Skip to main content

Authorization & Headers

For backend based API request/call, Finpay API requires HTTP(s) headers that will be explained below.

Content-Type and Accept Header

Finpay API uses JSON format for input and output, hence it is required to specify JSON as content-type & accept JSON as response. The header specification is as shown below.

  • Content-Type: application/json
  • Accept: application/json

Authorization Header

The Finpay API utilizes the merchant ID and basic authorization header for processing requests. The Merchant ID and Merchant Key are used in conjunction to create the Authorization Header, which is a security measure to prevent unauthorized access to the API.

  • For Development environment, obtain Merchant Id & Merchant Key in Sandbox Dashboard
  • For Production environment, obtain Merchant Id & Merchant Key in Dashboard

To generate Authorization header value, follow the steps given below.

  1. Follow the format of Basic Authentication. (example: Username:Password)
  2. Username and password are separated by : character.
  3. Merchant Id is used as Username and Merchant Key as Password.
    • For example, if your Merchant Id is FINPAY770 and Merchant Key is SoSecret123 then Username:Password would be FINPAY770:SoSecret123.
  4. Encode this value into base64 format.
    • For example, base64 of FINPAY770:SoSecret123 is RklOUEFZNzcwOlNvU2VjcmV0MTIz.
  5. Add the word Basic as prefix.
    • The above value would be Basic RklOUEFZNzcwOlNvU2VjcmV0MTIz.
  6. Your Authorization header is ready.
    • Authorization: Basic RklOUEFZNzcwOlNvU2VjcmV0MTIz