Request 1

On the right you will then see all the options available for that function

We can then look at the documentation and see for this function what elements are required and optional

The above information can be found in your online portal

Here is an example with some of the info

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:main="http://fleetCredit02.comdata.com/maintenance/">
   <soapenv:Header/>
   <soapenv:Body>
      <main:CardInquiryRequestV02>
         <accountCode>XXXXX</accountCode>
         <customerId>XXXXX</customerId>
         <cardIdentifierType>E</cardIdentifierType>
         <cardIdentifier>XXXXX</cardIdentifier>
         <maskCardFlag>Y</maskCardFlag>
      </main:CardInquiryRequestV02>
   </soapenv:Body>
</soapenv:Envelope>

Next we need to generate a proper security header for authorization

There is a lot of information in this picture so I will explain below the image

1. Double click the name of your project folder
2. Click the tab that says WS-Security Configurations
3. Click the Tab called Outgoing WS-Security Configurations
4. Click the + sign and name the configuration Username
5. Select Username
6. Click the + to add a WSS Entry
7. Select Username in the drop down then click OK
8. For the Comdata scenario you can copy the information entered (User your username and password)

Next go back to Request 1 and click Auth in the lower left corner

In the Authorization drop down box select Add New Authorization

Select Basic as the type then click OK

Scroll down to find Outgoing WSS and select username

Click the green play button in the upper left corner and I can see in the Raw tab the Security Header has been added

Here is what just the header looks like

<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-RANDOMNUMBER">
<wsse:Username>USERNAME</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>
<wsu:Created>2023-01-19T20:23:31.994Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>

You can then take this header and add it to the body of any request you are trying to make HOWEVER be sure to change the Created date stamp

Comdata has a timeout so if you try to use the same header over and over again it will eventually not work because the time will expire so you will need to generate a new timestamp to resolve any issues due to the timeout

Wizdler (Optional)

Go to Chrome and install the Wizdler extension and then open the following url:

https://api.iconnectdata.com/FleetCreditWS/services/FleetCreditWS0200/wsdl/FleetCreditWS0200.wsdl

Click the Wizdler extension and it will show a list of available functions

I chose inquireCardV02

I then get a nice format of what options are available for that function

<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
    <Body>
        <CardInquiryRequestV02 xmlns="http://fleetCredit02.comdata.com/maintenance/">
            <accountCode xmlns="">[string]</accountCode>
            <customerId xmlns="">[string]</customerId>
            <discretionaryData xmlns="">[string]</discretionaryData>
            <trackingNumber xmlns="">[string]</trackingNumber>
            <cardIdentifierType xmlns="">[string]</cardIdentifierType>
            <cardIdentifier xmlns="">[string]</cardIdentifier>
            <maskCardFlag xmlns="">[string]</maskCardFlag>
        </CardInquiryRequestV02>
    </Body>
</Envelope>

That is about as far as I got with that extension because there is a special way you need to create the header for authorization

Postman

Coming Soon

References:

http://www.herongyang.com/Web-Services/WS-Security-SoapUI-Configuration-for-Username-Token.html

http://www.herongyang.com/Web-Services/WS-Security-SOAP-Message-Security-Extension.html

https://www.soapui.org/docs/soap-and-wsdl/authenticating-soap-requests/

https://www.soapui.org/docs/soapui-projects/ws-security/