Security
MAC (Message Authentication Code), an algorithm that confirms that a given message comes from its sender and that the data in the message has not been altered.
Signature
Every request to Vita Business API must be signed using HMAC-SHA256 algorithm, and the signature's content included in the Autorización header as documented below. This header must have as a prefix the signature version and hash function used, which is currently V2-HMAC-SHA256.
Header | Type | Description |
x | String | ISO8601 Datetime with Timezone. For instance |
x | String | Business xLogin |
x | String | Business xTransKey |
| String | application/json |
| String | <auth version>, Signature: <hmac(secretKey, " |
Authorization header example
HAMC signatures generation examplesin the most popular programming languages.
In the integrations section of the merchant's Vita Wallet account, you can find a button to request access credentials for Vita Business. We will send an email with the instructions.
To use the services of Vita Business, you will need to register the IP addresses in the integration section. Once your tests are successful, you will need to contact us at ayuda@vitawallet.io to register your merchant's IP addresses in the production environment.
NOTE
The IP addresses in the production environment MUST be STATIC (they must not vary)
The request hash was joined into a single string of all key-value pairs, alphabetically sorted and concatenated without separators.
If the request body is null, then the signature must be calculated without the request body.
Example
hash = { "order": "xyz", "amount": 400 }
RequestBody = hash.sort.join
# amount400orderxyz
Última actualización
