Skip to main content

Pre-Requisite: Authentication

Obtain Token

Pass-in Parameters

ParameterPossible Value / FormatSample Value
grant_typealways “client_credentials”client_credentials
client_idclient identifierclient_123456789
client_secretclient secretsecret_abcdefghijklmnop

Sample Request

curl --request POST \
--url https://api.reports.paynet.my/token \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data client_id=client_123456789 \
--data client_secret=secret_abcdefghijklmnop

Sample Response

{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 3600
}
info

The access token received from the authorization server will last for 1 hour. Once the token expires, you'll need to request a new token by repeating the same authentication process. (Subject to change)


Create Signature

Sample Code

import hmac
import hashlib
import time

def generate_x_signature(timestamp: str, secret_key: str) -> str:
# Convert the timestamp and secret key to bytes
timestamp_bytes = timestamp.encode('utf-8')
secret_key_bytes = secret_key.encode('utf-8')

# Generate the HMAC-SHA256 signature
signature = hmac.new(secret_key_bytes, timestamp_bytes, hashlib.sha256).hexdigest()
return signature

# Example usage
# Generate the current timestamp as a string

timestamp = str(int(time.time())) secret_key = "my_secret_key"
x_signature = generate_x_signature(timestamp, secret_key)
print("X-Timestamp:", timestamp)
print("X-Signature:", x_signature)