Payment Web API
  • Payment API Solutions Map
  • API Common Specifications
  • Payment Status Query API (Common)
  • Refund & Refund Query API (Common)
  • Query Exchange Rate API (Common)
  • Payment Process Flow with Mobile App (Common)
  • API for PC Browser with Wechat Pay/Alipay/UnionPay
    • Payment Request with WeChat Pay
    • Payment Request with Alipay
    • Payment Request with UnionPay-SecurePay
      • Query Transaction with UnionPay-SecurePay
  • API for WeChat Browser with WeChat Pay
    • Payment Request API
    • Query Transaction with WeChat Pay
  • API for WeChat Mini-Program with WeChat Pay
    • Payment Request API
    • Query Transaction API
  • API for Mobile Browser with Alipay
    • Payment Request API
    • Query Transaction API
  • API for Mobile Browser with WeChat
    • Payment Request API
    • Query Transaction API
  • API for Mobile with UnionPay-SecurePay
    • Payment Request API
    • Query Transaction API
    • Code Samples(Web App, Android, iOS)
  • API for Mobile App with WeChat Pay
    • Payment Request API
    • Query Transaction API
  • API for Mobile App with Alipay
    • Payment Request with OTT Pay SDK
    • Implementation with Android App SDK
    • Implementation with iOS App SDK
  • API for In-Store Channels(via Merchant POS/Terminal)
    • API Process Flows
    • Payment Request API
    • Query Transaction API
  • API for Elavon Converge-Hosted payment
    • Payment Request API
    • Query Transaction API
  • API for Global payments PORTICO Ecomm Payment
    • Payment Request API
    • Query Transaction API
  • API for Checkout payment
    • Payment Request API
    • Query Transaction API
  • Appendix A (Data Encryption / Decryption)
  • Appendix B (Response Code)
  • FAQ
  • > Back to Top Page
Powered by GitBook
On this page
  • Communication Protocol - Restful Web API
  • Web API URL
  • Common API Message Data Format(HTTP message protocol)

Was this helpful?

API Common Specifications

Restful Web API with Transaction Data Encrypted

PreviousPayment API Solutions MapNextPayment Status Query API (Common)

Last updated 2 years ago

Was this helpful?

Communication Protocol - Restful Web API

API client’s request is submitted to OTT Pay API server via HTTP Post method.

Once a Request message sent from API Client to OTT Pay API Server , a Response message would be sent back from OTT Pay API server to API Client directly as the acknowledge.

Once API server processed the payment request, a Call-Back message with process status would be sent from OTT Pay API server to specified call-back-url which is set as a request parameter by API client, within above Request message transaction data.

https://frontapi.ottpay.com:443/processV2

WeChat Pay and Alipay cannot provide the official sandbox test environment, we provide the production Web API for the integration. All of the test will be real transactions. you can check the payment record and payment status via OTT Pay Merchant Center

Field Name

Description

Accept

application/json

Content-Type

application/json

API message data is stored in its HTTP payload (HTTP-Request-Body). It is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.

To ensure data security, the transaction data need to be encrypted (refer to Appendix A for the encryption methodology.

Field Name

Description

Notes

action

Action type

version

Version Number

merchant_id

Merchant ID

Provided from OTT Pay

data

Encrypted Transaction Data

md5

Data summary

{
    "action":"ACTIVEPAY",
    "version":"1.0",
    "merchant_id":"QC00005496",
    "data": "zTadPG0YM4gD1WOFqxg7wn3vmU20NjCnCUOOnE9mTTkxYraQDflljA8W3azYG9MuOvOyl3cZhafH+io6PiWdZCwRmi3HGa19BvT215IIxRy2HvYe0Sqs2lxshm9E4y5F1gJ7HHMTqpY0wIA4DsuWA97UC55adB2G86VbanI7B5a3kErApr5mbAoE7wcNbDJfGh4CBbSoRxQyiGZ48SvYuIW/sclT4yu6okjo6CY3xL4=",
    "md5":"6AFB2E94A70D9A208F101723700EB287"
}

API message data is stored in its HTTP payload (HTTP-Request-Body) it is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.

To ensure the data security, the transaction data is encrypted (refer to Appendix A for the decryption methodology.

Field Name

Description

Notes

rep_code

Response code

rsp_msg

Response message

data

Encrypt Transaction data

md5

Message-Digest

{
 "rsp_code":"SUCCESS",
 "rsp_msg":"success",
 "data":"41kiLvjVBO8AW4wTOthI92OQu+8fwac5cIDx0DoZpitLvSJU8WKQbk5Bii5ZYrgLz4hepQ865QZFWqj2PRZ1FjxxipxEy2KoOKchWK09e42Se3CMAxt/+8UGrnAHDJLbU/BBlZLJoLpruSNKBeVfwhI7TtGdP4ciwzKPmv5aS2DWoU4Jl26IAPa8PeGhPNLuT99HwBGXa7aUz5adYk3uAR5Ww9HkBlPrqzJlUQ4zdMgjxaM2bROldcKTK8NxPM7X",
 "md5":"32310A0DD3D021A7D0CDF6A5909A1A61"
}

Web API URL

Common API Message Data Format(HTTP message protocol)

Request Header(HTTP-Request-Header)

Request Payload (HTTP-Request-Body ) as API Request Message

Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding

Encryption methodology refer to A

Request Parameters Level Data Example(JSON format, to be encoded with Base64):

Response Payload(HTTP-Response-Body) as API Response Message

Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding

Response Message Parameters Level Data Example(after decoded with Base64):

✅
✅
☑️
☑️
*️
*️
☑️
*️
*️
ppendix A
✅
☑️
☑️