Step-by-step guide

Our authentication relies on the principles outlined in the Signing HTTP Messages draft, which is part of the Web Payments initiative.

To initiate the authentication process for your implementation, begin with the first two steps.
These steps are a one-time requirement, as the keys generated can be used for all future calls to our APIs.

  1. Generate a pair of RSA keys
  2. Obtain the KeyId using the dedicated API

The following steps, on the other hand, should be performed with each request and are essential for the API to function correctly.
Additionally, in each step, we have included code samples for the most common implementations.

  1. Create the Digest of the body
  2. Create the Message to be signed
  3. Create the Signature
  4. Compose the authentication header

Once you've completed all the aforementioned steps, both the one-time ones and the per-request ones, you should be able to check your authentication by performing the test request.



Please check if any of the available libraries can be integrated in your system as this will simplify and speed up the Satispay integration process.


Old authentication

If you previously integrated Satispay using Security Bearer or Diffie Hellman Exchange methods, you can continue to use these older authentication solutions with the new APIs.