Below is the pseudo-code for computing authorization and signature headers:
Authorization computation
Authorization on Interswitch API will be done through the custom "InterswitchAuth" realm.
All messages must be authorized using following the standard ‘Basic’ authorization model of the web. The HTTP header Authorization should be set to the base 64 encoded value of the client_id.
The Authorization value is as follows:
InterswitchAuth: Base64(client_id)
Signature Computation
The signature method should be SHA-512 calculated against the data elements above in the order in which they are listed.
The pseudo-code below shows how this can be done with any programming language of choice:
String baseStringToBeSigned = http_verb + "&" + percent_encode(url) + “&” + timestamp + “&” + nonce + “&” + client_id + “&” + shared_secret_key; String parameterStringToBeSigned = percent_encode(value1) + "&" + percent_encode(value2); String stringToBeSigned = baseStringToBeSigned + "&" + parameterStringToBeSigned; String signature = Base64(Hash(stringToBeSigned));
Use the free online tool to confirm if your signature is ok:
