Authentication
All API queries should be made over HTTPS, and plain HTTP will be refused.Do not forget to include your headers in all requests.
Every requests must contain the following headers:
Making a request
All requests must contain the following headers:
token- a Token that you generatepublickey- The public key is generated using the following convention - sha512 of your given token and private key i.e sha512(token + private_key)
If your Merchant Id contains reserved characters (e.g., "@", "+", white spaces as %20) it should be URL encoded otherwise you may get a signature mismatch or just an invalid parameter value.
| Name | Type | Required | Description |
|---|---|---|---|
token |
String | Yes | A newly generated access token for an applicant. |
| publickey | String | Yes | sha512 of your given token and private key i.e sha512(token + private_key) |
An access token for an applicant has limited access to the API, e.g., it’s only valid for 1 applicant and can't access other applicants.
#Creating your publickey
Example Case:
token: 2eqsd12123123e
publickey: s32rffq34wdf34wfq34cad3qewaf
Note :
Avoid putting space, plus sign, or any other character in between your token and private key while calculating. Such alterations can cause errors and potentially render the key unusable.