How do Maya implement Digital Signature on their APIs?
Maya implements a digital signature mechanism for API requests in the Biller API using the ‘paymaya-signature’ header. This signature is generated by:
- Taking the stringified request body.
- Computing a SHA256 hash of the body.
- Encoding the hash using Base64.
The signature is signed using a secret-key provided during onboarding. The Partner Biller must verify the incoming signature by recomputing it using the same method and comparing it with the received ‘paymaya-signature’ header. If they match, the request is authenticated and has not been tampered with.
Sample headers include:
Request-Reference-No: [RRN Value Here]
paymaya-signature: [Paymaya Signature]
Sample code for signature computation is available in NodeJS and Java on GitHub.
For Sandbox concerns and other technical implementation inquiries, please get in touch with us via:
- Sandbox Health Page: Check real-time service status updates.
- Maya Developer Hub Service Desk: File
a ticket in Sandbox.
To Know More:
We value your input and would love to hear your insights. Please submit you feedback here.