Authorization & Headers
For backend based API request/call, Finpay API requires HTTP(s) headers that will be explained below.
URL Endpoint
| Environment | Method | URL |
|---|---|---|
| Development | POST | https://devo.finpay.id/billing/ |
| Production | POST | https://live.finpay.id/billing/ |
Content-Type and Accept Header
Finpay API uses JSON format for input and output, hence it is required to specify JSON as content-type & accept JSON as response. The header specification is as shown below.
- Content-Type: application/json
- Accept: application/json
Signature
The Signature is used by Finpay API to identify merchant ID for initiating the request and also to process the request according to the authorization. The Signature is developed from the Merchant Key. This is a safety feature to prevent any unauthorized users.
The signature algorithm is as shown below :
sha256(userName.productCode.channel.terminal.transactionType.billNumber.traxId.sha256(timeStamp.password));