Signature Rules

<ol> <li>All request headers must include the <code>merchant</code> field.</li> <li>All interfaces containing a request body must include the <code>sign</code> (signature) field </li> <li>All interfaces returning JSON response data will provide encrypted results</li> </ol> <h5>Signature (<code>sign</code>) Field Calculation Method</h5> <p>Generate the signature by signing the JSON string of the request body with a private key (refer to the <code>RsaUtil.sign</code> method in ApiDemo)</p> <h5>Response Decryption Method</h5> <p>Decrypt the returned string using a private key to obtain the original JSON string (refer to the <code>RsaUtil.decryptPrivateKey</code> method in ApiDemo)<br /> Note: When <code>merchant</code> (merchant ID) field validation fails, the error result will be returned as unencrypted data (original JSON string)</p> <h5>Refer to the demo</h5> <p>[Click here to download.](<a href="https://drive.google.com/file/d/14FXkcCnyPf8vgcaPcIfbhzdOkHjpgKua/view">https://drive.google.com/file/d/14FXkcCnyPf8vgcaPcIfbhzdOkHjpgKua/view</a> &quot;Click here to download.&quot;)</p>