Create Payment URL
Step 1: Get Access Token
Please refer to Access
Token on how to get
Access Token
, and then place it into Request Headers' Authorization.
Step 2: Prepare Request Parameter
Generate
nonceStr
and
timestamp
, which will be placed into Request Headers and also be used to
create Signature.
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
nonceStr |
String | Yes | Random String | 7a70f55482a5566c |
timestamp |
String | Yes | UNIX timestamp of request | 1667061151361 |
Request Parameters
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
order |
Object | Yes | order information, with keys of [id, title, amount, currencyType, additionalData] |
|
customer |
Object | Yes | customer information, with keys of [name, phone, email] |
|
method |
String | No | List of Type, please refer to Deposit / Payment, If this is given, user will be redirected straight to the specific 3rd party payment page. If not, user will be redirected to Payment page to select the Payment Method |
Order [Object]
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
title |
String | Yes | Order title, max: 32 | "Deposit" |
additionalData |
String | No | Order description | |
amount |
String | Yes | Amount of order in Dollar. 100 = MYR 100.00 | 100 |
currencyType |
String | Yes | Currency notation (currently only support MYR)
|
"MYR" |
id |
String | Yes | ID of the Order | |
logoUrl |
String | No | Display merchant logo at payment page |
Customer [Object]
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
name |
String | Yes | Customer Name | "Long Wan" |
email |
String | Yes | Customer Email | "" |
phone |
String | Yes | Customer Phone Number | "" |
Example Request
{
"order": {
"id": "A20221111",
"title": "Payment",
"amount": "88.50",
"currencyType": "MYR",
"additionalData": "",
"logoUrl": "https://picsum.photos/200"
},
"customer": {
"name": "Long Wan",
"phone": "0123456789",
"email": "[email protected]"
},
"method": ""
}
Sort the above json key alphabetically and make it compact
{"customer":{"name":"Long Wan","phone":"0123456789","email":"[email protected]"},"method":"","order":{"id":"A20221111","title":"Payment","amount":"88.50","currencyType":"MYR","additionalData":"","logoUrl":"https://picsum.photos/200"}}
Encode the data to Base64 format
eyJjdXN0b21lciI6eyJuYW1lIjoiTG9uZyBXYW4iLCJwaG9uZSI6IjAxMjM0NTY3ODkiLCJlbWFpbCI6Imxvbmd3YW5AZ21haWwuY29tIn0sIm1ldGhvZCI6IiIsIm9yZGVyIjp7ImlkIjoiQTIwMjIxMTExIiwidGl0bGUiOiJQYXltZW50IiwiYW1vdW50IjoiODguNTAiLCJjdXJyZW5jeVR5cGUiOiJNWVIiLCJhZGRpdGlvbmFsRGF0YSI6IiIsImxvZ29VcmwiOiJodHRwczovL3BpY3N1bS5waG90b3MvMjAwIn19
Encode the base64 format data with CLIENT_SYMMETRIC_KEY
e4e9ac1120ed867a7af108af8b1ab9183319f8a334bcdbbea47232359ae0a5c9c4ad1e46450ef4b36775aeb624b14b722a6884abd9b1f7572f1fdb33ce7a8bfec3d69d3e2e1aa77487c55b181613bfbef1028c8da984f5b59c8d6241eefcaf70
Step 3: Generate Signature
Please refer to Signature
Algorithm on how to get
Signature
, and then place it into Request Headers' X-Signature.
Step 4: POST to
/gateway/v1/createPayment
endpoint
Method : POST
Staging Endpoint : https://api-stag.kira.asia/gateway/v1/createPayment
Request
Headers
| Parameter | Type | Description |
|---|---|---|
Authorization |
String | Token get from Step 1 |
X-Nonce-Str |
String | nonceStr from Step 2 |
X-Timestamp |
String | timestamp from Step 2 |
X-Signature |
String | signature from Step 3 |
Body
| Parameter | Type | Description | Example |
|---|---|---|---|
data |
String | Encrypted Data with CLIENT_SYMMETRIC_KEY | e4e9ac1127af1...b59c8d62af70 |
Example Request Header & Body
{
"headers": {
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjEwMDIOjE2NjczMTYwOTJ9.UnVBt6Opxd_ZOMns1gCT40Ihdj1nbndi2V43Xt3fIuE",
"X-Nonce-Str": "7a70f55482a5566c",
"X-Timestamp": "1667061151361",
"X-Signature": "sha256 zOzjz8QoGTbesuAO5CCFbPCF3EMDtohKtkQPro8O61jbXhurgl+wIYzTv1BQPB6z1+bRn7gXx1YpsItk+Zed+Wd9PqmexoGdDrAAoUKjCcMks9g0/kiVui381jscVAyCUzdMtkW25P4QyTeq5+ES7D66j/Jwk+9JqYXhMnX5aAUdMjlrADp1RC1zrZUc1Mfqs+MA26J3X5uQ8xLhh9FaAhDdoyWctKQSTHZyMVuDtmFaGdzaGI3LCWm5w1gvtHC43mTMccc3WrlirYbDrZvN2c81cNMfRJjgJZNnjjY27OAMvGsJJgpo0b+EW4UO74QzZ2VI60fgf7uIajIOgQRzzA=="
},
"body": {
"data": "e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45"
}
}
Response
Body
| Parameter | Type | Description | Example |
|---|---|---|---|
code |
String | The status code of this API | 200 |
encryptedData |
String | Encrypted Data that required be decrypted with CLIENT_SYMMETRIC_KEY |
a83cf72884cbbb....3ddf0744646e0cf0b482 |
message |
String | PlainText of the information of this request | 'Success' |
Example Response
{
"code": 200,
"encryptedData": "e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45",
"message": "Success"
}
Step 5: Decrypt the
encryptedData
with CLIENT_SYMMETRIC_KEY
Symmetric decrypt the encryptedData,
e4e9ac1120ed867a7af108af8b1ab918cbec6db7b4d7c29908085a73e2b29e97547da6eae91928b3330241f1fb898eebd8c3355105fdd5c68b6ceea761f41dc3085ed888d3c0473beef128ebd208c4f60299df64a622d04d21d81513c02e2d47bfcce2a6c246eabcc1c823aaf3d9133004cf7c4c08236395a05dc19a98c33a301c8b73d4e7fd33cd911619de86dfdb45
with CLIENT_SYMMETRIC_KEY,
PCd1dlEmFnBXaVce06Pzp7Vike0oHnVJ
The result is in plaintext as
{
"data": {
"paymentUrl": "https://api.kira.asia/gateway/v1/createPayment/checkout/payment?orderId=1234567890/",
"transactionId": "1234567890"
}
}