Security
MAC (Message Authentication Code), an algorithm that confirms that a given message comes from its sender and that the data in the message has not been altered.
Última actualización
MAC (Message Authentication Code), an algorithm that confirms that a given message comes from its sender and that the data in the message has not been altered.
Última actualización
Every request to Vita Business API must be signed using HMAC-SHA256 algorithm, and the signature's content included in the Autorización header as documented below. This header must have as a prefix the signature version and hash function used, which is currently V2-HMAC-SHA256.
Header
Type
Description
x-date
String
ISO8601 Datetime with Timezone. For instance2018-07-12T13:46:28.629Z
x-login
String
Business xLogin
x-api-key
String
Business xTransKey
Content-Type
String
application/json
Authorization
String
<auth version>, Signature: <hmac(secretKey, "X-Login+X-Date+RequestBody")>
In the integrations section of the merchant's Vita Wallet account, you can find a button to request access credentials for Vita Business. We will send an email with the instructions.
To use the services of Vita Business, you will need to register the IP addresses in the integration section. Once your tests are successful, you will need to contact us at ayuda@vitawallet.io to register your merchant's IP addresses in the production environment.
NOTE
The IP addresses in the production environment MUST be STATIC (they must not vary)
The request hash was joined into a single string of all key-value pairs, alphabetically sorted and concatenated without separators.
If the request body is null, then the signature must be calculated without the request body.
Example
hash = { "order": "xyz", "amount": 400 }
RequestBody = hash.sort.join
# amount400orderxyz
