Header | Format | Example | Description |
---|---|---|---|
X-Date | UTC timestamp in ISO 8601 format | 2022-07-28T16:05:32.00Z with optional microseconds and Z | The date and time of the request |
X-Client-Key | 32 character string | 538A4B83FEC409ECE24CE373A883A432 “data” | The public ClientKey you obtained during onboarding |
Authorization | String | V1-HMAC-SHA256, Signature: Qj23jk3…(base64 encoded) | What your code will generate when making the request |
X-Merchant-ID | String | ”9bb8592c-cb99-48f7-907e-f97de930fc5c” | Identifies the merchant making the request |
Header | Format | Description | Example |
---|---|---|---|
X-date | UTC timestamp in ISO 8601 format | The date and time of the request | 2023-10-20T01:01:01.00Z (With optional microseconds and Z) |
X-client-key | 32 character string | Your Client Key | 538A4B83FEC409ECE24CE373A883A432 |
Authorization | String | The Signature value will be generated using the Private Key at run time, after the account object is encrypted | V1-HMAC-SHA256, Signature: Qj23jk3…(base64 encoded) |
accountEncrypted
key, and the value is the encrypted account object as described in the Real-Time Account Updater Encryption guide. Don’t send account details in plain text using the account
key.X-Merchant-ID
attribute in the header that sits underneath the API User. The relationship between API User and merchant is 1..n; an API User can have n merchants but a merchant will be associated with only one API User. Pagos uses this merchant ID to pull the applicable network-specific MIDs to send to the networks for account updates.
We’ll assign this unique merchant ID to you at the time of onboarding. If your business doesn’t operate as a platform, you’ll always use the same ID in the header of each call.