# API Common Specifications

### :white\_check\_mark: Communication Protocol - Restful Web API

#### API client’s request is submitted to OTT Pay API server via HTTP Post method.&#x20;

:ballot\_box\_with\_check: Once a **Request** message sent from API Client to OTT Pay API Server , a **Response** message would be sent back from OTT Pay API server to API Client directly as the acknowledge.

:ballot\_box\_with\_check: Once API server processed the payment request, a **Call-Back** message with process status would be sent from OTT Pay API server to specified **call-back-url** which is set as a request parameter by API client, within above **Request** message transaction data.

![](https://1288750261-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Ld5XVMQHp74noDIXTus%2F-M8QXuQR3NYp9aHTHkNY%2F-M8QzlY_QzFnVcStCKoM%2Fimage.png?alt=media\&token=027108ad-3a64-48d7-aac4-c628717f7063)

### :white\_check\_mark: Web API URL

```
https://frontapi.ottpay.com:443/processV2
```

{% hint style="info" %}
WeChat Pay and Alipay cannot provide the official sandbox test environment, we provide the production Web API for the integration. All of the test will be real transactions.  you can check the payment record and payment status via [OTT Pay Merchant C](https://merchant.ottpay.com/en/login)enter
{% endhint %}

### :white\_check\_mark: **Common API Message Data Format(HTTP message protocol)**

#### :ballot\_box\_with\_check: **Request** Heade&#x72;**(HTTP-Request-**&#x48;eade&#x72;**)**

| Field Name   | Description      |
| ------------ | ---------------- |
| Accept       | application/json |
| Content-Type | application/json |

:ballot\_box\_with\_check: **Request Payload (HTTP-Request-Body ) as API Request Message**

API message data is stored in its HTTP payload  (HTTP-Request-Body). It is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data. &#x20;

To ensure data security, the transaction data need to be encrypted (refer to Appendix A for the encryption methodology.

#### :asterisk\_symbol: Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding

| Field Name   | Description                    | Notes                                                                                        |
| ------------ | ------------------------------ | -------------------------------------------------------------------------------------------- |
| action       | Action type                    |                                                                                              |
| version      | Version Number                 |                                                                                              |
| merchant\_id | Merchant ID                    | Provided from OTT Pay                                                                        |
| **data**     | **Encrypted Transaction Data** | Encryption methodology refer to A[ppendix A](https://docs.ottpay.com/payment-api/appendix-a) |
| md5          | Data summary                   |                                                                                              |

:asterisk\_symbol: **Request Parameters Level** **Data Example(JSON format, to be encoded with Base64):**

```
{
    "action":"ACTIVEPAY",
    "version":"1.0",
    "merchant_id":"QC00005496",
    "data": "zTadPG0YM4gD1WOFqxg7wn3vmU20NjCnCUOOnE9mTTkxYraQDflljA8W3azYG9MuOvOyl3cZhafH+io6PiWdZCwRmi3HGa19BvT215IIxRy2HvYe0Sqs2lxshm9E4y5F1gJ7HHMTqpY0wIA4DsuWA97UC55adB2G86VbanI7B5a3kErApr5mbAoE7wcNbDJfGh4CBbSoRxQyiGZ48SvYuIW/sclT4yu6okjo6CY3xL4=",
    "md5":"6AFB2E94A70D9A208F101723700EB287"
}
```

:ballot\_box\_with\_check: **Response Payload(HTTP-Response-Body) as API Response Message**

API message data is stored in its HTTP payload  (HTTP-Request-Body) it is composed  with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data. &#x20;

To ensure the data security, the transaction data is encrypted (refer to Appendix A for the decryption methodology.

#### :asterisk\_symbol: Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding

| **Field Name** | Description              | Notes |
| -------------- | ------------------------ | ----- |
| rep\_code      | Response code            |       |
| rsp\_msg       | Response message         |       |
| data           | Encrypt Transaction data |       |
| md5            | Message-Digest           |       |

:asterisk\_symbol: **Response Message Parameters Level** **Data Example(after decoded with Base64):**

```
{
 "rsp_code":"SUCCESS",
 "rsp_msg":"success",
 "data":"41kiLvjVBO8AW4wTOthI92OQu+8fwac5cIDx0DoZpitLvSJU8WKQbk5Bii5ZYrgLz4hepQ865QZFWqj2PRZ1FjxxipxEy2KoOKchWK09e42Se3CMAxt/+8UGrnAHDJLbU/BBlZLJoLpruSNKBeVfwhI7TtGdP4ciwzKPmv5aS2DWoU4Jl26IAPa8PeGhPNLuT99HwBGXa7aUz5adYk3uAR5Ww9HkBlPrqzJlUQ4zdMgjxaM2bROldcKTK8NxPM7X",
 "md5":"32310A0DD3D021A7D0CDF6A5909A1A61"
}
```