Overview

Introduction

Request Type: POST

Request Format: application/json

Request Headers

X-Action - The method being called.

X-Request-Id - Unique request ID (UUID).

Accept-Language - Response language of the system (currently not used).

X-JWS-Signature - Request signature (detailed explanation below).

Content-Type - Must be application/json.

Accept - Must be application/json.

Response Headers

X-Action - The method.

X-Request-Id - Unique request ID (UUID).

X-Datetime - Date and time of request processing.

X-Request-Status - Request processing status.

The API has three main URLs

{domain}/v5/g2g/create - Creates an object in the PG system.

{domain}/v5/g2g/read - Retrieves information about an object.

{domain}/v5/g2g/edit - Updates information about an object.

An object in the payment system represents an entity or resource that the system interacts with to process payments and manage financial operations. This object can be a payment, card, account, etc.
The object contains a set of attributes that define its properties, status, and transaction history. Interaction with the object is performed through the payment system's API, allowing various operations such as creation, retrieval, updating, and deletion of objects, as well as executing additional actions within the context of a specific object.

Generating the X-JWS-Signature

To send any request, a request signature must be generated using JWS technology.

The JWS format must include the mandatory blocks header and signature and should be passed in the request header X-JWS-Signature.

Header Structure (all fields are required)

{
    "uri": "/v5/g2g/create",
    "auth_id": "123456",
    "method": "POST",
    "params": "",
    "alg": "HS256"
}

Header Structure description

Field	Description
uri	The path to the API endpoint being called
auth_id	User ID for signature verification
method	Request method
params	Reserved field
alg	Encryption algorithm

Payload Structure

The payload for generating JWS includes the HTTP request body.
The supported signature encryption algorithm is HS256, and the merchant's secret_key should be used as the signing key.
Example of Signature Generation:
Header

{
    "uri": "/v5/g2g/create",
    "auth_id": "123456",
    "method": "POST",
    "params": "",
    "alg": "HS256"
}

Payload:

{
  "amount": 123.42,
  "currency": "KZT",
  "description": "description",
  "order_id": "order_id",
  "user_id": "user_id",
  "auto_clearing": true,
  "from": {
    "type": "card",
    "card": {
      "name": "CARD HOLDER",
      "pan": "4400444400004440",
      "cvc": "123",
      "year": 30,
      "month": 12
    },
    "save": true,
    "recurrent": {
      "lifetime": 3
    }
  },
  "device": {
    "user_ip": "123.123.123.123"
  },
  "urls": {
    "check_url": "https://webhook.site/2af177da-0d72-4651-a31e-a0ea56ccc8a4",
    "result_url": "https://webhook.site/2af177da-0d72-4651-a31e-a0ea56ccc8a4"
  }
}

Encryption Key: 123456
Generated JWS:

eyJ1cmkiOiIvdjUvZzJnL2NyZWF0ZSIsImF1dGhfaWQiOiIxMjM0NTYiLCJtZXRob2QiOiJQT1NUIiwicGFyYW1zIjoiIiwiYWxnIjoiSFMyNTYifQ..82NnkgrNjfYu2UnAajnVsJUn2AgJWsqnmCK4x5A7zt0

Introduction#

Request Headers#

Response Headers#

The API has three main URLs#

Generating the X-JWS-Signature#

Header Structure (all fields are required)#

Header Structure description#

Payload Structure#

Introduction

Request Headers

Response Headers

The API has three main URLs

Generating the X-JWS-Signature

Header Structure (all fields are required)

Header Structure description

Payload Structure