Troubleshooting ONDC Seller NP 428 Error In On_search API
Introduction
Hey guys! Ever run into a snag while testing your ONDC seller integration? Specifically, a pesky "status": 428 error when hitting the on_search API? You're not alone! This article dives deep into diagnosing and resolving this issue, using a real-world example from a developer testing Tripxoxo's seller integration on the ONDC workbench. We'll break down the error, explore potential causes, and provide a comprehensive guide to help you get back on track. Let's get started and make sure your ONDC integration runs smoothly!
Understanding the Issue
Type of Issue
This is primarily a question/clarification type of issue. The user is seeking to understand why they are receiving a 428 error and how to resolve it.
Summary of the Problem
The core issue is that the Tripxoxo seller integration, when tested on the ONDC workbench, returns a 428 error for the on_search API. This error indicates that the server requires the request to be conditional. In simpler terms, the server expects some kind of pre-condition to be met before processing the request. This could be due to a missing session, an inactive flow, or other authentication/authorization issues. The error message specifically states: "no session or active flow found for: url - https://dev-booking.tripxoxo.com which acts as a BPP."
Detailed Analysis of the Error
To truly grasp what's going on, let's dissect the error message and the context surrounding it. The 428 status code itself is a crucial piece of information. According to HTTP specifications, this code signifies that the server requires the request to be conditional. This often occurs when the server needs some form of session information or an active flow to be present before it can fulfill the request. In the context of ONDC, which involves complex interactions between multiple parties (Buyer App, Buyer App Provider, Seller App, Seller App Provider), maintaining a proper session and flow is paramount.
Now, let's break down the specific error message: "no session or active flow found for: url - https://dev-booking.tripxoxo.com which acts as a BPP." This tells us exactly where the problem lies - the BPP (Seller App Provider) at the given URL. The server is unable to find either a valid session or an active flow associated with the request. This can happen for several reasons:
- Session Timeout: The session on the BPP side might have expired due to inactivity.
- Incorrect Session Management: The session might not be properly initiated or maintained between the BAP (Buyer App Provider) and the BPP.
- Flow Interruption: The expected sequence of API calls in the ONDC flow might have been disrupted, leading to an inactive flow.
- Authentication Issues: There could be problems with the authentication mechanism between the BAP and BPP, preventing the session from being established correctly.
- Configuration Errors: Incorrect configurations on either the BAP or BPP side can lead to session and flow management issues.
Understanding these potential causes is the first step in troubleshooting the 428 error. Next, we'll delve into the specific request and response to see if we can pinpoint the exact culprit.
Examining the Request and Response
The Request
Here's the curl request that triggers the error:
curl -X POST 'https://workbench.ondc.tech/api-service/ONDC:TRV14/2.0.0/buyer/on_search' \
-H 'Content-Type: application/json' \
-d '{
"context": {
"location": {
"country": {"code": "IND"},
"city": {"code": "std:011"}
},
"domain": "ONDC:TRV14",
"timestamp": "2024-06-26T04:43:16.000Z",
"bap_id": "staging-automation.ondc.org",
"transaction_id": "cf7bb367-c820-4bc9-9be8-f548e0bbf222",
"message_id": "84e573df-0f06-449b-9f02-7bf1f1694d83",
"version": "2.0.0",
"action": "on_search",
"bap_uri": "https://workbench.ondc.tech/api-service/ONDC:TRV14/2.0.0/buyer",
"ttl": "PT30S",
"bpp_id": "dev-booking.tripxoxo.com",
"bpp_uri": "https://dev-booking.tripxoxo.com"
},
"message": {
"catalog": {
"descriptor": {
"name": "India tourism Jijo",
"long_desc": "Online ticket booking service",
"images": [
{"url": "https://api.unreserved-entry-pass.com/logos/logo.ico", "size_type": "xs"}
]
},
"providers": [
{
"id": "P1",
"descriptor": {
"name": "India tourism",
"short_desc": "Online Ticket Booking Service",
"images": [
{"url": "https://api.unreserved-entry-pass.com/sites/default/files/event/logo/event_logo_2.png", "size_type": "xs"}
]
},
"categories": [
{"descriptor": {"name": "Culture & Heritage", "code": "CULTURE_HERITAGE"}, "id": "C1"},
{"descriptor": {"name": "Standard"}, "parent_category_id": "C1", "id": "C2"},
{"descriptor": {"name": "Premium"}, "parent_category_id": "C1", "id": "C3"}
],
"time": {
"range": {
"start": "2024-06-14T05:30:00.000Z",
"end": "2024-06-14T23:30:00.000Z"
}
},
"locations": [
{
"id": "L1",
"gps": "28.524596, 77.185577",
"descriptor": {
"name": "Qutab Minar",
"short_desc": "Seth Sarai, Mehrauli, New Delhi, Delhi. The Qutb Minar...",
"additional_desc": {
"url": "https://api.unreserved-entry-pass.com/sites/additional-info",
"content_type": "text/plain"
},
"images": [
{"url": "https://api.unreserved-entry-pass.com/sites/images/location.png", "size_type": "md"}
],
"rating": "5"
}
},
{
"id": "L2",
"gps": "28.5244946, 77.1855177",
"descriptor": {
"name": "Red Fort",
"short_desc": "Red Fort, Mughal fort in Old Delhi...",
"additional_desc": {
"url": "https://api.unreserved-entry-pass.com/sites/additional-info",
"content_type": "text/plain"
},
"images": [
{"url": "https://api.unreserved-entry-pass.com/sites/images/location.png", "size_type": "md"}
],
"rating": "4"
}
}
],
"items": [
{
"id": "I0",
"descriptor": {
"name": "Parent Item for Culture & Heritage",
"code": "ABSTRACT",
"short_desc": "Ticket for Qutab Minar",
"long_desc": "This ticket grants entry to the Qutab Minar.",
"images": [
{"url": "https://api.unreserved-entry-pass.com/sites/default/files/event/logo/event_logo_2.png", "size_type": "xs"}
]
},
"location_ids": ["L1"],
"category_ids": ["C1", "C2"],
"time": {"label": "VALIDITY", "duration": "P2D"},
"fulfillment_ids": ["F1", "F2"],
"cancellation_terms": [
{
"cancellation_fee": {"percentage": "10"},
"fulfillment_state": {"descriptor": {"code": "CONFIRMED"}},
"cancel_by": {"label": "DURATION", "duration": "PT1H30M"},
"cancellation_eligible": true
},
{
"external_ref": {
"mimetype": "text/html",
"url": "https://api.unreserved-entry-pass.com/beckn/tnc.html"
},
"cancellation_eligible": true
}
],
"replacement_terms": [
{
"external_ref": {
"mimetype": "text/html",
"url": "https://api.unreserved-entry-pass/beckn/replacement.html"
}
}
],
"tags": [
{"descriptor": {"code": "INCLUSIONS"}, "list": [{"value": "water"}]},
{"descriptor": {"code": "EXCLUSIONS"}, "list": [{"value": "out side food"}, {"value": "photography"}]}
]
}
],
"fulfillments": [
{
"id": "F1",
"type": "VISIT",
"stops": [
{
"type": "START",
"instructions": {
"additional_desc": {
"url": "https://api.unreserved-entry-pass.com/sites/additional-info",
"content_type": "text/plain"
}
},
"time": {"timestamp": "2024-06-28T05:00:16.000Z"}
}
],
"agent": {
"organization": {"contact": {"phone": "+91-9999999999", "email": "john.doe@example.com"}}
},
"vehicle": {"category": "SITE"}
},
{
"id": "F2",
"type": "VISIT",
"stops": [
{
"type": "START",
"instructions": {
"additional_desc": {
"url": "https://api.unreserved-entry-pass.com/sites/additional-info",
"content_type": "text/plain"
}
},
"time": {
"range": {
"start": "2024-06-14T05:30:00.000Z",
"end": "2024-06-14T05:45:00.000Z"
}
}
}
],
"agent": {
"organization": {"contact": {"phone": "+91-9999999999", "email": "john.doe@example.com"}}
},
"vehicle": {"category": "SITE"}
}
],
"payments": [{
"collected_by": "BAP"
}]
}
],
"tags": [
{
"descriptor": {"code": "PAGINATION", "name": "Pagination"},
"display": true,
"list": [
{"descriptor": {"code": "PAGINATION_ID"}, "value": "P1"},
{"descriptor": {"code": "CURRENT_PAGE_NUMBER"}, "value": "1"},
{"descriptor": {"code": "MAX_PAGE_NUMBER"}, "value": "2"}
]
}
]
}
}
}' | jq
This request appears to be a standard on_search API call, containing all the necessary context and message details. The context includes information about the buyer, the transaction, and the involved parties (BAP and BPP). The message contains the catalog information, including provider details, categories, locations, items, fulfillments, and payments.
The Response
The response received is:
{
"status": 428,
"data": "no session or active flow found for: url - https://dev-booking.tripxoxo.com which acts as a BPP"
}
As we discussed earlier, this response clearly indicates a problem with session management or the active flow on the BPP side.
Troubleshooting Steps and Solutions
Okay, let's get down to the nitty-gritty! Here's a systematic approach to troubleshooting and resolving this 428 error. We will go through each probable cause and provide the most actionable solution:
1. Session Management Issues
- Problem: The most likely culprit is that the session between the BAP and BPP isn't being properly established or maintained. The BPP needs a way to identify and authenticate the incoming request as part of an ongoing session.
- Solution:
- Verify Session Initiation: Ensure that the
searchAPI is called before theon_searchAPI. ThesearchAPI initiates the flow, and theon_searchis a callback. Make sure thetransaction_idandmessage_idare correctly passed along in subsequent calls. - Check Session Timeout: On the BPP side (Tripxoxo's server), verify the session timeout configuration. If the session expires too quickly, it might be causing the 428 error. Increase the timeout duration if necessary, but balance it with security considerations.
- Review Authentication Mechanism: Confirm that the authentication mechanism between the BAP and BPP is correctly implemented. This might involve API keys, OAuth tokens, or other authentication protocols. Ensure that the BAP is providing the correct credentials with each request.
- Verify Session Initiation: Ensure that the
2. Flow Interruption
- Problem: The ONDC flow expects a specific sequence of API calls. If this sequence is interrupted, the BPP might not be able to process the
on_searchrequest. - Solution:
- Trace the API Call Sequence: Carefully trace the sequence of API calls leading up to the
on_searchcall. Ensure that all required calls (e.g.,search) are made in the correct order. - Check for Errors in Previous Calls: Examine the responses from previous API calls. If any of those calls resulted in an error, it could be disrupting the flow and causing the 428 error. Address any errors in the preceding calls first.
- Trace the API Call Sequence: Carefully trace the sequence of API calls leading up to the
3. Configuration Errors
- Problem: Incorrect configurations on either the BAP or BPP side can lead to session and flow management issues.
- Solution:
- Double-Check API Endpoints: Verify that the API endpoints configured on both the BAP and BPP sides are correct. Ensure that there are no typos or incorrect URLs.
- Review Context Parameters: Carefully review the context parameters in the request, such as
bap_id,bpp_id,bap_uri, andbpp_uri. Ensure that these parameters are correctly set and match the actual IDs and URIs of the BAP and BPP. - Validate Domain Configuration: Confirm that the domain configuration (e.g.,
ONDC:TRV14) is correctly set on both sides. An incorrect domain configuration can lead to compatibility issues.
4. BPP-Side Debugging (Tripxoxo's Responsibility)
- Problem: Since the error message indicates that the issue lies on the BPP side, Tripxoxo needs to investigate their server-side logic.
- Solution:
- Implement Detailed Logging: Add detailed logging to the BPP's server-side code. Log every API request, response, and session-related event. This will help pinpoint exactly where the session is failing or the flow is being interrupted.
- Use Debugging Tools: Utilize debugging tools to step through the code execution on the BPP side. This will allow you to examine the session state, authentication logic, and flow control in real-time.
- Check for Exceptions: Monitor the server logs for any exceptions or errors that might be occurring during the processing of the
on_searchrequest. Address any exceptions promptly.
5. Workbench Specific Considerations
- Problem: The ONDC workbench might have its own quirks or limitations that could be contributing to the error.
- Solution:
- Consult Workbench Documentation: Review the ONDC workbench documentation for any specific instructions or known issues related to session management or API testing.
- Test with a Real BAP: If possible, test the integration with a real BAP instead of relying solely on the workbench. This will help rule out any workbench-specific issues.
Actionable Steps for @priyankapndy
Given the information provided, here's a list of actionable steps for @priyankapndy:
- Verify
searchAPI Call: Double-check that asearchAPI call is made before theon_searchcall. Thetransaction_idandmessage_idfrom thesearchresponse should be used in theon_searchrequest. - Examine the Context: Carefully review all the context parameters in the
on_searchrequest, especiallybap_id,bpp_id,bap_uri, andbpp_uri. Ensure they are correct and consistent. - Contact Tripxoxo Support: Reach out to Tripxoxo's support team and provide them with the error message, request payload, and any other relevant information. Ask them to investigate their server-side logs for session-related issues.
- Test with a Different BAP (if possible): If feasible, try testing the integration with a different BAP or a real-world BAP to see if the issue persists. This will help determine if the problem is specific to the workbench or the BAP being used.
Conclusion
The "status": 428 error in the ONDC on_search API, particularly when integrating with Tripxoxo, typically points to session management or flow control issues on the BPP side. By systematically troubleshooting potential causes such as session timeouts, incorrect API call sequences, configuration errors, and server-side exceptions, you can effectively diagnose and resolve the problem. For @priyankapndy, the key is to verify the search API call, carefully examine the context parameters, and collaborate with Tripxoxo's support team to investigate their server-side logs. By following the steps outlined in this guide, you'll be well-equipped to tackle this error and ensure a smooth ONDC integration experience. Happy integrating, guys! Remember to always double-check your configurations and happy debugging!