API Common Specifications

Communication Protocol - Restful Web API

API client’s request is submitted to OTT Pay API server via HTTP Post method.

Once a Request message sent from API Client to OTT Pay API Server , a Response message would be sent back from OTT Pay API server to API Client directly as the acknowledge.

Once API server processed the payment request, a Call-Back message with process status would be sent from OTT Pay API server to specified call-back-url which is set as a request parameter by API client, within above Request message transaction data.

https://frontapi.ottpay.com:443/processV2

API message data is stored in its HTTP payload (HTTP-Request-Body). It is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.

To ensure data security, the transaction data need to be encrypted (refer to Appendix A for the encryption methodology.

{
    "action":"ACTIVEPAY",
    "version":"1.0",
    "merchant_id":"QC00005496",
    "data": "zTadPG0YM4gD1WOFqxg7wn3vmU20NjCnCUOOnE9mTTkxYraQDflljA8W3azYG9MuOvOyl3cZhafH+io6PiWdZCwRmi3HGa19BvT215IIxRy2HvYe0Sqs2lxshm9E4y5F1gJ7HHMTqpY0wIA4DsuWA97UC55adB2G86VbanI7B5a3kErApr5mbAoE7wcNbDJfGh4CBbSoRxQyiGZ48SvYuIW/sclT4yu6okjo6CY3xL4=",
    "md5":"6AFB2E94A70D9A208F101723700EB287"
}

API message data is stored in its HTTP payload (HTTP-Request-Body) it is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.

To ensure the data security, the transaction data is encrypted (refer to Appendix A for the decryption methodology.

{
 "rsp_code":"SUCCESS",
 "rsp_msg":"success",
 "data":"41kiLvjVBO8AW4wTOthI92OQu+8fwac5cIDx0DoZpitLvSJU8WKQbk5Bii5ZYrgLz4hepQ865QZFWqj2PRZ1FjxxipxEy2KoOKchWK09e42Se3CMAxt/+8UGrnAHDJLbU/BBlZLJoLpruSNKBeVfwhI7TtGdP4ciwzKPmv5aS2DWoU4Jl26IAPa8PeGhPNLuT99HwBGXa7aUz5adYk3uAR5Ww9HkBlPrqzJlUQ4zdMgjxaM2bROldcKTK8NxPM7X",
 "md5":"32310A0DD3D021A7D0CDF6A5909A1A61"
}