search

API Common Specifications

Restful Web API with Transaction Data Encrypted

hashtag
Communication Protocol - Restful Web API

hashtag
API client’s request is submitted to OTT Pay API server via HTTP Post method.

☑️ Once a Request message sent from API Client to OTT Pay API Server , a Response message would be sent back from OTT Pay API server to API Client directly as the acknowledge.

☑️ Once API server processed the payment request, a Call-Back message with process status would be sent from OTT Pay API server to specified call-back-url which is set as a request parameter by API client, within above Request message transaction data.

hashtag
Web API URL

circle-info

WeChat Pay and Alipay cannot provide the official sandbox test environment, we provide the production Web API for the integration. All of the test will be real transactions. you can check the payment record and payment status via OTT Pay Merchant Carrow-up-rightenter

hashtag
Common API Message Data Format(HTTP message protocol)

hashtag
☑️ Request Header(HTTP-Request-Header)

Field Name

Description

Accept

application/json

Content-Type

application/json

☑️ Request Payload (HTTP-Request-Body ) as API Request Message

API message data is stored in its HTTP payload (HTTP-Request-Body). It is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.

To ensure data security, the transaction data need to be encrypted (refer to Appendix A for the encryption methodology.

hashtag
*️ Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding

Field Name

Description

Notes

action

Action type

version

Version Number

merchant_id

Merchant ID

Provided from OTT Pay

data

Encrypted Transaction Data

Encryption methodology refer to Appendix A

md5

Data summary

*️ Request Parameters Level Data Example(JSON format, to be encoded with Base64):

☑️ Response Payload(HTTP-Response-Body) as API Response Message

API message data is stored in its HTTP payload (HTTP-Request-Body) it is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.

To ensure the data security, the transaction data is encrypted (refer to Appendix A for the decryption methodology.

hashtag
*️ Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding

Field Name

Description

Notes

rep_code

Response code

rsp_msg

Response message

data

Encrypt Transaction data

md5

Message-Digest

*️ Response Message Parameters Level Data Example(after decoded with Base64):

PreviousPayment API Solutions MapNextPayment Status Query API (Common)

Last updated

Was this helpful?