Guides
Start typing to search…

Authentication Version 2.0 (Recommended)

To ensure secure communication, every request sent by the Integrator must include two specific authentication headers. These headers verify your identity and ensure the integrity of the transaction data.

Prerequisites

Before beginning the integration, ensure you have the following credentials provided by Nayax:

  • Sign Key: A secret 16-character string (e.g., RbtdDsiVNjkAeRty).
  • Sign Key ID: Your unique identifier (e.g., 927).

Note: Your request body must contain the SparkTransactionId field.

Required Headers

Header NameValue Description
IntegratorIdYour pre-shared Sign Key ID.
TransactionSignatureA SHA-256 hash of the SparkTransactionId and the Sign Key.

Step-by-Step Construction

Step A: Prepare the Sign Key ID Header

Combine the static string "IntegratorId" with your ID.

  • Format: IntegratorId: {SignKeyID}
  • Example: IntegratorId: 927

Step B: Generate the Transaction Signature

  1. Concatenate Strings: Join the SparkTransactionId from your request body with your Sign Key, separated by a semicolon (;).

    • Format: SparkTransactionId;SignKey
    • Example String: 123456789123456789abcdefghijklmnopqr;RbtdDsiVNjkAeRty

  2. Hash the String: Perform a SHA-256 hash on the resulting string using UTF-8 encoding.

    • Resulting Hash: 1b7dd1c4010698824de66f13e1387efc28a4bba00b720d4be8cdb3b598b9603e

  3. Final Header:

    • Example: TransactionSignature: 1b7dd1c4010698824de66f13e1387efc28a4bba00b720d4be8cdb3b598b9603e

Request Example (cURL)

curl --location '[https://api.nayax.com/StartAuthentication](https://api.nayax.com/StartAuthentication)' \
--header 'IntegratorId: 927' \
--header 'TransactionSignature: 1b7dd1c4010698824de66f13e1387efc28a4bba00b720d4be8cdb3b598b9603e' \
--header 'Content-Type: application/json' \
--data '{
 "TokenId": 116383,
 "TerminalId": "0434334921100366",
 "TerminalIdType": 1,
 "Random": "123456789qwertyui",
 "Cipher": "X305dITNTAw2vHsxE+taVcn6UvgBC3fdI6QbqeABgHbo8CKsoZhqISJfslehCiA+L7XYrqvKFci7C6BNj/tr zBuNJwBEjgBzKhhgpJ5ggnw=",
 "SparkTransactionId": "123456789123456789abcdefghijklmnopqr"
}'

Technical Guidelines

  • Framework: Ensure you are using a modern, supported version of .NET (e.g., .NET 6, 7, or 8).
  • Encoding: All string-to-byte conversions for hashing must use UTF-8.
  • Hashing Algorithm: Use the standard System.Security.Cryptography.SHA256 class.

See Also

Transaction Flows

API Methods

Updated 1 day ago