API Authentication

Create API Key

Before using our APIs, you will need to create an API key. This key will allow you to access our APIs and use them in your application.

To create an API key with specific permissions, follow these steps:

  1. Log in to your merchant portal.

  2. Navigate to the API Management section from side bar.

  3. Click on the "Create API Key" button.

  4. Enter a name for your API key.

  5. Select the desired permissions, including withdrawal permissions, IP whitelist, and any other necessary permissions.

  6. Click "Create" to generate the API key.

  7. Once you click "Create", both the API key and Secret key will be generated simultaneously.

  8. The API key will be visible on the portal, but the Secret key will not be displayed again.

  9. Important: Make sure to save the Secret key immediately, as it cannot be retrieved later.

By selecting the appropriate permissions during the API key creation process, you can control the actions and access levels associated with the API key, ensuring security and proper usage.

How to use our API

Before accessing the APIs, please complete the following configuration steps:

  1. Generate the Header Value -

1.1 Generate Nonce: 32-character alphanumeric string.

Java example for reference:

//Header name: Ezeebit-Nonce
String nonce = RandomStringUtils.randomAlphanumeric(32);

1.2 Generate Timestamp: UnixTimestamp in milliseconds

Java example for reference:

//Header name: Ezeebit-Timestamp
long timestamp = System.currentTimeMillis();

1.3 Generate Payload :

STRING_TO_SIGN = HTTP_METHOD + "\n" +
                 REQUEST_PATH + "\n" +
                 TIMESTAMP + "\n" +
                 NONCE + "\n" +
                 REQUEST_BODY

Java example for reference:

public static String buildPayload(String reqBody, String nonce, long timestamp) {
        return timestamp + "\n" + nonce + "\n" + reqBody + "\n";
    }

1.4 Compute Signature:

SIGNATURE = HMAC_SHA512_HEX(STRING_TO_SIGN, SECRET_KEY).toUpperCase()

Java example for reference:

private static final String HMAC_SHA512 = "HmacSHA512";
    public static String generateSignature(String payload, String secretKey) throws NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = Mac.getInstance(HMAC_SHA512);
        SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getBytes(StandardCharsets.UTF_8), HMAC_SHA512);
        mac.init(secretKeySpec);
        return Hex.toHexString(mac.doFinal(payload.getBytes(StandardCharsets.UTF_8))).toUpperCase(Locale.ROOT);
    }

1.5 Include Headers:

  • Content-Type: application/json

  • Ezeebit-Certificate-SN:YOUR_API_KEY

  • Ezeebit-Timestamp: <TIMESTAMP>

  • Ezeebit-Nonce: <NONCE>

  • Ezeebit-Signature: <SIGNATURE>

Example Request:

curl -X POST "https://dev-api.ezeebit.com/open/api/v1/newOrder" \
  -H "Content-Type: application/json" \
  -H "Ezeebit-Certificate-SN:YOUR_API_KEY" \
  -H "Ezeebit-Timestamp: 1624459200000" \
  -H "Ezeebit-Nonce: 550e8400e29b41d4a716446655440000" \
  -H "Ezeebit-Signature: A1B2C3D4E5F6..." \
  -d '{
        "amount": 2.00,
        "tradeOrderNo": "100001",
        "storeNumber": "671517569",
        "webHookUrl": "https://yourdomain.com/webhook"
      }'

PreviousOverviewNextSupport & FAQs

Last updated