GET /validatesignature

Allows the merchant to check if their API key and signing process are valid.

Example URLs:

Available via

HTTPS

Applicable SLA

LaterPay API

Parameters

salt (required)
Random string added for security, should be different on each request.
cp, hmac, ts (required)
Common Parameters

Response

/validatesignature returns a JSON response with (some of) the following keys:

status
'ok' if the request was handled correctly and signature is valid, or 'error' if some problem occurred.
message
If there was a problem, there may be an additional 'message' value explaining the problem.
is_valid
true if signature is valid and and no problems with merchant’s account were detected, otherwise false.

Example responses:

HTTP/1.1 200 OK
Content-Type: application/json

{
    "status"      : "ok",
    "is_valid"    : true
}

Signature is invalid (either API key or signing process is at fault):

HTTP/1.1 400 Bad Request
Content-Type: application/json

{
    "status"      : "error",
    "message"     : "Signature does not match.",
    "is_valid"    : false
}

Merchant account defined by cp parameter is disabled:

HTTP/1.1 403 Forbidden
Content-Type: application/json

{
    "status"      : "error",
    "message"     : "This account is disabled.",
    "is_valid"    : false
}

Merchant account defined by cp parameter does not exist:

HTTP/1.1 404 Not Found
Content-Type: application/json

{
    "status"      : "error",
    "is_valid"    : false
}