API Documentation

1. Introduction

Welcome to the API documentation! This guide will help you understand how to securely interact with the API, including the necessary steps to authenticate and encrypt your requests, and detailed information about available endpoints.

Security Overview

This API uses a robust security protocol that requires each user to possess the following credentials:

• Signature Key: A unique key used to make signature.
• Crypt Key: A unique key used for request encryption.
• Token: Used for user authentication.

2. Security Protocol

Step-by-Step Guide

2.1 Required Keys

• Signature Key: Used for signature generation.
• Crypt Key: Used to encrypt the entire data object on the request.
• Token: Included in the request for authentication.

2.2 Data Validation

All endpoints strictly validate incoming data. Ensure your request matches the specified schema and includes no additional fields.

2.3 Reordering the Data Object

Prepare your data object and reorder its fields alphanumerically.

Input: { "name": "  Test", "age": 25 }
Ordered: { "age": 25, "name": "  Test" }
		

2.4 Generating the Signature

1. Concatenate the key-value pairs into a string.
2. Delete all extra space, and convert all the string into lowercase.
3. Append your Signature Key to the end of the string.
4. Generate an MD5 hash of the resulting string.
5. Add the signature to the data object.

Example using Signature Key : 5x12 .

Ordered: { "age": 25, "name": "  Test" }
Ordered Concatenate String: "age25nametest"
String with Signature Key: "age25nametestkey5x12"
Signature (MD5): "b50569c3cfce2bd77ea5b2ad03481f9c"

Result Object : { "age": 25, "name": "test", "signature": "b50569c3cfce2bd77ea5b2ad03481f9c" }
		

2.5 Encrypting the Data

Encrypt the final data object using the CryptoJS.AES.encrypt function, don't forget to add the Crypt Key as the key for the encryption.

data = { "age": 25, "name": "test", "signature": "b50569c3cfce2bd77ea5b2ad03481f9c" }
encryptedData = CryptoJS.AES.encrypt(JSON.stringify(data), Crypt_Key).toString();
		

2.6 Sending the Request

{
  "data": "encryptedData",
  "token": "token"
}

3. Endpoints Documentation

Use the following link to find the endpoints documentations, and to test your integration:

1. Test Security Protocol.
2. Generate Ticket.
3. Get Ticket.
4. Scan Ticket.
5. Transfer Ticket.