Introduction

Authorization

Authorization of the request occurs by generating and transmitting the JWS token of the request in the X-JWS-Signature header. JWS is the part of the JWT token that contains only header and signature.
Format of the transmitted data is application/json.

Example of signature formation

Request body

{
    "request_id": "828cf71d-a447-4a67-a149-c1df8bc197ca",
    "country": "KAZ",
    "currency": "KZT"
}

JWT token header

{
    "uri": "/v5/partner/wallet/add",
    "auth_id": "123456",
    "method": "POST",
    "params": "",
    "alg": "HS256"
}

The partner's key can be secret_key. In this case, the following JWT token can be generated:

eyJ1cmkiOiIvdjUvcGFydG5lci93YWxsZXQvYWRkIiwiYXV0aF9pZCI6IjEyMzQ1NiIsIm1ldGhvZCI6IlBPU1QiLCJwYXJhbXMiOiIiLCJhbGciOiJIUzI1NiJ9.eyJyZXF1ZXN0X2lkIjoiODI4Y2Y3MWQtYTQ0Ny00YTY3LWExNDktYzFkZjhiYzE5N2NhIiwiY291bnRyeSI6IktBWiIsImN1cnJlbmN5IjoiS1pUIn0.5xVbhml5y1Uw1TYQ_djwwefFz8y_CnX-ajzNvOBCcmE

This line is the signature of the request and must be passed in the request header parameter X-JWS-Signature.

eyJ1cmkiOiIvdjUvcGFydG5lci93YWxsZXQvYWRkIiwiYXV0aF9pZCI6IjEyMzQ1NiIsIm1ldGhvZCI6IlBPU1QiLCJwYXJhbXMiOiIiLCJhbGciOiJIUzI1NiJ9..5xVbhml5y1Uw1TYQ_djwwefFz8y_CnX-ajzNvOBCcmE

Supported HS256 signature encryption algorithm.

Authorization#

Example of signature formation#

Request body#

JWT token header#

Authorization

Example of signature formation

Request body

JWT token header