API Common Specifications
Restful Web API with Transaction Data Encrypted
✅ Communication Protocol - Restful Web API
API client’s request is submitted to OTT Pay API server via HTTP Post method.
☑️ Once a Request message sent from API Client to OTT Pay API Server , a Response message would be sent back from OTT Pay API server to API Client directly as the acknowledge.
☑️ Once API server processed the payment request, a Call-Back message with process status would be sent from OTT Pay API server to specified call-back-url which is set as a request parameter by API client, within above Request message transaction data.

✅ Web API URL
https://frontapi.ottpay.com:443/processV2
✅ Common API Message Data Format(HTTP message protocol)
☑️ Request Header(HTTP-Request-Header)
Field Name
Description
Accept
application/json
Content-Type
application/json
☑️ Request Payload (HTTP-Request-Body ) as API Request Message
API message data is stored in its HTTP payload (HTTP-Request-Body). It is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.
To ensure data security, the transaction data need to be encrypted (refer to Appendix A for the encryption methodology.
*️ Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding
Field Name
Description
Notes
action
Action type
version
Version Number
merchant_id
Merchant ID
Provided from OTT Pay
md5
Data summary
*️ Request Parameters Level Data Example(JSON format, to be encoded with Base64):
{
"action":"ACTIVEPAY",
"version":"1.0",
"merchant_id":"QC00005496",
"data": "zTadPG0YM4gD1WOFqxg7wn3vmU20NjCnCUOOnE9mTTkxYraQDflljA8W3azYG9MuOvOyl3cZhafH+io6PiWdZCwRmi3HGa19BvT215IIxRy2HvYe0Sqs2lxshm9E4y5F1gJ7HHMTqpY0wIA4DsuWA97UC55adB2G86VbanI7B5a3kErApr5mbAoE7wcNbDJfGh4CBbSoRxQyiGZ48SvYuIW/sclT4yu6okjo6CY3xL4=",
"md5":"6AFB2E94A70D9A208F101723700EB287"
}
☑️ Response Payload(HTTP-Response-Body) as API Response Message
API message data is stored in its HTTP payload (HTTP-Request-Body) it is composed with 2-levels structure, 1st level is with parameters without encryption, 2nd level is with transaction data.
To ensure the data security, the transaction data is encrypted (refer to Appendix A for the decryption methodology.
*️ Payload 1st level Data (Parameters Level): JSON data format with Base64 encoding
Field Name
Description
Notes
rep_code
Response code
rsp_msg
Response message
data
Encrypt Transaction data
md5
Message-Digest
*️ Response Message Parameters Level Data Example(after decoded with Base64):
{
"rsp_code":"SUCCESS",
"rsp_msg":"success",
"data":"41kiLvjVBO8AW4wTOthI92OQu+8fwac5cIDx0DoZpitLvSJU8WKQbk5Bii5ZYrgLz4hepQ865QZFWqj2PRZ1FjxxipxEy2KoOKchWK09e42Se3CMAxt/+8UGrnAHDJLbU/BBlZLJoLpruSNKBeVfwhI7TtGdP4ciwzKPmv5aS2DWoU4Jl26IAPa8PeGhPNLuT99HwBGXa7aUz5adYk3uAR5Ww9HkBlPrqzJlUQ4zdMgjxaM2bROldcKTK8NxPM7X",
"md5":"32310A0DD3D021A7D0CDF6A5909A1A61"
}
Last updated
Was this helpful?