Authorization & Headers
For backend based API request/call, Finpay API requires HTTP(s) headers that will be explained below.
Content-Type and Accept Header
Finpay API uses JSON format for input and output, hence it is required to specify JSON as content-type & accept JSON as response. The header specification is as shown below.
- Content-Type: application/json
- Accept: application/json
Authorization Header
The Finpay API utilizes the merchant ID and basic authorization header for processing requests. The Merchant ID and Merchant Key are used in conjunction to create the Authorization Header, which is a security measure to prevent unauthorized access to the API.
- For Development environment, obtain Merchant Id & Merchant Key in Sandbox Dashboard
- For Production environment, obtain Merchant Id & Merchant Key in Dashboard
To generate Authorization header value, follow the steps given below.
- Follow the format of Basic Authentication. (example: Username:Password)
- Username and password are separated by : character.
- Merchant Id is used as Username and Merchant Key as Password.
- For example, if your Merchant Id is FINPAY770 and Merchant Key is SoSecret123 then Username:Password would be
FINPAY770:SoSecret123
.
- For example, if your Merchant Id is FINPAY770 and Merchant Key is SoSecret123 then Username:Password would be
- Encode this value into base64 format.
- For example, base64 of FINPAY770:SoSecret123 is
RklOUEFZNzcwOlNvU2VjcmV0MTIz
.
- For example, base64 of FINPAY770:SoSecret123 is
- Add the word Basic as prefix.
- The above value would be
Basic RklOUEFZNzcwOlNvU2VjcmV0MTIz
.
- The above value would be
- Your Authorization header is ready.
Authorization: Basic RklOUEFZNzcwOlNvU2VjcmV0MTIz