Settlement API Authentication Process

During the onboarding of merchants, for every merchant, a unique client id and client secret is provided to the merchants.

Sample Client Information

{
    "clientId": "4A75XXXXXXXXXXXXXXXX3434",
    "clientSecret": "ee00XXXXXXXXXXXXXXX9eaa",
    "merchantId": "JublXXXXXXXXX2744"
}

The following parameters need to be passed in header by the merchants for the JWT authorization.

1. Client Id  - As provided above 
2. Authorization - Jwt token  

How to generate this jwt token ?

To generate this, the client secret is to be passed in the following source code - 

Sample Secret Key

private final static String secret = "ee0024XXXXXXXXXXX619eaa"; // use the secret key here

Source Code to generate Token

public static String generateToken(String email) throws IllegalArgumentException, JWTCreationException {
        return JWT.create()
                .withClaim("email", email) // any payload info needed to passed is added through claims
                .withIssuedAt(new Date())
                .withIssuer("PAYTM")
                .sign(Algorithm.HMAC256(secret));
    }

Generation of Request Message Id

The merchant needs to pass a request message id in the request head so that every request can be uniquely identified.

Source Code to generate request message id

public static String uuidGenerator(String merchantId){
        StringBuilder sb = new StringBuilder();
        return sb.append(UUID.randomUUID()).append(merchantId).toString();
    }

Examples

6af7c70c-36f9-400b-90c7-865b917533efFINALL26592576951102
b70de59a-0102-428b-9813-c1e52660be3fFINALL26592576951102

Sample Request Structure

{
  "request": {
    "head": {
      "reqMsgId": "6af7c70c-36f9-400b-90c7-865b917533efFINALL26592576951102"
    },
    "body": {
      "mid": "JublXXXXXXXXX2744",
      "startDate": "2022-06-23",
      "endDate": "2022-06-26",
      "pageNum": 1,
      "pageSize": 20
    }
  }
}