Important Notes

1. Timestamp Format

Must use milliseconds (13-digit Unix timestamp)

javascript

// ✅ Correct
const timestamp = Date.now().toString(); // "1737554400000"

// ❌ Wrong
const timestamp = Math.floor(Date.now() / 1000).toString(); // "1737554400" (seconds)

java

// ✅ Correct
long timestamp = System.currentTimeMillis();  // 1737554400000

// ❌ Wrong
long timestamp = System.currentTimeMillis() / 1000;  // 1737554400 (seconds)

python

# ✅ Correct
timestamp = str(int(time.time() * 1000))  # "1737554400000"

# ❌ Wrong
timestamp = str(int(time.time()))  # "1737554400" (seconds)

2. JSON Format

Must use compressed JSON (no spaces, no line breaks)

javascript

// ✅ Correct
{"merchantOrderId":"M_ORD_123","orderAmount":{"value":"0.1","currency":"USD"}}

// ❌ Wrong
{
  "merchantOrderId": "M_ORD_123",
  "orderAmount": {
    "value": "0.1",
    "currency": "USD"
  }
}

Why? The request body hash must be exactly the same on both client and server. Extra whitespace characters will cause signature mismatches.

3. Timestamp Tolerance

Requests are valid within ±5 minutes of server time
Ensure your server clock is synchronized (using NTP)

4. Signature Component Order

Signature components must strictly follow this order:

Timestamp
HTTP method (uppercase: GET, POST, PUT, DELETE)
Path (excluding query parameters)
Request body hash or query string hash (if applicable)

Components are separated by newline characters (\n), not spaces or other characters.

5. Character Encoding

All strings must use UTF-8 encoding
Base64 encoding uses standard character set (not URL-safe variant)

Signature Algorithm - Learn signature calculation details
Common Errors and Solutions - Check common error handling

Important Notes ​

1. Timestamp Format ​

2. JSON Format ​

3. Timestamp Tolerance ​

4. Signature Component Order ​

5. Character Encoding ​

Related Documentation ​