Pre-Requisite: Authentication
Obtain Token
Pass-in Parameters
| Position | Parameter | Possible Value / Format | Sample Value |
|---|---|---|---|
| header | Accept | always “application/json” | application/json |
| Content-Type | always “application/x-www-form-urlencoded” | application/x-www-form-urlencoded | |
| data | grant_type | always “client_credentials” | client_credentials |
| client_id | client identifier | client_123456789 | |
| client_secret | client secret | secret_abcdefghijklmnop |
Sample Request
curl --request POST \
--url https://api.reports.paynet.my/token \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data client_id=client_123456789 \
--data client_secret=secret_abcdefghijklmnop
Sample Response
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 3600
}
info
The access token received from the authorization server will last for 1 hour. Once the token expires, you'll need to request a new token by repeating the same authentication process. (Subject to change)
Create Signature
Sample code to generate signature based on timestamp and client secret
import hmac
import hashlib
import time
def generate_x_signature(timestamp: str, client_secret: str) -> str:
# Convert the timestamp and secret key to bytes
timestamp_bytes = timestamp.encode('utf-8')
client_secret_bytes = client_secret.encode('utf-8')
# Generate the HMAC-SHA256 signature
signature = hmac.new(client_secret_bytes, timestamp_bytes, hashlib.sha256).hexdigest()
return signature
# Example usage
# Generate the current timestamp as a string
timestamp = str(int(time.time()))
client_secret = "my_client_secret"
x_signature = generate_x_signature(timestamp, client_secret)
print("X-Timestamp:", timestamp)
print("X-Signature:", x_signature)