Getting started API

Software-Developement-Kit (SDK)

At the moment there is only one SDK available:

  • PHP SDK

The corresponding examples you can find in the Github Repository as well.

Troubles integrating our API in your programming language?

No problem. Please contact our support team at https://okepay.biz/support

Request

The payload data has to be RFC 3986 (http://www.ietf.org/rfc/rfc3986.txt) url encoded and spaces will be percent encoded "%20".

The basic URL to our API is: https://api.okepay.info/v1.0/:object/:id?instance=:instance$

Parameter Value
object AuthToken | Invoice | Page | Subscription
id Only used for request types GET, PUT and DELETE where only one entity gets modified.
instance The OkePay instance name.
If you access your OkePay payment page with example.okepay.info, the name would be example

Authentication - API signature

Is this important for you?

This part of the documentation is only important if you are not using an SDK.

The API signature is a HMAC (RFC 2104).

For security reasons we want you to pass an API signature calculated with the API Secret of your instance. The parameter name of this API signature should be ApiSignature. You can calculate the signature using all params except the param instance.

  • Build query string (e.g. model=Page&id=17)
  • Calculate binary hmac hash using your instance's API Secret as key
  • Encode it with base64
PHPPythonCBash
base64_encode(hash_hmac('sha256', http_build_query($params, null, '&'), $apiSecret, true));
import urllib.request
import hmac
import hashlib
import base64

post_data = {}

httpQueryString = urllib.parse.urlencode(post_data).encode('UTF-8')

apiSignature = hmac.new(b'API-SECRET', msg=httpQueryString, digestmod=hashlib.sha256).digest()
# head
using System.Text;
using System.Security.Cryptography;

# function
string key = "API-SECRET";
string message = "";

byte[] keyByte = new UTF8Encoding().GetBytes(key);
byte[] messageBytes = new UTF8Encoding().GetBytes(message);
byte[] hashmessage = new HMACSHA256(keyByte).ComputeHash(messageBytes);

var signature = Convert.ToBase64String(hashmessage);
echo -n "HTTP-QUERY-STRING" | openssl dgst -sha256 -hmac "API-SECRET" -binary | openssl enc -base64

Encoding of HTTP-Query String

The query string has to be RFC 1738 encoded, that means you have to replace spaces by "+". You can probably use: http://linux.die.net/man/1/urlencode