Authentication
All API queries should be made over HTTPS, and plain HTTP will be refused.Do not forget to include your headers in all requests.
Every requests must contain the following headers:
Making a request
All requests must contain the following headers:
Token- a Token that you generatePublic key- The public key is generated using the following convention - sha512 of your given token and private key i.e sha512(token + private_key)
If your Merchant Id contains reserved characters (e.g., "@", "+", white spaces as %20) it should be URL encoded otherwise you may get a signature mismatch or just an invalid parameter value.
| Name | Type | Required | Description |
|---|---|---|---|
Token |
String | Yes | A newly generated access token for an applicant. |
| Public_key | String | Yes | sha512 of your given token and private key i.e sha512(token + private_key) |
An access token for an applicant has limited access to the API, e.g., it’s only valid for 1 applicant and can't access other applicants.
#Token
This is the most secure method of talking to our API programmatically.You can generate your API token by calling on the following endpoint.
curl -X GET \
'{{base-url}}/{merchant_id}/api/token/generate/{country_code}'#Creating your publickey
Example Case:
Token: 2eqsd12123123e
private_key: s32rffq34wdf34wfq34cad3qewaf
Note :
Avoid putting space, plus sign, or any other character in between your token and private key while calculating. Such alterations can cause errors and potentially render the key unusable.