Payment Web API
Search
K

API Common Specifications

Restful Web API with Transaction Data Encrypted

Communication Protocol - Restful Web API

API client’s request is submitted to OTT Pay API server via HTTP Post method.

☑️
Once a Request message sent from API Client to OTT Pay API Server , a Response message would be sent back from OTT Pay API server to API Client directly as the acknowledge.
☑️
Once API server processed the payment request, a Call-Back message with process status would be sent from OTT Pay API server to specified call-back-url which is set as a request parameter by API client, within above Request message transaction data.

Web API URL

https://frontapi.ottpay.com:443/processV2
WeChat Pay and Alipay cannot provide the official sandbox test environment, we provide the production Web API for the integration. All of the test will be real transactions. you can check the payment record and payment status via OTT Pay Merchant Center

Common API Message Data Format(HTTP message protocol)

☑️
Request Header(HTTP-Request-Header)

Field Name
Description
Accept
application/json
Content-Type
application/json
☑️
Request Payload (HTTP-Request-Body ) as API Request Message
API message data is stored in its HTTP payload (HTTP-Request-Body). It is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.
To ensure data security, the transaction data need to be encrypted (refer to Appendix A for the encryption methodology.

*️
Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding

Field Name
Description
Notes
action
Action type
version
Version Number
merchant_id
Merchant ID
Provided from OTT Pay
data
Encrypted Transaction Data
Encryption methodology refer to Appendix A
md5
Data summary
*️
Request Parameters Level Data Example(JSON format, to be encoded with Base64):
{
"action":"ACTIVEPAY",
"version":"1.0",
"merchant_id":"QC00005496",
"data": "zTadPG0YM4gD1WOFqxg7wn3vmU20NjCnCUOOnE9mTTkxYraQDflljA8W3azYG9MuOvOyl3cZhafH+io6PiWdZCwRmi3HGa19BvT215IIxRy2HvYe0Sqs2lxshm9E4y5F1gJ7HHMTqpY0wIA4DsuWA97UC55adB2G86VbanI7B5a3kErApr5mbAoE7wcNbDJfGh4CBbSoRxQyiGZ48SvYuIW/sclT4yu6okjo6CY3xL4=",
"md5":"6AFB2E94A70D9A208F101723700EB287"
}
☑️
Response Payload(HTTP-Response-Body) as API Response Message
API message data is stored in its HTTP payload (HTTP-Request-Body) it is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.
To ensure the data security, the transaction data is encrypted (refer to Appendix A for the decryption methodology.

*️
Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding

Field Name
Description
Notes
rep_code
Response code
rsp_msg
Response message
data
Encrypt Transaction data
md5
Message-Digest
*️
Response Message Parameters Level Data Example(after decoded with Base64):
{
"rsp_code":"SUCCESS",
"rsp_msg":"success",
"data":"41kiLvjVBO8AW4wTOthI92OQu+8fwac5cIDx0DoZpitLvSJU8WKQbk5Bii5ZYrgLz4hepQ865QZFWqj2PRZ1FjxxipxEy2KoOKchWK09e42Se3CMAxt/+8UGrnAHDJLbU/BBlZLJoLpruSNKBeVfwhI7TtGdP4ciwzKPmv5aS2DWoU4Jl26IAPa8PeGhPNLuT99HwBGXa7aUz5adYk3uAR5Ww9HkBlPrqzJlUQ4zdMgjxaM2bROldcKTK8NxPM7X",
"md5":"32310A0DD3D021A7D0CDF6A5909A1A61"
}