Signature

Before the API integration, you need to get your APP ID and APP Secret.

Get APP ID and APP Secret

CCPayment API authenticates your requests by APP ID and APP Secret. Log in to your CCPayment account, go to Developer page, you can find your APP ID and APP Secret on this page.

Signature Guide

The body of HTTP is a json string.

Add the content in body of HTTP to the signature. Ensure the body content matches the signature content. As soon as CCPayment receives the request, the body content will be read and the signature will be verified.

If you use a tool to simulate the request, please make sure that the data in the body will not be formatted by json. Always make sure the body is a json string; for example, if you use postman, you should choose text format.

Examples

https://www.geeksforgeeks.org/sha-256-hash-in-java/

$str = $appId.$appSecret.strval(time()).json_encode($body);
$sign = SHA256Hex($str);

function SHA256Hex($str){
    return hash('sha256', $str);
}

#Python 3.7.4 
import hashlib
from time import time

data_str = json.dumps(body)
a_string = appId + appSecret + str(time())+data_str

hashed_string = hashlib.sha256(a_string.encode('utf-8')).hexdigest()
print(hashed_string)

import crypto from "crypto";
let str = appId + appSecret + (Math.floor(Date.now() / 1000)) + JSON.stringify(body);
let sign = crypto.createHash('sha256').update(str, 'utf8').digest('hex');

bytes, err := json.Marshal(body)
str := fmt.Sprintf("%s%s%d%s", AppId, merchant.AppSecret, time.Now().Unix(), string(bytes))

sign := Hash256([]byte(str))

func Hash256(byte2 []byte) string {
	hash := sha256.Sum256(byte2)
	code := hex.EncodeToString(hash[:]) //hex
	return code
}

For the specific fields of signature, please refer to the API interface and ensure the order of the fields.

PreviousTo Get Started NextAPI Specification Common Rules

Last updated 1 year ago